Change pulumi refresh to report diff relative to desired state instead of relative to only output changes
#10285
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SECURITY: This PR run on untrusted branches. | |
| # | |
| # Changes to "permissions" and "secrets" should be narrowly scoped and carefully reviewed. | |
| # | |
| # Reusable workflows, "uses" jobs, *must* specify the main branch. | |
| name: Community Pull Request | |
| on: | |
| pull_request_target: | |
| permissions: | |
| contents: read | |
| # Only required for the PR and changelog comment. | |
| pull-requests: write | |
| jobs: | |
| comment-on-pr: | |
| name: Maintainer comment | |
| # We only care about commenting on a PR if the PR is from a fork | |
| if: github.event.pull_request.head.repo.full_name != github.repository | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Comment PR | |
| uses: thollander/actions-comment-pull-request@1.0.1 | |
| with: | |
| message: | | |
| PR is now waiting for a maintainer to take action. | |
| **Note for the maintainer:** Commands available: | |
| * `/run-acceptance-tests` - used to test run the acceptance tests for the project | |
| * `/run-codegen` - used to test the Pull Request against downstream codegen | |
| * `/run-docs-gen` - used to test the Pull Request against documentation generation | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| changelog-comment: | |
| name: Changelog preview | |
| if: github.event.pull_request.head.repo.full_name != github.repository | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| uses: pulumi/pulumi/.github/workflows/on-pr-changelog.yml@master | |
| with: | |
| ref: refs/pull/${{ github.event.pull_request.number }}/merge | |
| base-ref: origin/${{ github.base_ref }} | |
| pr-number: ${{ github.event.pull_request.number }} | |
| changelog-required: ${{ !contains(github.event.pull_request.labels.*.name, 'impact/no-changelog-required') }} | |
| secrets: | |
| # Scope secrets to the minimum required: | |
| PULUMI_BOT_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} |