Pull testdata and schemas, regenerate, opt-out broken tests

Gets the latest testdata with `make get_testdata`,
updates `get_schemas.sh` with schemas referenced by these tests,
and runs codegen to regenerate all cases.

Broken tests were opted out, with the following issues created for them.

- #476
- #477
- #478
- #479
- #480

pkg/pulumiyaml/codegen/gen_program_test.go

@@ -164,17 +164,34 @@ func TestGenerateProgram(t *testing.T) {
 				// https://github.com/pulumi/pulumi-yaml/issues/229
 			case "azure-sa":
 				// Reason: has dependencies between config variables
-			case "aws-eks", "aws-s3-folder":
+			case "aws-eks", "aws-s3-folder", "simple-splat":
 				// Reason: missing splat
 				//
 				// Note: aws-s3-folder errors with
 				// 14,27-52: the asset parameter must be a string literal; the asset parameter must be a string literal
 				// But the actual error is that it is using a Splat operator.
-			case "python-resource-names":
+			case "components":
+				// https://github.com/pulumi/pulumi-yaml/issues/476
+			case "logical-name":
+				// https://github.com/pulumi/pulumi-yaml/issues/477
+			case "unknown-resource":
+				// https://github.com/pulumi/pulumi-yaml/issues/478
+			case "optional-complex-config":
+				// https://github.com/pulumi/pulumi-yaml/issues/479
+			case "interpolated-string-keys":
+				// https://github.com/pulumi/pulumi-yaml/issues/480
+			case "functions", "throw-not-implemented", "single-or-none":
+				// Pulumi YAML does not functions:
+				// secret or unsecret, notImplemented, singleOrNone.
+			case "python-resource-names", "python-reserved", "snowflake-python-12998":
 				// Reason: A python only test.
-			case "simple-range":
+			case "simple-range", "entries-function",
+				"iterating-optional-range-expressions",
+				"invoke-inside-conditional-range":
 				// Pulumi YAML does not support ranges
-			case "read-file-func", "python-regress-10914":
+			case "dynamic-entries":
+				// Pulumi YAML does not support for loops.
+			case "read-file-func", "python-regress-10914", "unknown-invoke":
 				tt.SkipCompile = codegen.NewStringSet("yaml")
 				l = append(l, tt)
 			case "traverse-union-repro":

pkg/pulumiyaml/testing/test/testdata/aws-fargate-output-versioned-pp/aws-fargate-output-versioned.pp

@@ -0,0 +1,108 @@
+// Read the default VPC and public subnets, which we will use.
+vpc = invoke("aws:ec2:getVpc", {
+	default = true
+})
+subnets = invoke("aws:ec2:getSubnetIds", {
+	vpcId = vpc.id
+})
+
+// Create a security group that permits HTTP ingress and unrestricted egress.
+resource webSecurityGroup "aws:ec2:SecurityGroup" {
+	vpcId = vpc.id
+	egress = [{
+		protocol = "-1"
+		fromPort = 0
+		toPort = 0
+		cidrBlocks = ["0.0.0.0/0"]
+	}]
+	ingress = [{
+		protocol = "tcp"
+		fromPort = 80
+		toPort = 80
+		cidrBlocks = ["0.0.0.0/0"]
+	}]
+}
+
+// Create an ECS cluster to run a container-based service.
+resource cluster "aws:ecs:Cluster" {}
+
+// Create an IAM role that can be used by our service's task.
+resource taskExecRole "aws:iam:Role" {
+	assumeRolePolicy = toJSON({
+		Version = "2008-10-17"
+		Statement = [{
+			Sid = ""
+			Effect = "Allow"
+			Principal = {
+				Service = "ecs-tasks.amazonaws.com"
+			}
+			Action = "sts:AssumeRole"
+		}]
+	})
+}
+resource taskExecRolePolicyAttachment "aws:iam:RolePolicyAttachment" {
+	role = taskExecRole.name
+	policyArn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
+}
+
+// Create a load balancer to listen for HTTP traffic on port 80.
+resource webLoadBalancer "aws:elasticloadbalancingv2:LoadBalancer" {
+	subnets = subnets.ids
+	securityGroups = [webSecurityGroup.id]
+}
+resource webTargetGroup "aws:elasticloadbalancingv2:TargetGroup" {
+	port = 80
+	protocol = "HTTP"
+	targetType = "ip"
+	vpcId = vpc.id
+}
+resource webListener "aws:elasticloadbalancingv2:Listener" {
+	loadBalancerArn = webLoadBalancer.arn
+	port = 80
+	defaultActions = [{
+		type = "forward"
+		targetGroupArn = webTargetGroup.arn
+	}]
+}
+
+// Spin up a load balanced service running NGINX
+resource appTask "aws:ecs:TaskDefinition" {
+	family = "fargate-task-definition"
+	cpu = "256"
+	memory = "512"
+	networkMode = "awsvpc"
+	requiresCompatibilities = ["FARGATE"]
+	executionRoleArn = taskExecRole.arn
+	containerDefinitions = toJSON([{
+		name = "my-app"
+		image = "nginx"
+		portMappings = [{
+			containerPort = 80
+			hostPort = 80
+			protocol = "tcp"
+		}]
+	}])
+}
+resource appService "aws:ecs:Service" {
+	cluster = cluster.arn
+	desiredCount = 5
+	launchType = "FARGATE"
+	taskDefinition = appTask.arn
+	networkConfiguration = {
+		assignPublicIp = true
+		subnets = subnets.ids
+		securityGroups = [webSecurityGroup.id]
+	}
+	loadBalancers = [{
+		targetGroupArn = webTargetGroup.arn
+		containerName = "my-app"
+		containerPort = 80
+	}]
+
+	options {
+		dependsOn = [webListener]
+	}
+}
+
+// Export the resulting web address.
+output url { value = webLoadBalancer.dnsName }

