# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt

name: "Prerequisites"

on:
  workflow_call:
    inputs:
      is_pr:
        type: boolean
        required: true
      is_automated:
        type: boolean
        required: true
      default_branch:
        type: string
        required: true
    outputs:
      version:
        description: "Provider version being built"
        value: ${{ jobs.prerequisites.outputs.version }}

env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
  NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
  NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
  PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
  PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
  PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
  PULUMI_API: https://api.pulumi-staging.io
  PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
  PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
  PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
  PYPI_USERNAME: __token__
  SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
  SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
  SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
  TF_APPEND_USER_AGENT: pulumi

jobs:
  prerequisites:
    name: prerequisites
    runs-on: ubuntu-latest
    outputs:
      version: ${{ steps.provider-version.outputs.version }}
    steps:
    - name: Checkout Repo
      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      with:
        persist-credentials: false
    - uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
      id: provider-version
      with:
        major-version: 1
        set-env: 'PROVIDER_VERSION'
    - name: Cache examples generation
      uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4
      with:
        path: |
          .pulumi/examples-cache
        key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }}
    - name: Setup tools
      uses: ./.github/actions/setup-tools
      with:
        tools: go, pulumictl, pulumicli, schema-tools
    - name: Prepare local workspace before restoring previously built files
      run: make prepare_local_workspace
    - name: Generate schema
      run: make schema
    - name: Build provider binary
      run: make provider
    - name: Unit-test provider code
      run: make test_provider
    - name: Upload coverage reports to Codecov
      uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v5.4.0
      env:
        CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
    - if: inputs.is_pr
      name: Check Schema is Valid
      run: |
        EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
        {
          echo "SCHEMA_CHANGES<<$EOF";
          schema-tools compare -r github://api.github.com/pulumi -p xyz -o "${{ inputs.default_branch }}" -n --local-path=provider/cmd/pulumi-resource-xyz/schema.json;
          echo "$EOF";
        } >> "$GITHUB_ENV"
    - if: inputs.is_pr && inputs.is_automated == false && github.actor != 'dependabot[bot]'
      name: Comment on PR with Details of Schema Check
      uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1
      with:
        github-token: ${{ secrets.GITHUB_TOKEN }}
        comment-tag: schemaCheck
        message: >+
          ${{ env.SCHEMA_CHANGES }}


          Maintainer note: consult the [runbook](https://github.com/pulumi/platform-providers-team/blob/main/playbooks/tf-provider-updating.md) for dealing with any breaking changes.

    - name: Upload artifacts
      uses: ./.github/actions/upload-prerequisites