https://pulumi.com logo
Powered by
#general
Title
# general
s

sticky-wolf-35263

07/07/2022, 4:52 PM
Hi all, this is about the Pulumi GitHub action — we’ve seen most of our workflows using this break overnight with the release of v3.18.0. Looks like the issue has been reported here a few hours ago, but I wanted to get this on the radar (and possibly ask if a rollback to v3.17.0 is possible until it’s fixed? we don’t have our workflows pegged to a specific minor version)
v

victorious-church-57397

07/07/2022, 5:26 PM
You should be able to specify the version of the action you're running. Not on laptop atm but I think it's with the @ character ie checkout@v2
s

sticky-wolf-35263

07/07/2022, 5:31 PM
We could specify 
@v3.17.0
in the meantime but this would require updating many workflow files, across many branches and repos, with PR review blocks between them; and would require us to do the same again after (to either upgrade to each next minor version, or back to 
@v3
to get the highest minor version under 3) So it’s a bit of a tossup between how long it’ll take for the root cause to be resolved, versus how long it would take us to get the workflows updated in the meantime
v

victorious-church-57397

07/07/2022, 5:33 PM
Yeah I mean I guess that's the risk you run when you don't pin things, the way we do it at my place is we run the commands within an action step with a pulumi version that's been tested locally and our environments so we're not reliant on a provider action. I know that doesn't help you too much but thought might be worth implementing that if you're going to change the files anyway
I can send some examples over when I'm on my laptop later on
s

sticky-wolf-35263

07/07/2022, 5:35 PM
So you’re wrapping the pulumi action in your own internal action? Or am I reading that wrong
v

victorious-church-57397

07/07/2022, 5:36 PM
We've got a step in our actions workflow that runs pulumi commands rather than using their action
And we install a version of pulumi in the action that's tested and known to work
So we use the configure aws credentials action then we assume a role for the env and run “pulumi up”
s

sticky-wolf-35263

07/07/2022, 5:38 PM
Ah ok. We’re doing that for policy packs already (supported natively in v3.18, rip) so we might need to either switch to the manual method for everything, or pin the minor version
v

victorious-church-57397

07/07/2022, 5:39 PM
Depends how you wanna move forward with it I reckon, if you're happy using their action and would prefer that I'd be more inclined to pin for now and then stay a version behind for a week or so and have some automation that bumps the versions across all the repos when it's been tested on an instance of every use case
Powered by