diff --git a/.github/actions/deploy-to-control-plane/action.yml b/.github/actions/deploy-to-control-plane/action.yml index b5282ce8..3ec17068 100644 --- a/.github/actions/deploy-to-control-plane/action.yml +++ b/.github/actions/deploy-to-control-plane/action.yml @@ -17,6 +17,12 @@ inputs: description: 'Timeout in seconds for waiting for workloads to be ready' required: false default: '900' + cpln_token: + description: 'Control Plane token' + required: true + pr_number: + description: 'Pull Request number' + required: true outputs: review_app_url: @@ -50,11 +56,14 @@ runs: run: ${{ github.action_path }}/scripts/get-commit-sha.sh env: GITHUB_TOKEN: ${{ inputs.github_token }} - PR_NUMBER: ${{ env.PR_NUMBER }} + PR_NUMBER: ${{ inputs.pr_number }} - name: Deploy to Control Plane id: deploy shell: bash + env: + CPLN_TOKEN: ${{ inputs.cpln_token }} + PR_NUMBER: ${{ inputs.pr_number }} run: | echo "🚀 Deploying app for PR #${PR_NUMBER}..." diff --git a/.github/actions/help-command/action.yml b/.github/actions/help-command/action.yml index a84169a9..9988479c 100644 --- a/.github/actions/help-command/action.yml +++ b/.github/actions/help-command/action.yml @@ -5,12 +5,15 @@ inputs: github-token: description: 'GitHub token for posting comments' required: true + issue-number: + description: 'PR/Issue number to post the comment to (optional, defaults to event context)' + required: false runs: using: "composite" steps: - name: Show Available Commands - uses: actions/github-script + uses: actions/github-script@v7 with: github-token: ${{ inputs.github-token }} script: | @@ -80,12 +83,14 @@ runs: '3. Open an issue in this repository', ].join('\n'); - const context = github.context; - if (context.eventName === 'issue_comment') { + const issueNumber = inputs['issue-number'] || + (context.eventName === 'issue_comment' ? context.payload.issue.number : null); + + if (issueNumber) { await github.rest.issues.createComment({ owner: context.repo.owner, repo: context.repo.repo, - issue_number: context.payload.issue.number, + issue_number: issueNumber, body: helpText }); } else { diff --git a/.github/actions/setup-environment/action.yml b/.github/actions/setup-environment/action.yml index 1a086ee3..710b6c71 100644 --- a/.github/actions/setup-environment/action.yml +++ b/.github/actions/setup-environment/action.yml @@ -22,7 +22,7 @@ runs: - name: Install Control Plane CLI and cpflow gem shell: bash run: | - sudo npm install -g @controlplane/cli@3.3.0 + sudo npm install -g @controlplane/cli@3.3.1 cpln --version gem install cpflow -v 4.1.0 cpflow --version diff --git a/.github/readme.md b/.github/readme.md new file mode 100644 index 00000000..3b10fedc --- /dev/null +++ b/.github/readme.md @@ -0,0 +1,85 @@ +# Developing and Testing Github Actions + +Testing Github Actions on an existing repository is tricky. + +The main issue boils down to the fact that Github Actions uses the workflow files in the branch where the event originates. This is fine for push events, but it becomes a problem when you want to test workflows that are triggered by comments on a pull request. + +Here's a summary of the behavior: + +Behavior of push and pull_request Events + 1. Push on a Branch: + • When you push changes to a branch (e.g., feature-branch), GitHub Actions uses the workflow files in that same branch. + • This is why changes to workflows work seamlessly when testing with push events. + 2. Pull Request Events: + • For pull_request events (e.g., a PR from feature-branch into master), GitHub Actions will always use the workflow files from the target branch (e.g., master), not the source branch (e.g., feature-branch). + • This