pkg/pulumiyaml/testing/test/testdata/aws-fargate-output-versioned-pp/yaml/aws-fargate-output-versioned.yaml

@@ -0,0 +1,114 @@
+resources:
+  # Create a security group that permits HTTP ingress and unrestricted egress.
+  webSecurityGroup:
+    type: aws:ec2:SecurityGroup
+    properties:
+      vpcId: ${vpc.id}
+      egress:
+        - protocol: '-1'
+          fromPort: 0
+          toPort: 0
+          cidrBlocks:
+            - 0.0.0.0/0
+      ingress:
+        - protocol: tcp
+          fromPort: 80
+          toPort: 80
+          cidrBlocks:
+            - 0.0.0.0/0
+  # Create an ECS cluster to run a container-based service.
+  cluster:
+    type: aws:ecs:Cluster
+  # Create an IAM role that can be used by our service's task.
+  taskExecRole:
+    type: aws:iam:Role
+    properties:
+      assumeRolePolicy:
+        fn::toJSON:
+          Version: 2008-10-17
+          Statement:
+            - Sid:
+              Effect: Allow
+              Principal:
+                Service: ecs-tasks.amazonaws.com
+              Action: sts:AssumeRole
+  taskExecRolePolicyAttachment:
+    type: aws:iam:RolePolicyAttachment
+    properties:
+      role: ${taskExecRole.name}
+      policyArn: arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy
+  # Create a load balancer to listen for HTTP traffic on port 80.
+  webLoadBalancer:
+    type: aws:elasticloadbalancingv2:LoadBalancer
+    properties:
+      subnets: ${subnets.ids}
+      securityGroups:
+        - ${webSecurityGroup.id}
+  webTargetGroup:
+    type: aws:elasticloadbalancingv2:TargetGroup
+    properties:
+      port: 80
+      protocol: HTTP
+      targetType: ip
+      vpcId: ${vpc.id}
+  webListener:
+    type: aws:elasticloadbalancingv2:Listener
+    properties:
+      loadBalancerArn: ${webLoadBalancer.arn}
+      port: 80
+      defaultActions:
+        - type: forward
+          targetGroupArn: ${webTargetGroup.arn}
+  # Spin up a load balanced service running NGINX
+  appTask:
+    type: aws:ecs:TaskDefinition
+    properties:
+      family: fargate-task-definition
+      cpu: '256'
+      memory: '512'
+      networkMode: awsvpc
+      requiresCompatibilities:
+        - FARGATE
+      executionRoleArn: ${taskExecRole.arn}
+      containerDefinitions:
+        fn::toJSON:
+          - name: my-app
+            image: nginx
+            portMappings:
+              - containerPort: 80
+                hostPort: 80
+                protocol: tcp
+  appService:
+    type: aws:ecs:Service
+    properties:
+      cluster: ${cluster.arn}
+      desiredCount: 5
+      launchType: FARGATE
+      taskDefinition: ${appTask.arn}
+      networkConfiguration:
+        assignPublicIp: true
+        subnets: ${subnets.ids}
+        securityGroups:
+          - ${webSecurityGroup.id}
+      loadBalancers:
+        - targetGroupArn: ${webTargetGroup.arn}
+          containerName: my-app
+          containerPort: 80
+    options:
+      dependson:
+        - ${webListener}
+variables:
+  # Read the default VPC and public subnets, which we will use.
+  vpc:
+    fn::invoke:
+      Function: aws:ec2:getVpc
+      Arguments:
+        default: true
+  subnets:
+    fn::invoke:
+      Function: aws:ec2:getSubnetIds
+      Arguments:
+        vpcId: ${vpc.id}
+outputs:
+  # Export the resulting web address.
+  url: ${webLoadBalancer.dnsName}

pkg/pulumiyaml/testing/test/testdata/azure-sa-pp/azure-sa.pp

@@ -1,7 +1,9 @@
 config storageAccountNameParam string {
+    description = "The name of the storage account"
 }
 
 config resourceGroupNameParam string {
+    description = "The name of the resource group"
 }
 
 resourceGroupVar = invoke("azure:core/getResourceGroup:getResourceGroup", {

pkg/pulumiyaml/testing/test/testdata/components-pp/another-component/main.pp

@@ -0,0 +1,4 @@
+resource firstPassword "random:index/randomPassword:RandomPassword" {
+  length = 16
+  special = true
+}

pkg/pulumiyaml/testing/test/testdata/components-pp/components.pp

@@ -0,0 +1,33 @@
+component simpleComponent "./simpleComponent" {}
+
+component anotherComponent "./another-component" {}
+
+component exampleComponent "./exampleComponent" {
+    input = "doggo"
+    ipAddress = [127, 0, 0, 1]
+    cidrBlocks = {
+        "one" = "uno"
+        "two" = "dos"
+    }
+    githubApp = {
+        id = "example id"
+        keyBase64 = "base64 encoded key"
+        webhookSecret = "very important secret"
+    }
+    servers = [
+        { name = "First" },
+        { name = "Second" }
+    ]
+    deploymentZones = {
+        "first" = {
+            zone = "First zone"
+        }, 
+        "second" = {
+            zone = "Second zone"
+        }
+    }
+}
+
+output result {
+    value = exampleComponent.result
+}

pkg/pulumiyaml/testing/test/testdata/components-pp/exampleComponent/main.pp

@@ -0,0 +1,58 @@
+config input string {
+    description = "A simple input"
+}
+
+config cidrBlocks "map(string)" {
+    description = "The main CIDR blocks for the VPC\nIt is a map of strings"
+}
+
+config "githubApp" "object({id=string, keyBase64=string,webhookSecret=string})" {
+  description = "GitHub app parameters, see your github app. Ensure the key is the base64-encoded `.pem` file (the output of `base64 app.private-key.pem`, not the content of `private-key.pem`)."
+  nullable = true
+}
+
+config "servers" "list(object({name=string}))" {
+  description = "A list of servers"
+  nullable = true
+}
+
+config "deploymentZones" "map(object({ zone = string }))" {
+  description = "A map between for zones"
+  nullable = true
+}
+
+config ipAddress "list(int)" { }
+
+resource password "random:index/randomPassword:RandomPassword" {
+  length = 16
+  special = true
+  overrideSpecial = input
+}
+
+resource githubPassword "random:index/randomPassword:RandomPassword" {
+  length = 16
+  special = true
+  overrideSpecial = githubApp.webhookSecret
+}
+
+# Example of iterating a list of objects
+resource serverPasswords "random:index/randomPassword:RandomPassword" {
+   options { range = length(servers) }
+   length = 16
+   special = true
+   overrideSpecial = servers[range.value].name
+}
+
+# Example of iterating a map of objects
+resource zonePasswords "random:index/randomPassword:RandomPassword" {
+   options { range = deploymentZones }
+   length = 16
+   special = true
+   overrideSpecial = range.value.zone
+}
+
+component simpleComponent "../simpleComponent" {}
+
+output result {
+    value = password.result
+}

pkg/pulumiyaml/testing/test/testdata/components-pp/simpleComponent/main.pp

@@ -0,0 +1,9 @@
+resource firstPassword "random:index/randomPassword:RandomPassword" {
+  length = 16
+  special = true
+}
+
+resource secondPassword "random:index/randomPassword:RandomPassword" {
+  length = 16
+  special = true
+}