-
-
Notifications
You must be signed in to change notification settings - Fork 191
151 lines (134 loc) · 4.36 KB
/
flux-diff.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
---
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: "Flux Diff"
on:
pull_request:
branches: ["main"]
paths: ["kubernetes/**"]
concurrency:
group: ${{ github.workflow }}-${{ github.event.number || github.ref }}
cancel-in-progress: true
jobs:
changed-files:
name: Get Changed Files
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.changed-files.outputs.all_changed_and_modified_files }}
steps:
- name: Generate Token
uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: "${{ secrets.BOT_APP_ID }}"
private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}"
- name: Checkout
uses: actions/checkout@v4
with:
token: "${{ steps.app-token.outputs.token }}"
fetch-depth: 0
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v40
with:
files: kubernetes/**
dir_names: true
dir_names_max_depth: 2
json: true
quotepath: false
escape_json: false
- name: List all changed files
run: echo "${{ steps.changed-files.outputs.all_changed_and_modified_files }}"
flux-diff:
name: Flux Diff
runs-on: ubuntu-latest
needs: ["changed-files"]
permissions:
pull-requests: write
strategy:
matrix:
paths: ${{ fromJSON(needs.changed-files.outputs.matrix) }}
resources: ["helmrelease", "kustomization"]
max-parallel: 4
fail-fast: false
steps:
- name: Generate Token
uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: "${{ secrets.BOT_APP_ID }}"
private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}"
- name: Setup System Tools
shell: bash
run: sudo apt-get -qq update && sudo apt-get -qq install --no-install-recommends -y curl git
# - name: Setup Workflow Tools
# uses: jdx/rtx-action@v1
# with:
# install: true
# cache: true
# rtx_toml: |
# [tools]
# flux2 = "latest"
# - name: Diff Resources
# uses: allenporter/flux-local/action/[email protected]
# id: diff
# with:
# sources: home-kubernetes
# path: "${{ matrix.paths }}"
# resource: "${{ matrix.resources }}"
- name: Checkout Live Branch
uses: actions/checkout@v4
with:
token: "${{ steps.app-token.outputs.token }}"
ref: main
- name: Checkout PR branch
uses: actions/checkout@v4
with:
token: "${{ steps.app-token.outputs.token }}"
path: pr
- name: Diff Resources
uses: docker://ghcr.io/allenporter/flux-local:main
with:
entrypoint: /bin/sh
command: |
ls -la
- name: Diff Resources
uses: docker://ghcr.io/allenporter/flux-local:main
with:
args: >-
diff ${{ matrix.resources }}
--unified 6
--path-orig ${{ matrix.paths }}
--path pr/${{ matrix.paths }}
--strip-attrs "helm.sh/chart,checksum/config,app.kubernetes.io/version,chart"
--limit-bytes 10000
--all-namespaces
--sources "home-kubernetes"
--output-file diff.patch
- name: Generate Diff
id: diff
run: |
cat diff.patch
echo "diff<<EOF" >> $GITHUB_OUTPUT
cat diff.patch >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
- if: ${{ steps.diff.outputs.diff != '' }}
name: Add comment
uses: mshick/[email protected]
with:
repo-token: "${{ steps.app-token.outputs.token }}"
message-id: "${{ github.event.pull_request.number }}/${{ matrix.paths }}/${{ matrix.resources }}"
message-failure: Diff was not successful
message: |
```diff
${{ steps.diff.outputs.diff }}
```
# Summarize matrix https://github.community/t/status-check-for-a-matrix-jobs/127354/7
flux-diff-success:
if: ${{ always() }}
needs: ["flux-diff"]
name: Flux diff successful
runs-on: ubuntu-latest
steps:
- if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }}
name: Check matrix status
run: exit 1