update for PR branch #135
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: APPCD Diff check | |
| on: | |
| push: | |
| branches: | |
| - feature/move_to_action | |
| pull_request: | |
| branches: | |
| - main | |
| jobs: | |
| compare-artifacts: | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Main Branch | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: main | |
| path: main_branch | |
| fetch-depth: 1 | |
| - name: Generate IAC for main branch | |
| env: | |
| APPCD_TOKEN: ${{ secrets.APPCD_TOKEN }} | |
| APPCD_URL: ${{ secrets.APPCD_URL }} | |
| uses: appcd-dev/action@v0.0.1 | |
| with: | |
| cloud: 'aws' | |
| language: 'Python' | |
| outputDir: './.appcd/charts' | |
| scanPath: './main_branch' | |
| targetCompute: 'k8s' | |
| - name: Upload logs | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: analyzer_logs_1 | |
| path: artifact | |
| - name: Checkout PR Branch | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| path: pr_branch | |
| fetch-depth: 1 | |
| - name: Extract branch name | |
| id: extract_branch | |
| run: echo "branch=$(basename ${{ github.head_ref}})" >> $GITHUB_OUTPUT | |
| - name: echo branch name | |
| run: echo ${{ steps.extract_branch.outputs.branch }} | |
| - name: Generate IAC for PR branch | |
| env: | |
| APPCD_TOKEN: ${{ secrets.APPCD_TOKEN }} | |
| APPCD_URL: ${{ secrets.APPCD_URL }} | |
| uses: appcd-dev/action@v0.0.1 | |
| with: | |
| cloud: 'aws' | |
| language: 'Python' | |
| outputDir: './artifact/${{ steps.extract_branch.outputs.branch }}' | |
| scanPath: './pr_branch' | |
| targetCompute: 'k8s' | |
| - name: Upload logs | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: analyzer_logs_2 | |
| path: artifact | |
| - name: Generate diff between Main and PR branch | |
| run: | | |
| mkdir -p pr_branch/deployment_files | |
| mv ./artifact/main/.appcd/charts/helm/scan_*/* pr_branch/deployment_files/ | |
| cd pr_branch | |
| git config --local user.email "action@github.com" | |
| git config --local user.name "GitHub Action" | |
| git add deployment_files | |
| git commit -m "staging deployment files from main to compare them" | |
| rm -rf deploment_files | |
| cd .. | |
| mkdir -p pr_branch/deployment_files/ | |
| cp -R artifact/${{ steps.extract_branch.outputs.branch }}/.appcd/charts/helm/scan_*/* pr_branch/deployment_files/ | |
| cd pr_branch | |
| git add . | |
| git diff --staged --output=../diff.txt deployment_files/ | cat | |
| cat ../diff.txt | |
| - name: Comment PR with IaC Changes | |
| uses: actions/github-script@v6 | |
| with: | |
| github-token: ${{secrets.GITHUB_TOKEN}} | |
| script: | | |
| const fs = require('fs'); | |
| const diff = fs.readFileSync('diff.txt', 'utf-8'); | |
| const body = `### AppCD Diff:\n\`\`\`${diff}\`\`\``; | |
| await github.rest.issues.createComment({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| body: body | |
| }) | |
| - name: Trigger atlantis plan | |
| uses: actions/github-script@v6 | |
| with: | |
| github-token: ${{secrets.GITHUB_TOKEN}} | |
| script: | | |
| const fs = require('fs'); | |
| const body = `atlantis plan`; | |
| await github.rest.issues.createComment({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| body: body | |
| }) |