is a security feature to prevent someone from introducing malicious code in a PR that modifies the workflow files themselves. + +Impact on Comment-Triggered Workflows + +When you want to trigger workflows via comments (issue_comment) in a pull request: + • The workflow code used will always come from the master branch (or the default branch), regardless of the branch where the PR originates. + • This means the PR’s changes to the workflow won’t be used, and the action invoked by the comment will also use code from master. + +Workarounds to Test Comment-Triggered Workflows + +If you want to test workflows in a way that uses the changes in the pull request, here are your options: + +1. Use Push Events for Testing + • Test your changes on a branch with push triggers. + • Use workflow_dispatch to simulate the events you need (like invoking actions via comments). + +This allows you to confirm that your changes to the workflow file or actions behave as expected before merging into master. + +2. Merge the Workflow to master Temporarily + +If you absolutely need the workflow to run as part of a pull_request event: + 1. Merge your workflow changes into master temporarily. + 2. Open a PR to test your comment-triggered workflows. + 3. Revert the changes in master if necessary. + +This ensures the workflow changes are active in master while still testing with the pull_request context. + +3. Add Logic to Detect the Source Branch + +Use github.event.pull_request.head.ref to add custom logic in your workflow that behaves differently based on the source branch. + • Example: + +jobs: + test-pr: + runs-on: ubuntu-latest + if: ${{ github.event.pull_request.head.ref == 'feature-branch' }} + steps: + - name: Checkout Code + uses: actions/checkout@v3 + + - name: Debug + run: echo "Testing workflow changes in feature-branch" + +However, this still requires the workflow itself to exist in master. + +4. Use a Fork or a Temporary Repo + +Create a temporary repository or a fork to test workflows in isolation: + • Push your workflow changes to master in the test repository. + • Open a PR in the fork to test how workflows behave with issue_comment events and PR contexts. + +Once confirmed, you can replicate the changes in your main repository. + +6. Alternative Approach: Split Workflows + +If your workflow includes comment-based triggers (issue_comment), consider splitting your workflows: + • A base workflow in master that handles triggering. + • A test-specific workflow for validating changes on a branch. + +For example: + 1. The base workflow triggers when a comment like /run-tests is added. + 2. The test-specific workflow runs in response to the base workflow but uses the branch’s code. + +Summary + • For push events: The branch-specific workflow is used, so testing changes is easy. + • For pull_request and issue_comment events: GitHub always uses workflows from the master branch, and there’s no direct way to bypass this. + +To test comment-triggered workflows: + 1. Use push or workflow_dispatch to validate changes. + 2. Merge workflow changes temporarily into master to test with pull_request events. + 3. Use tools like act for local simulation. diff --git a/.github/workflows/deploy-to-control-plane.yml b/.github/workflows/deploy-to-control-plane.yml index dd6110e2..60f081c3 100644 --- a/.github/workflows/deploy-to-control-plane.yml +++ b/.github/workflows/deploy-to-control-plane.yml @@ -1,28 +1,40 @@ name: Deploy Review App to Control Plane -run-name: ${{ github.event_name == 'issue_comment' && 'Deploying Review App' || format('Updating Review App for {0}', github.ref_name) }} +run-name: Deploy