Skip to content

Instantly share code, notes, and snippets.

@ryan-williams

ryan-williams/pulumi#1.md

Last active February 28, 2026 01:55
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save ryan-williams/082389f62110ad6a2bb339bbafc29b04 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save ryan-williams/082389f62110ad6a2bb339bbafc29b04 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
pulumi#1.md

Open-Athena/pulumi#1 Test stack, e2e workflow, and new commands for pulumi.yml

Summary

  • Adds a test Pulumi stack (test/) with lightweight free AWS resources (EC2 key pair, IAM role, CW log group)
  • Adds test.yml caller workflow for manual dispatch against the reusable workflow
  • Adds e2e.yml smoketest: init → preview → up → preview (nop) → destroy → preview (recreate) → stack-rm
  • New commands in pulumi.yml: init, destroy, stack-rm
  • New secrets-provider input for GCP KMS (or other) secrets encryption
  • PULUMI_CONFIG_PASSPHRASE as optional secret input (defaults to empty string for self-managed backends)
  • Run-ID based stack isolation for concurrent e2e runs
  • Fixed grep warning in dynamic fence logic

Test plan

  • E2E workflow passes: run 22510713005
  • PR comment renders with --patch diff output, project prefix, commit link
  • Job summary renders on the GHA run page

🤖 Generated with Claude Code

Raw
z3973497525-github-actions[bot].md

✅ pulumi-v1-test: pulumi preview (142d39b)

Output 
warning: using pulumi-language-python from $PATH at /usr/local/bin/pulumi-language-python
Previewing update (test):
warning: using pulumi-language-python from $PATH at /usr/local/bin/pulumi-language-python
+ pulumi:pulumi:Stack
+   [urn=urn:pulumi:test::pulumi-v1-test::pulumi:pulumi:Stack::pulumi-v1-test-test]
+    tls:index/privateKey:PrivateKey
+       [urn=urn:pulumi:test::pulumi-v1-test::tls:index/privateKey:PrivateKey::test-key]
+       [provider=urn:pulumi:test::pulumi-v1-test::pulumi:providers:tls::default_5_3_0::04da6b54-80e4-46f7-96ec-b56ff0331ba9]
+       algorithm: "ED25519"
+    aws:cloudwatch/logGroup:LogGroup
+       [urn=urn:pulumi:test::pulumi-v1-test::aws:cloudwatch/logGroup:LogGroup::test-log-group]
+       [provider=urn:pulumi:test::pulumi-v1-test::pulumi:providers:aws::default_7_20_0::04da6b54-80e4-46f7-96ec-b56ff0331ba9]
+       name           : "/pulumi-v1/test/test"
+       region         : "us-east-1"
+       retentionInDays: 1
+       skipDestroy    : false
+       tagsAll        : {}
+    aws:iam/role:Role
+       [urn=urn:pulumi:test::pulumi-v1-test::aws:iam/role:Role::test-role]
+       [provider=urn:pulumi:test::pulumi-v1-test::pulumi:providers:aws::default_7_20_0::04da6b54-80e4-46f7-96ec-b56ff0331ba9]
+       assumeRolePolicy   : {
+           Statement: [
+               [0]: {
+                   Action   : "sts:AssumeRole"
+                   Effect   : "Deny"
+                   Principal: {
+                       Service: "none.amazonaws.com"
+                   }
+               }
+           ]
+           Version  : "2012-10-17"
+       }
+       forceDetachPolicies: false
+       maxSessionDuration : 3600
+       name               : "pulumi-v1-test-test"
+       path               : "/"
+       tagsAll            : {}
+    aws:ec2/keyPair:KeyPair
+       [urn=urn:pulumi:test::pulumi-v1-test::aws:ec2/keyPair:KeyPair::test-key-pair]
+       [provider=urn:pulumi:test::pulumi-v1-test::pulumi:providers:aws::default_7_20_0::04da6b54-80e4-46f7-96ec-b56ff0331ba9]
+       keyName   : "pulumi-v1-test-test"
+       publicKey : [unknown]
+       region    : "us-east-1"
+       tagsAll   : {}
    --outputs:--
+   key_pair_name : "pulumi-v1-test-test"
+   log_group_name: "/pulumi-v1/test/test"
+   role_arn      : [unknown]
Resources:
    + 5 to create

Workflow logs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment