updated dry-run job

.gitea/workflows/dry-run.yml

@@ -6,38 +6,17 @@ on:
       - "state/*.json"
 
 jobs:
-  detect:
+  dry-run:
     runs-on: ubuntu-latest
-    outputs:
-      envs: ${{ steps.changed.outputs.envs }}
     steps:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
-      - name: Detect changed environments
+      - name: Dry-run reconcile for changed environments
-        id: changed
-        run: |
-          FILES=$(git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.sha }} -- 'state/*.json')
-          ENVS=$(python3 -c "
-          import os, json
-          files = '''$FILES'''.strip().split('\n')
-          envs = [os.path.basename(f).replace('.json','') for f in files if f.strip()]
-          print(json.dumps(envs))
-          ")
-          echo "envs=$ENVS" >> "$GITHUB_OUTPUT"
-          echo "Changed environments: $ENVS"
-
-  dry-run:
-    needs: detect
-    runs-on: ubuntu-latest
-    if: needs.detect.outputs.envs != '[]'
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Run dry-run for each changed environment
         env:
-          ENVS: ${{ needs.detect.outputs.envs }}
+          BASE_SHA: ${{ github.event.pull_request.base.sha }}
+          HEAD_SHA: ${{ github.sha }}
           TEST_RECONCILER_TOKEN: ${{ secrets.TEST_RECONCILER_TOKEN }}
           TEST_RECONCILER_URL: ${{ secrets.TEST_RECONCILER_URL }}
           DEV_RECONCILER_TOKEN: ${{ secrets.DEV_RECONCILER_TOKEN }}
@@ -50,9 +29,20 @@ jobs:
           PR_NUMBER: ${{ github.event.pull_request.number }}
         run: |
           python3 <<'SCRIPT'
-          import json, os, urllib.request
+          import json, os, subprocess, urllib.request
 
-          envs = json.loads(os.environ["ENVS"])
+          # Detect changed state files
+          diff = subprocess.run(
+              ["git", "diff", "--name-only", os.environ["BASE_SHA"], os.environ["HEAD_SHA"], "--", "state/*.json"],
+              capture_output=True, text=True, check=True,
+          )
+          envs = [os.path.basename(f).replace(".json", "") for f in diff.stdout.strip().split("\n") if f.strip()]
+
+          if not envs:
+              print("No state files changed")
+              exit(0)
+
+          print(f"Changed environments: {envs}")
 
           for env in envs:
               key = env.upper().replace("-", "_")
@@ -60,7 +50,7 @@ jobs:
               url = os.environ.get(f"{key}_RECONCILER_URL", "")
 
               if not token or not url:
-                  print(f"No secrets for '{env}' — skipping")
+                  print(f"[{env}] No secrets configured — skipping")
                   continue
 
               # Call reconciler dry-run
@@ -80,7 +70,7 @@ jobs:
                   resp = urllib.request.urlopen(req)
                   data = json.loads(resp.read())
               except Exception as e:
-                  print(f"Reconciler call failed for '{env}': {e}")
+                  print(f"[{env}] Reconciler call failed: {e}")
                   continue
 
               # Format as markdown

.gitea/workflows/reconcile.yml

@@ -8,38 +8,15 @@ on:
       - "state/*.json"
 
 jobs:
-  detect:
+  reconcile:
     runs-on: ubuntu-latest
-    outputs:
-      envs: ${{ steps.changed.outputs.envs }}
     steps:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 2
 
-      - name: Detect changed environments
+      - name: Reconcile changed environments
-        id: changed
-        run: |
-          FILES=$(git diff --name-only HEAD~1 HEAD -- 'state/*.json')
-          ENVS=$(python3 -c "
-          import os, json
-          files = '''$FILES'''.strip().split('\n')
-          envs = [os.path.basename(f).replace('.json','') for f in files if f.strip()]
-          print(json.dumps(envs))
-          ")
-          echo "envs=$ENVS" >> "$GITHUB_OUTPUT"
-          echo "Changed environments: $ENVS"
-
-  reconcile:
-    needs: detect
-    runs-on: ubuntu-latest
-    if: needs.detect.outputs.envs != '[]'
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Reconcile each changed environment
         env:
-          ENVS: ${{ needs.detect.outputs.envs }}
           TEST_RECONCILER_TOKEN: ${{ secrets.TEST_RECONCILER_TOKEN }}
           TEST_RECONCILER_URL: ${{ secrets.TEST_RECONCILER_URL }}
           DEV_RECONCILER_TOKEN: ${{ secrets.DEV_RECONCILER_TOKEN }}
@@ -48,9 +25,20 @@ jobs:
           PROD_RECONCILER_URL: ${{ secrets.PROD_RECONCILER_URL }}
         run: |
           python3 <<'SCRIPT'
-          import json, os, urllib.request, sys
+          import json, os, subprocess, urllib.request, sys
 
-          envs = json.loads(os.environ["ENVS"])
+          # Detect changed state files
+          diff = subprocess.run(
+              ["git", "diff", "--name-only", "HEAD~1", "HEAD", "--", "state/*.json"],
+              capture_output=True, text=True, check=True,
+          )
+          envs = [os.path.basename(f).replace(".json", "") for f in diff.stdout.strip().split("\n") if f.strip()]
+
+          if not envs:
+              print("No state files changed")
+              exit(0)
+
+          print(f"Changed environments: {envs}")
           failed = []
 
           for env in envs:
@@ -59,7 +47,7 @@ jobs:
               url = os.environ.get(f"{key}_RECONCILER_URL", "")
 
               if not token or not url:
-                  print(f"No secrets for '{env}' — skipping")
+                  print(f"[{env}] No secrets configured — skipping")
                   continue
 
               # Sync events first
@@ -107,7 +95,6 @@ jobs:
                     f"{summary.get('updated',0)} updated, "
                     f"{summary.get('deleted',0)} deleted")
 
-              # Log created keys (names only, not values)
               keys = data.get("created_keys", {})
               if keys:
                   print(f"[{env}] Created setup keys: {list(keys.keys())}")