Review App - ${{ github.ref_name }} on: pull_request: types: [opened, synchronize, reopened] + push: + branches: + - '**' # Any branch + - '!main' # Except main + - '!master' # Except master issue_comment: types: [created] + workflow_dispatch: + inputs: + pr_number: + description: 'Pull Request number to deploy' + required: true + type: number -# Use concurrency to cancel in-progress runs concurrency: - group: deploy-pr-${{ github.event.pull_request.number || github.event.issue.number }} + group: deploy-pr-${{ github.event.pull_request.number || github.event.issue.number || github.event.inputs.pr_number }} cancel-in-progress: true env: - APP_NAME: qa-react-webpack-rails-tutorial-pr-${{ github.event.pull_request.number || github.event.issue.number }} + APP_NAME: qa-react-webpack-rails-tutorial-pr-${{ github.event.pull_request.number || github.event.issue.number || github.event.inputs.pr_number }} CPLN_TOKEN: ${{ secrets.CPLN_TOKEN_STAGING }} CPLN_ORG: ${{ vars.CPLN_ORG_STAGING }} - PR_NUMBER: ${{ github.event.pull_request.number || github.event.issue.number }} + PR_NUMBER: ${{ github.event.pull_request.number || github.event.issue.number || github.event.inputs.pr_number }} jobs: Process-Deployment-Command: if: | (github.event_name == 'pull_request') || + (github.event_name == 'push') || + (github.event_name == 'workflow_dispatch') || (github.event_name == 'issue_comment' && github.event.issue.pull_request && github.event.comment.body == '/deploy-review-app') @@ -34,80 +46,109 @@ jobs: issues: write steps: - - uses: actions/checkout@v4 + # Initial checkout only for pull_request and push events + - name: Checkout code + if: github.event_name == 'pull_request' || github.event_name == 'push' + uses: actions/checkout@v4 with: fetch-depth: 0 - ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.ref || steps.getRef.outputs.PR_REF || github.ref }} + ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.ref }} - - name: Setup Environment - uses: ./.github/actions/setup-environment + # Basic checkout for other events (workflow_dispatch, issue_comment) + # We'll do proper checkout after getting PR info + - name: Initial checkout + if: github.event_name == 'workflow_dispatch' || github.event_name == 'issue_comment' + uses: actions/checkout@v4 with: - token: ${{ env.CPLN_TOKEN }} - org: ${{ env.CPLN_ORG }} + fetch-depth: 0 - name: Get PR HEAD Ref - if: github.event_name == 'issue_comment' - run: | - echo "PR_NUMBER=${{ github.event.issue.number }}" >> $GITHUB_ENV - echo "APP_NAME=qa-react-webpack-rails-tutorial-pr-${{ github.event.issue.number }}" >> $GITHUB_ENV - # For PR comments, get the actual PR head commit - PR_DATA=$(gh pr view $PR_NUMBER --repo ${{ github.repository }} --json headRefName,headRefOid) - echo "PR_REF=$(echo "$PR_DATA" | jq -r '.headRefName')" >> $GITHUB_OUTPUT - echo "PR_SHA=$(echo "$PR_DATA" | jq -r '.headRefOid')" >> $GITHUB_OUTPUT + id: getRef env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then + PR_NUMBER="${{ github.event.inputs.pr }}" + elif [[ "${{ github.event_name }}" == "issue_comment" ]]; then + PR_NUMBER="${{ github.event.issue.number }}" + elif [[ "${{ github.event_name }}" == "pull_request" ]]; then + PR_NUMBER="${{ github.event.pull_request.number }}" + elif [[ "${{ github.event_name }}" == "push" ]]; then + # For push events, find associated PR + PR_DATA=$(gh pr list --head "${{ github.ref_name }}" --json number --jq '.