BlastPilot/netbird-gitops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

updated dry-run job

Browse Source
This commit is contained in:
Prox 2026-03-06 18:07:48 +02:00
parent 9a29a9cc0c
commit aa4aa32655
2 changed files with 35 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
.gitea/workflows/dry-run.yml
View File

@ -6,38 +6,17 @@ on:
- "state/*.json" - "state/*.json"
jobs: jobs:
detect: dry-run:
runs-on: ubuntu-latest runs-on: ubuntu-latest
outputs:
envs: ${{ steps.changed.outputs.envs }}
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
with: with:
fetch-depth: 0 fetch-depth: 0
- name: Detect changed environments - name: Dry-run reconcile for changed environments
id: changed
run: |
FILES=$(git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.sha }} -- 'state/*.json')
ENVS=$(python3 -c "
import os, json
files = '''$FILES'''.strip().split('\n')
envs = [os.path.basename(f).replace('.json','') for f in files if f.strip()]
print(json.dumps(envs))
")
echo "envs=$ENVS" >> "$GITHUB_OUTPUT"
echo "Changed environments: $ENVS"
dry-run:
needs: detect
runs-on: ubuntu-latest
if: needs.detect.outputs.envs != '[]'
steps:
- uses: actions/checkout@v4
- name: Run dry-run for each changed environment
env: env:
ENVS: ${{ needs.detect.outputs.envs }} BASE_SHA: ${{ github.event.pull_request.base.sha }}
HEAD_SHA: ${{ github.sha }}
TEST_RECONCILER_TOKEN: ${{ secrets.TEST_RECONCILER_TOKEN }} TEST_RECONCILER_TOKEN: ${{ secrets.TEST_RECONCILER_TOKEN }}
TEST_RECONCILER_URL: ${{ secrets.TEST_RECONCILER_URL }} TEST_RECONCILER_URL: ${{ secrets.TEST_RECONCILER_URL }}
DEV_RECONCILER_TOKEN: ${{ secrets.DEV_RECONCILER_TOKEN }} DEV_RECONCILER_TOKEN: ${{ secrets.DEV_RECONCILER_TOKEN }}
@ -50,9 +29,20 @@ jobs:
PR_NUMBER: ${{ github.event.pull_request.number }} PR_NUMBER: ${{ github.event.pull_request.number }}
run: | run: |
python3 <<'SCRIPT' python3 <<'SCRIPT'
import json, os, urllib.request import json, os, subprocess, urllib.request
envs = json.loads(os.environ["ENVS"]) # Detect changed state files
diff = subprocess.run(
["git", "diff", "--name-only", os.environ["BASE_SHA"], os.environ["HEAD_SHA"], "--", "state/*.json"],
capture_output=True, text=True, check=True,
)
envs = [os.path.basename(f).replace(".json", "") for f in diff.stdout.strip().split("\n") if f.strip()]
if not envs:
print("No state files changed")
exit(0)
print(f"Changed environments: {envs}")
for env in envs: for env in envs:
key = env.upper().replace("-", "_") key = env.upper().replace("-", "_")
@ -60,7 +50,7 @@ jobs:
url = os.environ.get(f"{key}_RECONCILER_URL", "") url = os.environ.get(f"{key}_RECONCILER_URL", "")
if not token or not url: if not token or not url:
print(f"No secrets for '{env}' — skipping") print(f"[{env}] No secrets configured — skipping")
continue continue
# Call reconciler dry-run # Call reconciler dry-run
@ -80,7 +70,7 @@ jobs:
resp = urllib.request.urlopen(req) resp = urllib.request.urlopen(req)
data = json.loads(resp.read()) data = json.loads(resp.read())
except Exception as e: except Exception as e:
print(f"Reconciler call failed for '{env}': {e}") print(f"[{env}] Reconciler call failed: {e}")
continue continue
# Format as markdown # Format as markdown

45
.gitea/workflows/reconcile.yml
View File

@ -8,38 +8,15 @@ on:
- "state/*.json" - "state/*.json"
jobs: jobs:
detect: reconcile:
runs-on: ubuntu-latest runs-on: ubuntu-latest
outputs:
envs: ${{ steps.changed.outputs.envs }}
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
with: with:
fetch-depth: 2 fetch-depth: 2
- name: Detect changed environments - name: Reconcile changed environments
id: changed
run: |
FILES=$(git diff --name-only HEAD~1 HEAD -- 'state/*.json')
ENVS=$(python3 -c "
import os, json
files = '''$FILES'''.strip().split('\n')
envs = [os.path.basename(f).replace('.json','') for f in files if f.strip()]
print(json.dumps(envs))
")
echo "envs=$ENVS" >> "$GITHUB_OUTPUT"
echo "Changed environments: $ENVS"
reconcile:
needs: detect
runs-on: ubuntu-latest
if: needs.detect.outputs.envs != '[]'
steps:
- uses: actions/checkout@v4
- name: Reconcile each changed environment
env: env:
ENVS: ${{ needs.detect.outputs.envs }}
TEST_RECONCILER_TOKEN: ${{ secrets.TEST_RECONCILER_TOKEN }} TEST_RECONCILER_TOKEN: ${{ secrets.TEST_RECONCILER_TOKEN }}
TEST_RECONCILER_URL: ${{ secrets.TEST_RECONCILER_URL }} TEST_RECONCILER_URL: ${{ secrets.TEST_RECONCILER_URL }}
DEV_RECONCILER_TOKEN: ${{ secrets.DEV_RECONCILER_TOKEN }} DEV_RECONCILER_TOKEN: ${{ secrets.DEV_RECONCILER_TOKEN }}
@ -48,9 +25,20 @@ jobs:
PROD_RECONCILER_URL: ${{ secrets.PROD_RECONCILER_URL }} PROD_RECONCILER_URL: ${{ secrets.PROD_RECONCILER_URL }}
run: | run: |
python3 <<'SCRIPT' python3 <<'SCRIPT'
import json, os, urllib.request, sys import json, os, subprocess, urllib.request, sys
envs = json.loads(os.environ["ENVS"]) # Detect changed state files
diff = subprocess.run(
["git", "diff", "--name-only", "HEAD~1", "HEAD", "--", "state/*.json"],
capture_output=True, text=True, check=True,
)
envs = [os.path.basename(f).replace(".json", "") for f in diff.stdout.strip().split("\n") if f.strip()]
if not envs:
print("No state files changed")
exit(0)
print(f"Changed environments: {envs}")
failed = [] failed = []
for env in envs: for env in envs:
@ -59,7 +47,7 @@ jobs:
url = os.environ.get(f"{key}_RECONCILER_URL", "") url = os.environ.get(f"{key}_RECONCILER_URL", "")
if not token or not url: if not token or not url:
print(f"No secrets for '{env}' — skipping") print(f"[{env}] No secrets configured — skipping")
continue continue
# Sync events first # Sync events first
@ -107,7 +95,6 @@ jobs:
f"{summary.get('updated',0)} updated, " f"{summary.get('updated',0)} updated, "
f"{summary.get('deleted',0)} deleted") f"{summary.get('deleted',0)} deleted")
# Log created keys (names only, not values)
keys = data.get("created_keys", {}) keys = data.get("created_keys", {})
if keys: if keys:
print(f"[{env}] Created setup keys: {list(keys.keys())}") print(f"[{env}] Created setup keys: {list(keys.keys())}")