Skip to content
APPCD Diff check

Feature/updated gh action #118

Sign in to view logs

Feature/updated gh action

Feature/updated gh action #118

Workflow file for this run

.github/workflows/appcd-iac-pr-diff.yml at 439ef57
name: APPCD Diff check
on:
pull_request:
branches:
- main
jobs:
compare-artifacts:
permissions:
contents: write
pull-requests: write
runs-on: ubuntu-latest
steps:
- name: Checkout Main Branch
uses: actions/checkout@v4
with:
ref: main
path: main_branch
fetch-depth: 1
- name: Generate IaC from Main Branch
env:
APPCD_TOKEN: ${{ secrets.APPCD_TOKEN }}
APPCD_URL: ${{ secrets.APPCD_URL }}
run: |
mkdir -p artifact/main/ ./tmp
docker run --rm \
--workdir=/app/scan \
-e APPCD_TOKEN=$APPCD_TOKEN \
-e APPCD_URL=$APPCD_URL \
-v ./main_branch:/app/scan \
-v ./artifact/tmp:/tmp \
-v ./artifact/main:/artifact/main \
--entrypoint=appcd \
ghcr.io/appcd-dev/appcd-dist/appcd-cli:v0.9.1 \
generate --mode ci --lang Python --log 2 --output=/artifact/main/.appcd/charts --iac-type Helm
cd artifact/main/.appcd/charts
ls -latr
unzip scan.zip && rm scan.zip
- name: Upload logs
uses: actions/upload-artifact@v2
with:
name: analyzer_logs_1
path: artifact
- name: Checkout PR Branch
uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
path: pr_branch
fetch-depth: 1
- name: Extract branch name
id: extract_branch
run: echo "branch=$(basename ${{ github.head_ref}})" >> $GITHUB_OUTPUT
- name: echo branch name
run: echo ${{ steps.extract_branch.outputs.branch }}
- name: Generate IaC from PR branch
env:
APPCD_TOKEN: ${{ secrets.APPCD_TOKEN }}
APPCD_URL: ${{ secrets.APPCD_URL }}
run: |
mkdir -p artifact/${{ steps.extract_branch.outputs.branch }}/ ./tmp
docker run --rm \
--workdir=/app/scan \
-v ./pr_branch/:/app/scan \
-v ./artifact/${{ steps.extract_branch.outputs.branch }}:/artifact/${{ steps.extract_branch.outputs.branch }} \
-v ./artifact/tmp:/tmp \
-e APPCD_TOKEN=$APPCD_TOKEN \
-e APPCD_URL=$APPCD_URL \
--entrypoint=appcd \
ghcr.io/appcd-dev/appcd-dist/appcd-cli:v0.9.1 \
generate --mode ci --lang Python --log 2 --iac-type Helm --output=/artifact/${{ steps.extract_branch.outputs.branch }}/.appcd/charts
cd artifact/${{ steps.extract_branch.outputs.branch }}/.appcd/charts
unzip scan.zip && rm scan.zip
- name: Upload logs
uses: actions/upload-artifact@v2
with:
name: analyzer_logs_2
path: artifact
- name: Copy infrastructure files if empty
run: |
cd pr_branch
mkdir -p infrastructure
if [ -z "$(ls -A infrastructure/)" ]; then
cp -r .appcd/infrastructure/app/rds/ infrastructure/
git config --local user.email "action@github.com"
git config --local user.name "GitHub Action"
git add infrastructure/
git commit -m "Adds IaC dependency files"
git push
fi
- name: Generate diff between Main and PR branch
run: |
mkdir -p pr_branch/deployment_files
mv ./artifact/main/.appcd pr_branch/deployment_files/
cd pr_branch
git config --local user.email "action@github.com"
git config --local user.name "GitHub Action"
git add deployment_files
git commit -m "staging deployment files from main to compare them"
rm -rf deploment_files/*
rm -rf deployment_files/.appcd
cd ..
mv artifact/${{ steps.extract_branch.outputs.branch }}/.appcd pr_branch/deployment_files/
cd pr_branch
git add deployment_files/
git diff --output=../diff.txt deployment_files/ | cat
cat ../diff.txt
- name: Comment PR with IaC Changes
uses: actions/github-script@v6
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
const fs = require('fs');
const diff = fs.readFileSync('diff.txt', 'utf-8');
const body = `### AppCD Diff:\n\`\`\`${diff}\`\`\``;
await github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
})
- name: Trigger atlantis plan
uses: actions/github-script@v6
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
const fs = require('fs');
const body = `atlantis plan`;
await github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
})