From fa386ff6cf462f97cc8d19e785228f0cfe05938f Mon Sep 17 00:00:00 2001 From: Steven Kreitzer Date: Tue, 31 Dec 2024 10:07:55 -0600 Subject: [PATCH] feat: beautiful workflows (#3239) --- .github/workflows/flux-diff.yaml | 36 +++++---- .github/workflows/helm-repository-sync.yaml | 5 +- .github/workflows/pre-pull-images.yaml | 84 +++++++++------------ 3 files changed, 55 insertions(+), 70 deletions(-) diff --git a/.github/workflows/flux-diff.yaml b/.github/workflows/flux-diff.yaml index 09c8bf744..e23fd39ba 100644 --- a/.github/workflows/flux-diff.yaml +++ b/.github/workflows/flux-diff.yaml @@ -19,7 +19,6 @@ jobs: strategy: matrix: resources: ["helmrelease", "kustomization"] - max-parallel: 4 fail-fast: false steps: - name: Generate Token @@ -29,18 +28,18 @@ jobs: app-id: "${{ secrets.BOT_APP_ID }}" private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - - name: Checkout + - name: Checkout Pull Request Branch uses: actions/checkout@v4 with: token: "${{ steps.app-token.outputs.token }}" - ref: "${{ github.event.repository.default_branch }}" - path: default + path: pull - - name: Checkout Pull Request Branch + - name: Checkout Default Branch uses: actions/checkout@v4 with: token: "${{ steps.app-token.outputs.token }}" - path: pull + ref: "${{ github.event.repository.default_branch }}" + path: default - name: Diff Resources uses: docker://ghcr.io/allenporter/flux-local:v6.1.1 @@ -48,29 +47,28 @@ jobs: args: >- diff ${{ matrix.resources }} --unified 6 - --path-orig /github/workspace/default/kubernetes/flux --path /github/workspace/pull/kubernetes/flux + --path-orig /github/workspace/default/kubernetes/flux --strip-attrs "helm.sh/chart,checksum/config,app.kubernetes.io/version,chart" --limit-bytes 10000 --all-namespaces - --sources "${{ github.event.repository.name }}" + --sources "k8s-gitops" --output-file diff.patch - name: Generate Diff id: diff run: | - cat diff.patch; { - echo 'diff<> "$GITHUB_OUTPUT"; + echo 'diff<> $GITHUB_OUTPUT { - echo "### Diff" - echo '```diff' - cat diff.patch - echo '```' - } >> "$GITHUB_STEP_SUMMARY" + echo "### Diff" + echo '```diff' + cat diff.patch + echo '```' + } >> $GITHUB_STEP_SUMMARY - if: ${{ steps.diff.outputs.diff != '' }} name: Add Comment @@ -79,7 +77,7 @@ jobs: repo-token: "${{ steps.app-token.outputs.token }}" message-id: "${{ github.event.pull_request.number }}/kubernetes/${{ matrix.resources }}" message-failure: Diff was not successful - message: | + message: |- ```diff ${{ steps.diff.outputs.diff }} ``` diff --git a/.github/workflows/helm-repository-sync.yaml b/.github/workflows/helm-repository-sync.yaml index e0ccbb361..953ab0951 100644 --- a/.github/workflows/helm-repository-sync.yaml +++ b/.github/workflows/helm-repository-sync.yaml @@ -24,7 +24,8 @@ jobs: uses: Homebrew/actions/setup-homebrew@master - name: Setup Workflow Tools - run: brew install fluxcd/tap/flux yq + shell: bash + run: brew install fluxcd/tap/flux - name: Generate Token uses: actions/create-github-app-token@v1 @@ -40,7 +41,7 @@ jobs: fetch-depth: 0 - if: ${{ github.event.inputs.helmRepoNamespace == '' && github.event.inputs.helmRepoName == '' }} - name: Get changed files + name: Get Changed Files id: changed-files uses: tj-actions/changed-files@v45 with: diff --git a/.github/workflows/pre-pull-images.yaml b/.github/workflows/pre-pull-images.yaml index d9f302459..658a1f0b7 100644 --- a/.github/workflows/pre-pull-images.yaml +++ b/.github/workflows/pre-pull-images.yaml @@ -14,17 +14,14 @@ jobs: extract-images: name: Extract Images runs-on: ubuntu-latest - permissions: - pull-requests: write + strategy: + matrix: + branches: ["default", "pull"] + fail-fast: false outputs: - matrix: ${{ steps.extract-images.outputs.images }} + default: ${{ steps.extract-images.outputs.default }} + pull: ${{ steps.extract-images.outputs.pull }} steps: - - name: Setup Homebrew - uses: Homebrew/actions/setup-homebrew@master - - - name: Setup Workflow Tools - run: brew install jo yq - - name: Generate Token uses: actions/create-github-app-token@v1 id: app-token @@ -32,69 +29,57 @@ jobs: app-id: "${{ secrets.BOT_APP_ID }}" private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - - name: Checkout Default Branch + - name: Checkout uses: actions/checkout@v4 with: token: "${{ steps.app-token.outputs.token }}" - ref: "${{ github.event.repository.default_branch }}" - path: default - - - name: Checkout Pull Request Branch - uses: actions/checkout@v4 - with: - token: "${{ steps.app-token.outputs.token }}" - path: pull - - - name: Gather Images in Default Branch - uses: docker://ghcr.io/allenporter/flux-local:v6.1.1 - with: - args: >- - get cluster - --path /github/workspace/default/kubernetes/flux - --enable-images - --output yaml - --output-file default.yaml + ref: "${{ matrix.branches == 'default' && github.event.repository.default_branch || '' }}" - - name: Gather Images in Pull Request Branch + - name: Gather Images uses: docker://ghcr.io/allenporter/flux-local:v6.1.1 with: args: >- get cluster - --path /github/workspace/pull/kubernetes/flux + --path /github/workspace/kubernetes/flux --enable-images --output yaml - --output-file pull.yaml + --output-file images.yaml - - name: Filter Default Branch Results - shell: bash - run: | - yq -r '[.. | .images? | select(. != null)] | flatten | sort | unique | .[]' \ - default.yaml > default.txt - - - name: Filter Pull Request Branch Results + - name: Extract Images + id: extract-images shell: bash run: | - yq -r '[.. | .images? | select(. != null)] | flatten | sort | unique | .[]' \ - pull.yaml > pull.txt + images=$(yq --indent=0 --output-format=json \ + '[.. | .images? | select(. != null)] | flatten | sort | unique' images.yaml \ + ) + echo "${{ matrix.branches }}=${images}" >> $GITHUB_OUTPUT - - name: Compare Default and Pull Request Images - id: extract-images + compare-images: + name: Compare Images + runs-on: ubuntu-latest + needs: ["extract-images"] + outputs: + images: ${{ steps.compare-images.outputs.images }} + steps: + - name: Compare Images + id: compare-images shell: bash run: | - images=$(jo -a $(grep -vf default.txt pull.txt)) + images=$(jq --compact-output --null-input \ + --argjson f1 '${{ needs.extract-images.outputs.default }}' \ + --argjson f2 '${{ needs.extract-images.outputs.pull }}' \ + '$f2 - $f1' \ + ) echo "images=${images}" >> $GITHUB_OUTPUT - echo "${images}" - echo "### Images" >> $GITHUB_STEP_SUMMARY - echo "${images}" | jq --raw-output 'to_entries[] | "* \(.value)"' >> $GITHUB_STEP_SUMMARY pre-pull-images: - if: ${{ needs.extract-images.outputs.matrix != '[]' }} + if: ${{ needs.compare-images.outputs.images != '[]' }} name: Pre-pull Images runs-on: ["gha-runner-scale-set"] - needs: ["extract-images"] + needs: ["compare-images"] strategy: matrix: - images: ${{ fromJSON(needs.extract-images.outputs.matrix) }} + images: ${{ fromJSON(needs.compare-images.outputs.images) }} max-parallel: 4 fail-fast: false steps: @@ -102,6 +87,7 @@ jobs: uses: Homebrew/actions/setup-homebrew@master - name: Setup Workflow Tools + shell: bash run: brew install siderolabs/tap/talosctl - name: Pre-pull Image