☀ projected k8s-manifests-github from 5ddf548 #114
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'K8s: Prepare k8s-manifests Deploy PR' | |
| on: | |
| push: | |
| branches: [ releases/k8s-manifests ] | |
| env: | |
| BRANCH_RELEASE: releases/k8s-manifests | |
| BRANCH_DEPLOY: deploys/k8s-manifests | |
| jobs: | |
| k8s-prepare: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| with: | |
| ref: ${{ env.BRANCH_RELEASE }} | |
| - name: Configure .kube/config | |
| run: | | |
| test -e ~/.kube || mkdir ~/.kube | |
| echo "${{ secrets.KUBECONFIG_BASE64 }}" | base64 -d > ~/.kube/config | |
| - name: Install kubectl-neat-diff | |
| run: | | |
| sudo wget https://github.com/sh0rez/kubectl-neat-diff/releases/download/v0.1.0/kubectl-neat-diff-linux-amd64 -O /usr/local/bin/kubectl-neat-diff | |
| sudo chmod +x /usr/local/bin/kubectl-neat-diff | |
| echo "KUBECTL_EXTERNAL_DIFF=kubectl-neat-diff" >> $GITHUB_ENV | |
| - name: Generate diff | |
| run: | | |
| # Initialize output files | |
| echo -n '' > /tmp/kube.diff | |
| echo -n '' > /tmp/kube.err | |
| # Process each directory | |
| find . \ | |
| -maxdepth 1 \ | |
| -type d \ | |
| -not -name '.*' \ | |
| -print0 \ | |
| | sort -z \ | |
| | while IFS= read -r -d '' dir; do | |
| # Run kubectl diff: stdout to file, capture stderr in variable | |
| dir_errors=$(kubectl diff -Rf "$dir" 2>&1 1>>/tmp/kube.diff || true) | |
| # Filter out known warnings, exit status messages, and blank lines | |
| filtered_errors=$(echo "$dir_errors" | \ | |
| grep -v "Warning: Use tokens from the TokenRequest API" | \ | |
| grep -v "^Error: exit status [0-9]*$" | \ | |
| grep -v "^[[:space:]]*$" || true) | |
| # If there are meaningful errors, append with prefix | |
| if [ -n "$filtered_errors" ] && echo "$filtered_errors" | grep -q '[^[:space:]]' 2>/dev/null; then | |
| echo "=== Directory: $dir ===" >> /tmp/kube.err | |
| echo "$filtered_errors" >> /tmp/kube.err | |
| echo "" >> /tmp/kube.err | |
| fi | |
| done | |
| - name: Create/update pull request | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| ## build PR description body | |
| echo | |
| echo "Builing PR title+body content..." | |
| diff_size=$(wc -c /tmp/kube.diff | awk '{print $1}') | |
| pr_head_describe="$(git describe --always --tag)" | |
| pr_title="Deploy ${BRANCH_RELEASE} ${pr_head_describe}" | |
| pr_body="$(cat <<EOF | |
| \`kubectl diff\` reports that applying ${pr_head_describe} will change: | |
| \`\`\`diff | |
| $(if (( diff_size > 50000)); then echo 'diff too big; review locally'; else cat /tmp/kube.diff; fi) | |
| \`\`\` | |
| EOF | |
| )" | |
| # Conditionally append error output if it has meaningful content | |
| if [ -s /tmp/kube.err ]; then | |
| pr_body="${pr_body} | |
| ## Errors/Warnings | |
| \`\`\` | |
| $(cat /tmp/kube.err) | |
| \`\`\`" | |
| fi | |
| ## generate initial commit for base if needed | |
| if ! git ls-remote --exit-code --heads origin "${BRANCH_DEPLOY}"; then | |
| echo | |
| echo "Existing branch ${BRANCH_DEPLOY} not found, generating initial commit..." | |
| git fetch origin --unshallow | |
| _first_projected_commit=$(git rev-list --max-parents=0 --first-parent HEAD) | |
| git push origin "${_first_projected_commit}:refs/heads/${BRANCH_DEPLOY}" | |
| fi | |
| ## check for existing PR | |
| echo | |
| echo "Looking for existing open PR for branch ${BRANCH_RELEASE}..." | |
| _existing_pr_number=$( | |
| gh pr list \ | |
| --head "${BRANCH_RELEASE}" \ | |
| --base "${BRANCH_DEPLOY}" \ | |
| --state open \ | |
| --limit 1 \ | |
| --json number \ | |
| --jq '.[0].number' | |
| ) | |
| if [ -n "${_existing_pr_number}" ]; then | |
| echo | |
| echo "Found existing PR #${_existing_pr_number}, updating description..." | |
| pr_url=$( | |
| gh api "/repos/${GITHUB_REPOSITORY}/pulls/${_existing_pr_number}" \ | |
| --field title="${pr_title}" \ | |
| --field body="${pr_body}" \ | |
| --jq '.url' | |
| ) | |
| echo "Updated PR: ${pr_url}" | |
| else | |
| echo | |
| echo "Opening PR..." | |
| pr_url=$( | |
| gh pr create \ | |
| --base "${BRANCH_DEPLOY}" \ | |
| --head "${BRANCH_RELEASE}" \ | |
| --title "${pr_title}" \ | |
| --body "${pr_body}" | |
| ) | |
| pr_number="${pr_url##*/}" | |
| echo "Opened PR #${pr_number}" | |
| fi | |
| # - uses: mxschmitt/action-tmate@v3 | |
| # env: | |
| # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |