Pulumi GitHub App
Pulumi’s GitHub app integrates the results of Pulumi stack updates with GitHub. Once installed and configured, it will show you any potential infrastructure changes on Pull Requests and commit Checks. See below for information on how to install the Pulumi GitHub app into your organization.
The Pulumi GitHub app will automatically add comments to Pull Requests with the results of any stack changes. This includes a summary of how many resources were created, updated, and/or deleted. This allows you to quickly see the changes caused by your Pulumi program without needing to leave GitHub’s Pull Request view, with a link to the richer details available on the Pulumi Cloud Console.
Beyond Pull Request comments, the GitHub application also integrates with GitHub’s Checks API. This provides even more detail about any resource changes, including the full update log.
Installation and Configuration
Pulumi’s GitHub workflow integration is a GitHub application you can install by visiting github.com/apps/pulumi or clicking the button below.
The Pulumi GitHub application is installed into a specific GitHub organization, and you can configure it to only be used by certain repositories.
The Pulumi GitHub application does not have access to your source code. It will only report status on pushes / pull requests that happen for repositories it is configured to access. You can also uninstall the GitHub application at any time without impacting your stacks or other Pulumi-managed resources.
Once installed in your organization, any
pulumi preview or
pulumi update that is run in your CI
system will have its results reported back to GitHub.
Pulumi supports a wide array of CI/CD systems, and the Pulumi GitHub App should pick up your changes automatically. For instructions for specific CI services, see one of our existing guides:
If you are using a system we don’t support yet, please file an issue so we can add it.
By setting a few environment variables, you can ensure that any stack updates from your CI/CD environment will be associated with your GitHub Pull Request.
PULUMI_CI_SYSTEM. The name of whatever CI/CD system you are using. e.g. “Deploytron-9000”.
PULUMI_CI_PULL_REQUEST_SHA(optional). If your CI/CD system is deploying from a different git commit than the GitHub PR, such as the resulting merge commit, then set the
PULUMI_CI_PULL_REQUEST_SHAto the origional commit SHA, matching what is found on the Pull Request.
There are two places that Pulumi update results will be displayed: Pull Requests or commit Check.
All Pulumi stack updates are reported to the GitHub Checks API. You can see the results of each commit check by “Code” tab’s “Commits” page, and then clicking the ✅ or ❌ icon.
For Pull Requests, you can see the checks on the “Checks” tab as well.
Every stack that was impacted by the CI job is then listed in the left.
If the CI build originated from a pull request, e.g. the Travis CI job had type
then the results will be placed as a comment on the Pull Request as well.