[0].number') + if [[ -n "$PR_DATA" ]]; then + PR_NUMBER="$PR_DATA" + else + echo "Error: No PR found for branch ${{ github.ref_name }}" + exit 1 + fi + fi + + if [[ -z "$PR_NUMBER" ]]; then + echo "Error: Could not determine PR number" + exit 1 + fi + + # Set environment variables + echo "PR_NUMBER=$PR_NUMBER" >> $GITHUB_ENV + echo "APP_NAME=qa-react-webpack-rails-tutorial-pr-$PR_NUMBER" >> $GITHUB_ENV + + # Get PR data using GitHub CLI + PR_DATA=$(gh pr view $PR_NUMBER --repo shakacode/react-webpack-rails-tutorial --json headRefName,headRefOid) + if [[ $? -eq 0 ]]; then + echo "PR_REF=$(echo $PR_DATA | jq -r .headRefName)" >> $GITHUB_OUTPUT + echo "PR_SHA=$(echo $PR_DATA | jq -r .headRefOid)" >> $GITHUB_ENV + else + echo "Error: Could not fetch PR data for PR #$PR_NUMBER" + exit 1 + fi + + - name: Checkout PR code + if: github.event_name == 'workflow_dispatch' || github.event_name == 'issue_comment' + uses: actions/checkout@v4 + with: + fetch-depth: 0 + ref: ${{ steps.getRef.outputs.PR_SHA }} + + - name: Setup Environment + uses: ./.github/actions/setup-environment + with: + token: ${{ secrets.CPLN_TOKEN_STAGING }} + org: ${{ vars.CPLN_ORG_STAGING }} - name: Check if Review App Exists id: check-app - if: github.event_name == 'push' + if: github.event_name == 'pull_request' env: - CPLN_TOKEN: ${{ secrets.CPLN_TOKEN }} + CPLN_TOKEN: ${{ secrets.CPLN_TOKEN_STAGING }} run: | + # First check if cpflow exists + if ! command -v cpflow &> /dev/null; then + echo "Error: cpflow command not found" + exit 1 + fi + + # Then check if app exists if ! cpflow exists -a ${{ env.APP_NAME }}; then echo "No review app exists for this PR" - exit 0 + echo "DO_DEPLOY=false" >> $GITHUB_ENV + else + echo "DO_DEPLOY=true" >> $GITHUB_ENV fi - echo "app_exists=true" >> $GITHUB_OUTPUT - - - name: Set Workflow URL - id: workflow-url - uses: actions/github-script@v7 - with: - script: | - async function getWorkflowUrl(runId) { - const jobs = await github.rest.actions.listJobsForWorkflowRun({ - owner: context.repo.owner, - repo: context.repo.repo, - run_id: runId - }); - - const currentJob = jobs.data.jobs.find(job => job.status === 'in_progress'); - const jobId = currentJob?.id; - - if (!jobId) { - return `${process.env.GITHUB_SERVER_URL}/${context.repo.owner}/${context.repo.repo}/actions/runs/${runId}`; - } - - return `${process.env.GITHUB_SERVER_URL}/${context.repo.owner}/${context.repo.repo}/actions/runs/${runId}/job/${jobId}`; - } - - const workflowUrl = await getWorkflowUrl(context.runId); - core.exportVariable('WORKFLOW_URL', workflowUrl); - core.exportVariable('GET_CONSOLE_LINK', ` - function getConsoleLink(prNumber) { - return '🎮 [Control Plane Console](' + - 'https://console.cpln.io/console/org/' + process.env.CPLN_ORG + '/gvc/' + process.env.APP_NAME + '/-info)'; - } - `); + - name: Validate Deployment Request + id: validate + if: env.DO_DEPLOY != 'false' + run: | + if ! [[ "${{ github.event_name }}" == "workflow_dispatch" || \ + ("${{ github.event_name }}" == "issue_comment" && "${{ github.event.comment.body }}" == "/deploy-review-app") || \ + "${{ github.event_name }}" == "pull_request" ]]; then + echo "Skipping deployment - not a valid trigger (event: ${{ github.event_name }})" + exit 1 + fi - name: Create Initial Comment - if: | - (github.event_name == 'issue_comment' && - github.event.issue.pull_request && - github.event.comment.body == '/deploy-review-app') || - ( steps.check-app.outputs.app_exists == 'true') - id: create-comment + if: env.DO_DEPLOY != 'false' uses: actions/github-script@v7 with: script: | @@ -115,137 +156,71 @@ jobs: owner: context.repo.owner, repo: context.repo.repo, issue_number: process.env.PR_NUMBER, - body: '🚀 Starting deployment process...' + body: '🚀 Starting deployment process...