Show kubernetes resource diffs before merging release

lottspot · lottspot · commit 7be88dfcf763 · 2020-03-29T16:39:36.000-04:00
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -5,13 +5,80 @@ on:
     branches:
       - releases/v1
     types:
+      - opened
+      - synchronize
+      - reopened
       - closed
 
 env:
   # Required for action steebchen/kubectl
   KUBE_CONFIG_DATA: ${{ secrets.kubeconfig_data_prod }}
 
 jobs:
+  show-changes:
+    if: github.event.pull_request.state != 'closed'
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+      - uses: azure/setup-kubectl@v1
+        with:
+          version: v1.18.0
+
+      - name: Get resource diffs
+        run: |
+          set -e
+          comment_file=/tmp/k8s_diff.txt
+          app_manifest=k8s/app.yaml
+          prod_manifest_dir=k8s.prod
+
+          test -e ~/.kube || mkdir ~/.kube
+          cat <<EOF > ~/.kube/config
+          $(printf '%s' "$KUBE_CONFIG_DATA" | base64 -d)
+          EOF
+
+          app_diff=$(kubectl diff -f $app_manifest || true)
+          if [ -n "$app_diff" ]; then
+            app_diff_msg=$(cat <<EOF
+          To be applied to prod from $app_manifest:
+          \`\`\`
+          $app_diff
+          \`\`\`
+
+          EOF)
+          fi
+
+          prod_diff=$(kubectl diff -Rf $prod_manifest_dir || true)
+          if [ -n "$prod_diff" ]; then
+            prod_diff_msg=$(cat <<EOF
+          To be applied to prod from $prod_manifest_dir:
+          ```
+          $prod_diff
+          ```
+
+          EOF)
+          fi
+
+          cat <<EOF > $comment_file
+          $app_diff_msg
+          $prod_diff_msg
+          EOF
+
+      - uses: actions/upload-artifact@v1
+        with:
+          name: comment
+          path: /tmp/k8s_diff.txt
+      - uses: actions/download-artifact@v1
+        with:
+          name: comment
+
+      - name: Publish resource diffs
+        uses: machine-learning-apps/pr-comment@1.0.0
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
+        with:
+          path: comment/k8s_diff.txt
+
   deploy-prod:
     if: github.event.pull_request.merged
     runs-on: ubuntu-latest
