No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Hi all, this is about the <https://github.com/pulumi/actions|Pulumi GitHub action> — we’ve seen most of our workflows using this break overnight with the release of v3.18.0. Looks like the issue has been reported <https://github.com/pulumi/actions/issues/677|here> a few hours ago, but I wanted to get this on the radar (and possibly ask if a rollback to v3.17.0 is possible until it’s fixed? we don’t have our workflows pegged to a specific minor version)

You should be able to specify the version of the action you're running. Not on laptop atm but I think it's with the @ character ie checkout@v2

We could specify `@v3.17.0` in the meantime but this would require updating many workflow files, across many branches and repos, with PR review blocks between them; and would require us to do the same again after (to either upgrade to each next minor version, or back to `@v3` to get the highest minor version under 3)

So it’s a bit of a tossup between how long it’ll take for the root cause to be resolved, versus how long it would take us to get the workflows updated in the meantime

Yeah I mean I guess that's the risk you run when you don't pin things, the way we do it at my place is we run the commands within an action step with a pulumi version that's been tested locally and our environments so we're not reliant on a provider action. I know that doesn't help you too much but thought might be worth implementing that if you're going to change the files anyway 

I can send some examples over when I'm on my laptop later on

So you’re wrapping the pulumi action in your own internal action? Or am I reading that wrong

We've got a step in our actions workflow that runs pulumi commands rather than using their action 

And we install a version of pulumi in the action that's tested and known to work 

So we use the configure aws credentials action then we assume a role for the env and run “pulumi up” 

Ah ok. We’re doing that for policy packs already (supported natively in v3.18, rip) so we might need to either switch to the manual method for everything, or pin the minor version

Depends how you wanna move forward with it I reckon, if you're happy using their action and would prefer that I'd be more inclined to pin for now and then stay a version behind for a week or so and have some automation that bumps the versions across all the repos when it's been tested on an instance of every use case 