\n\n' + process.env.CONSOLE_LINK }); - console.log('Created comment:', result.data.id); - return { commentId: result.data.id }; + core.setOutput('comment-id', result.data.id); - - name: Set Comment ID - if: | - (github.event_name == 'issue_comment' && - github.event.issue.pull_request && - github.event.comment.body == '/deploy-review-app') || - (steps.check-app.outputs.app_exists == 'true') - run: echo "COMMENT_ID=${{ fromJSON(steps.create-comment.outputs.result).commentId }}" >> $GITHUB_ENV - - - name: Initialize Deployment - id: init-deployment + - name: Set Deployment URLs + id: set-urls + if: env.DO_DEPLOY != 'false' uses: actions/github-script@v7 with: script: | - async function getWorkflowUrl(runId) { - const jobs = await github.rest.actions.listJobsForWorkflowRun({ + // Set workflow URL for logs + const getWorkflowUrl = async (runId) => { + const { data: run } = await github.rest.actions.getWorkflowRun({ owner: context.repo.owner, repo: context.repo.repo, run_id: runId }); - - const currentJob = jobs.data.jobs.find(job => job.status === 'in_progress'); - const jobId = currentJob?.id; - - if (!jobId) { - console.log('Warning: Could not find current job ID'); - return `${process.env.GITHUB_SERVER_URL}/${context.repo.owner}/${context.repo.repo}/actions/runs/${runId}`; - } - - return `${process.env.GITHUB_SERVER_URL}/${context.repo.owner}/${context.repo.repo}/actions/runs/${runId}/job/${jobId}`; - } - - // Create initial deployment comment - const comment = await github.rest.issues.createComment({ - owner: context.repo.owner, - repo: context.repo.repo, - issue_number: process.env.PR_NUMBER, - body: '⏳ Initializing deployment...' - }); + return run.html_url; + }; - // Create GitHub deployment - const deployment = await github.rest.repos.createDeployment({ - owner: context.repo.owner, - repo: context.repo.repo, - ref: context.sha, - environment: 'review', - auto_merge: false, - required_contexts: [] - }); - const workflowUrl = await getWorkflowUrl(context.runId); - - return { - deploymentId: deployment.data.id, - commentId: comment.data.id, - workflowUrl - }; - - - name: Set comment ID and workflow URL - run: | - echo "COMMENT_ID=${{ fromJSON(steps.init-deployment.outputs.result).commentId }}" >> $GITHUB_ENV - echo "WORKFLOW_URL=${{ fromJSON(steps.init-deployment.outputs.result).workflowUrl }}" >> $GITHUB_ENV - - - name: Set commit hash - run: | - FULL_COMMIT="${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || steps.getRef.outputs.PR_SHA || github.sha }}" - echo "COMMIT_HASH=${FULL_COMMIT:0:7}" >> $GITHUB_ENV + core.exportVariable('WORKFLOW_URL', workflowUrl); + core.exportVariable('CONSOLE_LINK', + '🎮 [Control Plane Console](' + + 'https://console.cpln.io/console/org/' + process.env.CPLN_ORG_STAGING + '/gvc/' + process.env.APP_NAME + '/-info)' + ); - name: Update Status - Building - if: | - (github.event_name == 'issue_comment' && - github.event.issue.pull_request && - github.event.comment.body == '/deploy-review-app') || - (steps.check-app.outputs.app_exists == 'true') + if: env.DO_DEPLOY != 'false' uses: actions/github-script@v7 with: script: | - eval(process.env.GET_CONSOLE_LINK); - const buildingMessage = [ '🏗️ Building Docker image for PR #' + process.env.PR_NUMBER + ', commit ' + '${{ env.COMMIT_HASH }}', - '🏗️ Building Docker image...', '', '📝 [View Build Logs](' + process.env.WORKFLOW_URL + ')', '', - getConsoleLink(process.env.PR_NUMBER) + process.env.CONSOLE_LINK ].join('\n'); await github.rest.issues.updateComment({ owner: context.repo.owner, repo: context.repo.repo, - comment_id: process.env.COMMENT_ID, + comment_id: ${{ steps.create-comment.outputs.comment-id }}, body: buildingMessage }); - name: Checkout PR Branch - if: | - (github.event_name == 