Skip to content

feat(actions): add preview-only input to deploy-client-stack action#241

Open
Cre-eD wants to merge 1 commit intomainfrom
feat/deploy-preview-only
Open

feat(actions): add preview-only input to deploy-client-stack action#241
Cre-eD wants to merge 1 commit intomainfrom
feat/deploy-preview-only

Conversation

@Cre-eD
Copy link
Copy Markdown
Contributor

@Cre-eD Cre-eD commented May 10, 2026

Summary

Adds an explicit preview-only input to the deploy-client-stack GitHub Action so consumers can run pulumi preview (dry-run) from CI without applying any changes.

Until now, the only ways to dry-run a deploy via this action were the legacy SC env vars (SC_PREVIEW, SC_DRY_RUN, SC_DEPLOY_PREVIEW, DRY_RUN) or running on a pull_request trigger. Neither is convenient when the deploy is normally invoked from workflow_dispatch.

Wiring

  • New action input preview-only: 'false' (default keeps current behavior)
  • Sets PREVIEW_ONLY env var on the docker container
  • isPreviewMode() now also returns true when PREVIEW_ONLY=true
  • New preview-mode action output exposes the resolved mode (the binary already emits it, just needed declaring in action.yml)

When isPreviewMode() returns true, executeDeploy() routes to provisioner.Preview() instead of provisioner.Deploy() — that branch was already present, no changes needed there.

Use case

Validating in-flight SC API changes against a real consumer stack before merging the SC change. For example, a workflow that normally runs:

- uses: simple-container-com/api/.github/actions/deploy-client-stack@vX.Y.Z
  with:
    stack-name: foo
    environment: bar
    sc-config: ${{ secrets.SC_CONFIG }}

can now opt into preview-only with one extra line:

- uses: simple-container-com/api/.github/actions/deploy-client-stack@vX.Y.Z
  with:
    stack-name: foo
    environment: bar
    sc-config: ${{ secrets.SC_CONFIG }}
    preview-only: 'true'

Tests

  • TestExecutor_IsPreviewMode (new) — covers all preview env triggers individually, asserts non-"true" values do not flip the mode, and verifies the pull_request auto-preview path

Test plan

  • go test ./pkg/githubactions/... passes
  • go build ./... clean
  • After merge: trigger a consumer workflow with preview-only: 'true', confirm the run completes with no Pulumi changes applied and preview-mode=true in outputs

@Cre-eD
feat(actions): add preview-only input to deploy-client-stack action
12fafbd 
Adds an explicit `preview-only` input to the deploy-client-stack action
so consumers can run `pulumi preview` (dry-run) from CI without applying
any changes. Maps to a new PREVIEW_ONLY env var that the github-actions
binary's existing isPreviewMode() check now recognises.

Use case: validating in-flight SC API changes against a real consumer
stack before merging the SC change. Until now, the only ways to dry-run
a deploy were via the legacy SC env vars (SC_PREVIEW, SC_DRY_RUN, etc.)
or by running on a pull_request trigger. Neither is convenient when the
deploy is normally invoked from a workflow_dispatch.

Wiring:
- New action input `preview-only: 'false'` (default keeps current behavior)
- Sets `PREVIEW_ONLY` env var on the docker container
- isPreviewMode() in pkg/githubactions/actions/executor.go now also
  returns true when PREVIEW_ONLY=true
- New `preview-mode` action output exposes the resolved mode (already
  emitted by the binary, just needed declaring in action.yml)

Tests:
- TestExecutor_IsPreviewMode covers all preview env triggers individually,
  asserts non-"true" values do not flip the mode, and verifies the
  pull_request auto-preview path

When isPreviewMode() returns true, executeDeploy() routes to
provisioner.Preview() instead of provisioner.Deploy() — that branch was
already present in operation_executor.go, no changes needed there.

Signed-off-by: Dmitrii Creed <creeed22@gmail.com>
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 10, 2026

Semgrep Scan Results

Repository: api | Commit: ae2abf0

Check Status Details
🚨 Semgrep ERROR 11 error(s), 73 warning(s), 108 total

Scanned at 2026-05-10 07:24 UTC

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 10, 2026

Security Scan Results

Repository: api | Commit: ae2abf0

Check Status Details
✅ Secret Scan Pass No secrets detected
⚠️ Dependencies (Trivy) High 1 high, 2 total
⚠️ Dependencies (Grype) High 1 high, 2 total
📦 SBOM Generated 469 components (CycloneDX)

Scanned at 2026-05-10 07:25 UTC

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Cre-eD