diff --git a/.github/workflows/cfn-validate-pr.yml b/.github/workflows/cfn-validate-pr.yml index f28f2d5..4a4a87f 100644 --- a/.github/workflows/cfn-validate-pr.yml +++ b/.github/workflows/cfn-validate-pr.yml @@ -1,7 +1,8 @@ -name: Validate CloudFormation on PR +name: Validate and Deploy CloudFormation on PR on: pull_request: + types: [opened, synchronize, reopened, closed] paths: - 'cloudformation/**' @@ -10,7 +11,8 @@ permissions: contents: read jobs: - validate-cfn: + validate-and-deploy: + if: github.event.action != 'closed' # Radi samo kad PR NIJE zatvoren runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 @@ -22,31 +24,64 @@ jobs: aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: eu-west-2 - - name: Validate Cloudformation template + - name: Validate CloudFormation template run: | - aws cloudformation validate-template --template-body file://cloudformation/s3-bucket.yml + set -euo pipefail + aws cloudformation validate-template \ + --template-body file://cloudformation/s3-bucket.yml - - name: Deploy our stack + - name: Deploy or update stack run: | - stack_name="pr-test-stack-${{github.event.pull_request.number}}" - aws cloudformation create-stack --stack-name $stack_name --template-body file://cloudformation/s3-bucket.yml --parameters ParameterKey=Environment,ParameterValue=test + set -euo pipefail + stack_name="pr-test-stack-${{ github.event.pull_request.number }}" + + if ! aws cloudformation describe-stacks --stack-name "$stack_name" >/dev/null 2>&1; then + echo "Creating new stack: $stack_name" + aws cloudformation create-stack \ + --stack-name "$stack_name" \ + --template-body file://cloudformation/s3-bucket.yml \ + --parameters ParameterKey=Environment,ParameterValue=test \ + --capabilities CAPABILITY_NAMED_IAM + aws cloudformation wait stack-create-complete --stack-name "$stack_name" + else + echo "Updating existing stack: $stack_name" + set +e + update_output=$(aws cloudformation update-stack \ + --stack-name "$stack_name" \ + --template-body file://cloudformation/s3-bucket.yml \ + --parameters ParameterKey=Environment,ParameterValue=test \ + --capabilities CAPABILITY_NAMED_IAM 2>&1) + status=$? + set -e + if [ $status -ne 0 ]; then + if [[ "$update_output" == *"No updates are to be performed"* ]]; then + echo "No updates to perform." + else + echo "$update_output" + exit $status + fi + else + aws cloudformation wait stack-update-complete --stack-name "$stack_name" + fi + fi - - name: Comment on the PR + - name: Comment on the PR123 uses: actions/github-script@v6 with: - github-token: ${{secrets.GITHUB_TOKEN}} + github-token: ${{ secrets.GITHUB_TOKEN }} script: | github.rest.issues.createComment({ issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, - body: 'Cloudformation test stack deployed. Stack name: pr-test-stack-${{ github.event.pull_request.number}}' + body: `✅ CloudFormation test stack deployed successfully.\nStack name: pr-test-stack-${{ github.event.pull_request.number }}` }) + cleanup-on-merge: + if: github.event.action == 'closed' && github.event.pull_request.merged == true runs-on: ubuntu-latest - if: github.event.pull_request.merged == true steps: - - name: configure AWS Credentials + - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} @@ -55,5 +90,13 @@ jobs: - name: Delete test stack run: | + set -euo pipefail stack_name="pr-test-stack-${{ github.event.pull_request.number }}" - aws cloudformation delete-stack --stack-name $stack_name \ No newline at end of file + if aws cloudformation describe-stacks --stack-name "$stack_name" >/dev/null 2>&1; then + echo "Deleting stack: $stack_name" + aws cloudformation delete-stack --stack-name "$stack_name" + aws cloudformation wait stack-delete-complete --stack-name "$stack_name" + echo "Stack deleted." + else + echo "Stack $stack_name not found. Nothing to delete." + fi