'issue_comment' && - github.event.issue.pull_request && - github.event.comment.body == '/deploy-review-app') || - (steps.check-app.outputs.app_exists == 'true') + if: env.DO_DEPLOY != 'false' run: git checkout ${{ steps.getRef.outputs.PR_REF }} - name: Build Docker Image - if: | - (github.event_name == 'issue_comment' && - github.event.issue.pull_request && - github.event.comment.body == '/deploy-review-app') || - (steps.check-app.outputs.app_exists == 'true') + if: env.DO_DEPLOY != 'false' uses: ./.github/actions/build-docker-image with: app_name: ${{ env.APP_NAME }} - org: ${{ env.CPLN_ORG }} + org: ${{ env.CPLN_ORG_STAGING }} commit: ${{ env.COMMIT_HASH }} PR_NUMBER: ${{ env.PR_NUMBER }} - name: Update Status - Deploying - if: | - (github.event_name == 'issue_comment' && - github.event.issue.pull_request && - github.event.comment.body == '/deploy-review-app') || - (steps.check-app.outputs.app_exists == 'true') + if: env.DO_DEPLOY != 'false' uses: actions/github-script@v7 with: script: | - eval(process.env.GET_CONSOLE_LINK); - const deployingMessage = [ '🚀 Deploying to Control Plane...', '', @@ -253,33 +228,29 @@ jobs: '', '📝 [View Deploy Logs](' + process.env.WORKFLOW_URL + ')', '', - getConsoleLink(process.env.PR_NUMBER) + process.env.CONSOLE_LINK ].join('\n'); await github.rest.issues.updateComment({ owner: context.repo.owner, repo: context.repo.repo, - comment_id: process.env.COMMENT_ID, + comment_id: ${{ steps.create-comment.outputs.comment-id }}, body: deployingMessage }); - name: Deploy to Control Plane - if: | - (github.event_name == 'issue_comment' && - github.event.issue.pull_request && - github.event.comment.body == '/deploy-review-app') || - (steps.check-app.outputs.app_exists == 'true') + if: env.DO_DEPLOY != 'false' uses: ./.github/actions/deploy-to-control-plane with: app_name: ${{ env.APP_NAME }} - org: ${{ env.CPLN_ORG }} + org: ${{ env.CPLN_ORG_STAGING }} github_token: ${{ secrets.GITHUB_TOKEN }} wait_timeout: ${{ vars.WAIT_TIMEOUT || 900 }} - env: - CPLN_TOKEN: ${{ env.CPLN_TOKEN }} - PR_NUMBER: ${{ env.PR_NUMBER }} + cpln_token: ${{ secrets.CPLN_TOKEN_STAGING }} + pr_number: ${{ env.PR_NUMBER }} - name: Update Status - Deployment Complete + if: env.DO_DEPLOY != 'false' uses: actions/github-script@v7 with: script: | @@ -288,8 +259,7 @@ jobs: const workflowUrl = process.env.WORKFLOW_URL; const isSuccess = '${{ job.status }}' === 'success'; - const consoleLink = '🎮 [Control Plane Console](https://console.cpln.io/console/org/' + - process.env.CPLN_ORG + '/gvc/' + process.env.APP_NAME + '/-info)'; + const consoleLink = process.env.CONSOLE_LINK; // Create GitHub deployment status const deploymentStatus = { @@ -326,6 +296,6 @@ jobs: await github.rest.issues.updateComment({ owner: context.repo.owner, repo: context.repo.repo, - comment_id: process.env.COMMENT_ID, + comment_id: ${{ steps.create-comment.outputs.comment-id }}, body: isSuccess ? successMessage : failureMessage }); diff --git a/.github/workflows/help-command.yml b/.github/workflows/help-command.yml index 4d92f667..37330a3e 100644 --- a/.github/workflows/help-command.yml +++ b/.github/workflows/help-command.yml @@ -7,6 +7,11 @@ on: issue_comment: types: [created] workflow_dispatch: + inputs: + issue-number: + description: 'PR/Issue number to post the help comment to' + required: true + type: number permissions: issues: write @@ -25,7 +30,8 @@ jobs: - name: Checkout uses: actions/checkout - - name: Show Help Information + - name: Process Help Command uses: ./.github/actions/help-command with: github-token: ${{ secrets.GITHUB_TOKEN }} + issue-number: ${{ github.event.inputs.issue-number }} \ No newline at end of file