From 60eaa1422e49e4a51f3474038943aefe8023bc6e Mon Sep 17 00:00:00 2001 From: Tomo1912 Date: Sat, 9 Aug 2025 23:24:23 +0200 Subject: [PATCH 1/3] update CFN --- .github/workflows/cfn-validate-pr.yml | 67 ++++++++++++++++++++++----- 1 file changed, 55 insertions(+), 12 deletions(-) diff --git a/.github/workflows/cfn-validate-pr.yml b/.github/workflows/cfn-validate-pr.yml index f28f2d5..780fe5e 100644 --- a/.github/workflows/cfn-validate-pr.yml +++ b/.github/workflows/cfn-validate-pr.yml @@ -1,7 +1,8 @@ -name: Validate CloudFormation on PR +name: Validate and Deploy CloudFormation on PR on: pull_request: + types: [opened, synchronize, reopened, closed] paths: - 'cloudformation/**' @@ -10,7 +11,8 @@ permissions: contents: read jobs: - validate-cfn: + validate-and-deploy: + if: github.event.action != 'closed' # Radi samo kad PR NIJE zatvoren runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 @@ -22,31 +24,64 @@ jobs: aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: eu-west-2 - - name: Validate Cloudformation template + - name: Validate CloudFormation template run: | - aws cloudformation validate-template --template-body file://cloudformation/s3-bucket.yml + set -euo pipefail + aws cloudformation validate-template \ + --template-body file://cloudformation/s3-bucket.yml - - name: Deploy our stack + - name: Deploy or update stack run: | - stack_name="pr-test-stack-${{github.event.pull_request.number}}" - aws cloudformation create-stack --stack-name $stack_name --template-body file://cloudformation/s3-bucket.yml --parameters ParameterKey=Environment,ParameterValue=test + set -euo pipefail + stack_name="pr-test-stack-${{ github.event.pull_request.number }}" + + if ! aws cloudformation describe-stacks --stack-name "$stack_name" >/dev/null 2>&1; then + echo "Creating new stack: $stack_name" + aws cloudformation create-stack \ + --stack-name "$stack_name" \ + --template-body file://cloudformation/s3-bucket.yml \ + --parameters ParameterKey=Environment,ParameterValue=test \ + --capabilities CAPABILITY_NAMED_IAM + aws cloudformation wait stack-create-complete --stack-name "$stack_name" + else + echo "Updating existing stack: $stack_name" + set +e + update_output=$(aws cloudformation update-stack \ + --stack-name "$stack_name" \ + --template-body file://cloudformation/s3-bucket.yml \ + --parameters ParameterKey=Environment,ParameterValue=test \ + --capabilities CAPABILITY_NAMED_IAM 2>&1) + status=$? + set -e + if [ $status -ne 0 ]; then + if [[ "$update_output" == *"No updates are to be performed"* ]]; then + echo "No updates to perform." + else + echo "$update_output" + exit $status + fi + else + aws cloudformation wait stack-update-complete --stack-name "$stack_name" + fi + fi - name: Comment on the PR uses: actions/github-script@v6 with: - github-token: ${{secrets.GITHUB_TOKEN}} + github-token: ${{ secrets.GITHUB_TOKEN }} script: | github.rest.issues.createComment({ issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, - body: 'Cloudformation test stack deployed. Stack name: pr-test-stack-${{ github.event.pull_request.number}}' + body: `✅ CloudFormation test stack deployed successfully.\nStack name: pr-test-stack-${{ github.event.pull_request.number }}` }) + cleanup-on-merge: + if: github.event.action == 'closed' && github.event.pull_request.merged == true runs-on: ubuntu-latest - if: github.event.pull_request.merged == true steps: - - name: configure AWS Credentials + - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} @@ -55,5 +90,13 @@ jobs: - name: Delete test stack run: | + set -euo pipefail stack_name="pr-test-stack-${{ github.event.pull_request.number }}" - aws cloudformation delete-stack --stack-name $stack_name \ No newline at end of file + if aws cloudformation describe-stacks --stack-name "$stack_name" >/dev/null 2>&1; then + echo "Deleting stack: $stack_name" + aws cloudformation delete-stack --stack-name "$stack_name" + aws cloudformation wait stack-delete-complete --stack-name "$stack_name" + echo "Stack deleted." + else + echo "Stack $stack_name not found. Nothing to delete." + fi From bb76d3d3ab3c35d7515d471fa5b54cd68d31f101 Mon Sep 17 00:00:00 2001 From: Tomo1912 Date: Sat, 9 Aug 2025 23:26:22 +0200 Subject: [PATCH 2/3] update CFN --- .github/workflows/cfn-validate-pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cfn-validate-pr.yml b/.github/workflows/cfn-validate-pr.yml index 780fe5e..5f7449e 100644 --- a/.github/workflows/cfn-validate-pr.yml +++ b/.github/workflows/cfn-validate-pr.yml @@ -65,7 +65,7 @@ jobs: fi fi - - name: Comment on the PR + - name: Comment on the PR1 uses: actions/github-script@v6 with: github-token: ${{ secrets.GITHUB_TOKEN }} From 555b77d3af2c182864c9b36eda76824c840e62c0 Mon Sep 17 00:00:00 2001 From: Tomo1912 Date: Sat, 9 Aug 2025 23:29:27 +0200 Subject: [PATCH 3/3] update CFN --- .github/workflows/cfn-validate-pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cfn-validate-pr.yml b/.github/workflows/cfn-validate-pr.yml index 5f7449e..4a4a87f 100644 --- a/.github/workflows/cfn-validate-pr.yml +++ b/.github/workflows/cfn-validate-pr.yml @@ -65,7 +65,7 @@ jobs: fi fi - - name: Comment on the PR1 + - name: Comment on the PR123 uses: actions/github-script@v6 with: github-token: ${{ secrets.GITHUB_TOKEN }}