Giter Club home page Giter Club logo

actions's Introduction

Pulumi GitHub Actions

Pulumi's GitHub Actions deploy apps and infrastructure to your cloud of choice, using just your favorite language and GitHub. This includes previewing, validating, and collaborating on proposed deployments in the context of Pull Requests, and triggering deployments or promotions between different environments by merging or directly committing code.

Note: This repository contains samples and additional documentation for using Pulumi's Github Actions Docker container. If you're looking for the code that builds that container, you'll find it here.

Getting Started

To get started with Pulumi's GitHub Actions, check out our documentation.

Demos and Examples

To see some examples of this in action, see the following links:

Cloud Providers

Below are some quick tips on using Pulumi's GitHub Actions support with your cloud provider. This typically entails configuring a service principal for unattended access, storing the resulting credentials using GitHub Secrets, and consuming them using the secrets attribute on your workflow's action.

If your cloud of choice isn't listed, that doesn't necessarily mean Pulumi doesn't support it; please see Pulumi's QuickStart page for more complete documentation.

Amazon Web Services (AWS)

For AWS, you'll need to create or use or use an existing IAM user for your action. Please see the Pulumi documentation page for pointers to the relevant AWS documentation for doing this.

As soon as you have an AWS user in hand, you'll set the environment variables AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY using GitHub Secrets, and then consume them in your action:

name: Pulumi
on:
  push:
    branches:
      - master
jobs:
  up:
    name: Update
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v1
      - uses: docker://pulumi/actions
        with:
          args: up
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
          PULUMI_CI: up

Failure to configure this correctly will lead to an error message.

Microsoft Azure

For Azure, you'll need to create or use an existing Azure Service Principal for your action. Please see the Pulumi documentation page for pointers to the relevant Azure documentation for doing this.

As soon as you have a service principal in hand, you'll set the environment variables ARM_SUBSCRIPTION_ID, ARM_CLIENT_ID, ARM_CLIENT_SECRET, and ARM_TENANT_ID using GitHub Secrets, and consume them in your action:

name: Pulumi
on:
  push:
    branches:
      - master
jobs:
  up:
    name: Update
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v1
      - uses: docker://pulumi/actions
        with:
          args: up
        env:
          ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
          ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
          ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
          ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
          PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
          PULUMI_CI: up

Failure to configure this correctly will lead to the error message Error building AzureRM Client: Azure CLI Authorization Profile was not found. Please ensure the Azure CLI is installed and then log-in with 'az login'.

Google Cloud Platform

For GCP, you'll need to create or use or use an existing service account key. Please see the Pulumi documentation page for pointers to the relevant GCP documentation for doing this.

As soon as you have credentials in hand, you'll set the environment variable GOOGLE_CREDENTIALS to contain the credentials JSON using GitHub Secrets, and then consume it in your action:

name: Pulumi
on:
  push:
    branches:
      - master
jobs:
  up:
    name: Update
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v1
      - uses: docker://pulumi/actions
        with:
          args: up
        env:
          GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}
          PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
          PULUMI_CI: up

Failure to configure this correctly will lead to an error message.

actions's People

Contributors

chrsmith avatar cnunciato avatar iagomelanias avatar joeduffy avatar pgavlin avatar sullis avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.