updated dry-run job

2026-03-06 18:07:48 +02:00 · 2026-03-06 18:07:48 +02:00 · aa4aa32655
commit aa4aa32655
parent 9a29a9cc0c
2 changed files with 35 additions and 58 deletions
--- a/.gitea/workflows/dry-run.yml
+++ b/.gitea/workflows/dry-run.yml
@ -6,38 +6,17 @@ on:
      - "state/*.json"

 jobs:
-  detect:
+  dry-run:
    runs-on: ubuntu-latest
-    outputs:
-      envs: ${{ steps.changed.outputs.envs }}
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0

-      - name: Detect changed environments
-        id: changed
-        run: |
-          FILES=$(git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.sha }} -- 'state/*.json')
-          ENVS=$(python3 -c "
-          import os, json
-          files = '''$FILES'''.strip().split('\n')
-          envs = [os.path.basename(f).replace('.json','') for f in files if f.strip()]
-          print(json.dumps(envs))
-          ")
-          echo "envs=$ENVS" >> "$GITHUB_OUTPUT"
-          echo "Changed environments: $ENVS"
-
-  dry-run:
-    needs: detect
-    runs-on: ubuntu-latest
-    if: needs.detect.outputs.envs != '[]'
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Run dry-run for each changed environment
+      - name: Dry-run reconcile for changed environments
        env:
-          ENVS: ${{ needs.detect.outputs.envs }}
+          BASE_SHA: ${{ github.event.pull_request.base.sha }}
+          HEAD_SHA: ${{ github.sha }}
          TEST_RECONCILER_TOKEN: ${{ secrets.TEST_RECONCILER_TOKEN }}
          TEST_RECONCILER_URL: ${{ secrets.TEST_RECONCILER_URL }}
          DEV_RECONCILER_TOKEN: ${{ secrets.DEV_RECONCILER_TOKEN }}
@ -50,9 +29,20 @@ jobs:
          PR_NUMBER: ${{ github.event.pull_request.number }}
        run: |
          python3 <<'SCRIPT'
-          import json, os, urllib.request
+          import json, os, subprocess, urllib.request

-          envs = json.loads(os.environ["ENVS"])
+          # Detect changed state files
+          diff = subprocess.run(
+              ["git", "diff", "--name-only", os.environ["BASE_SHA"], os.environ["HEAD_SHA"], "--", "state/*.json"],
+              capture_output=True, text=True, check=True,
+          )
+          envs = [os.path.basename(f).replace(".json", "") for f in diff.stdout.strip().split("\n") if f.strip()]
+
+          if not envs:
+              print("No state files changed")
+              exit(0)
+
+          print(f"Changed environments: {envs}")

          for env in envs:
              key = env.upper().replace("-", "_")
@ -60,7 +50,7 @@ jobs:
              url = os.environ.get(f"{key}_RECONCILER_URL", "")

              if not token or not url:
-                  print(f"No secrets for '{env}' — skipping")
+                  print(f"[{env}] No secrets configured — skipping")
                  continue

              # Call reconciler dry-run
@ -80,7 +70,7 @@ jobs:
                  resp = urllib.request.urlopen(req)
                  data = json.loads(resp.read())
              except Exception as e:
-                  print(f"Reconciler call failed for '{env}': {e}")
+                  print(f"[{env}] Reconciler call failed: {e}")
                  continue

              # Format as markdown
--- a/.gitea/workflows/reconcile.yml
+++ b/.gitea/workflows/reconcile.yml
@ -8,38 +8,15 @@ on:
      - "state/*.json"

 jobs:
-  detect:
+  reconcile:
    runs-on: ubuntu-latest
-    outputs:
-      envs: ${{ steps.changed.outputs.envs }}
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 2

-      - name: Detect changed environments
-        id: changed
-        run: |
-          FILES=$(git diff --name-only HEAD~1 HEAD -- 'state/*.json')
-          ENVS=$(python3 -c "
-          import os, json
-          files = '''$FILES'''.strip().split('\n')
-          envs = [os.path.basename(f).replace('.json','') for f in files if f.strip()]
-          print(json.dumps(envs))
-          ")
-          echo "envs=$ENVS" >> "$GITHUB_OUTPUT"
-          echo "Changed environments: $ENVS"
-
-  reconcile:
-    needs: detect
-    runs-on: ubuntu-latest
-    if: needs.detect.outputs.envs != '[]'
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Reconcile each changed environment
+      - name: Reconcile changed environments
        env:
-          ENVS: ${{ needs.detect.outputs.envs }}
          TEST_RECONCILER_TOKEN: ${{ secrets.TEST_RECONCILER_TOKEN }}
          TEST_RECONCILER_URL: ${{ secrets.TEST_RECONCILER_URL }}
          DEV_RECONCILER_TOKEN: ${{ secrets.DEV_RECONCILER_TOKEN }}
@ -48,9 +25,20 @@ jobs:
          PROD_RECONCILER_URL: ${{ secrets.PROD_RECONCILER_URL }}
        run: |
          python3 <<'SCRIPT'
-          import json, os, urllib.request, sys
+          import json, os, subprocess, urllib.request, sys

-          envs = json.loads(os.environ["ENVS"])
+          # Detect changed state files
+          diff = subprocess.run(
+              ["git", "diff", "--name-only", "HEAD~1", "HEAD", "--", "state/*.json"],
+              capture_output=True, text=True, check=True,
+          )
+          envs = [os.path.basename(f).replace(".json", "") for f in diff.stdout.strip().split("\n") if f.strip()]
+
+          if not envs:
+              print("No state files changed")
+              exit(0)
+
+          print(f"Changed environments: {envs}")
          failed = []

          for env in envs:
@ -59,7 +47,7 @@ jobs:
              url = os.environ.get(f"{key}_RECONCILER_URL", "")

              if not token or not url:
-                  print(f"No secrets for '{env}' — skipping")
+                  print(f"[{env}] No secrets configured — skipping")
                  continue

              # Sync events first
@ -107,7 +95,6 @@ jobs:
                    f"{summary.get('updated',0)} updated, "
                    f"{summary.get('deleted',0)} deleted")

-              # Log created keys (names only, not values)
              keys = data.get("created_keys", {})
              if keys:
                  print(f"[{env}] Created setup keys: {list(keys.keys())}")