From 290a5ce0c91132f8ffcb257274051fb1d7eec7d1 Mon Sep 17 00:00:00 2001 From: pgijsbertsen <117165507+pgijsbertsen@users.noreply.github.com> Date: Mon, 23 Mar 2026 19:57:46 +0100 Subject: [PATCH 01/15] feat: Add ArgoCD diff workflow --- .forgejo/workflows/argocd-diff-preview.yaml | 65 +++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 .forgejo/workflows/argocd-diff-preview.yaml diff --git a/.forgejo/workflows/argocd-diff-preview.yaml b/.forgejo/workflows/argocd-diff-preview.yaml new file mode 100644 index 0000000..223e698 --- /dev/null +++ b/.forgejo/workflows/argocd-diff-preview.yaml @@ -0,0 +1,65 @@ +--- +name: ArgoCD Diff +on: + workflow_dispatch: + workflow_call: + pull_request: + branches: + - main + +jobs: + argocd-diff-preview: + runs-on: docker + env: + PR_NUMBER: ${{ forge.event.pull_request.number }} + steps: + - uses: https://github.com/actions/checkout@v4 + with: + path: pull-request + + - uses: https://github.com/actions/checkout@v4 + with: + ref: main + path: main + + - name: Generate Diff + run: | + docker run \ + --network=host \ + -v /var/run/docker.sock:/var/run/docker.sock \ + -v $(pwd)/main:/base-branch \ + -v $(pwd)/pull-request:/target-branch \ + -v $(pwd)/output:/output \ + -e TARGET_BRANCH=refs/pull/$PR_NUMBER/merge \ + -e REPO=${{ forge.repository }} \ + dagandersen/argocd-diff-preview:v0.2.1 + + - name: Add comment + id: comment + if: always() + run: | + DIFF_BODY=$(cat output/diff.md) + payload="{\"body\": $DIFF_BODY}" + + existing_comment=$(curl -s \ + -H "Authorization: token ${{ secrets.FORGEJO_TOKEN }}" \ + "${{ forge.api_url }}/repos/${{ forge.repository }}/issues/$PR_NUMBER/comments") + comment_id=$(echo "$existing_comment" | jq -r \ + '.[] | select(.body | test("${{ forge.workflow }}")) | .id' | head -n 1) + + + if [ -n "${comment_id}" ] && [ "${comment_id}" != "null" ]; then + echo "Found comment with id ${comment_id}, updating..." && \ + curl -s -X PATCH \ + -H "Authorization: token ${{ secrets.FORGEJO_TOKEN }}" \ + -H "Content-Type: application/json" \ + "${{ forge.api_url }}/repos/${{ forge.repository }}/issues/comments/${comment_id}" \ + -d "$payload" + else + echo "Creating new comment..." && \ + curl -s -X POST \ + -H "Authorization: token ${{ secrets.FORGEJO_TOKEN }}" \ + -H "Content-Type: application/json" \ + "${{ forge.api_url }}/repos/${{ forge.repository }}/issues/$PR_NUMBER/comments" \ + -d "$payload" + fi From 5ac1b06c797b2b6d3adc18e471da3695e6780136 Mon Sep 17 00:00:00 2001 From: pgijsbertsen <117165507+pgijsbertsen@users.noreply.github.com> Date: Mon, 23 Mar 2026 20:02:02 +0100 Subject: [PATCH 02/15] fix: Add Foregejo API token --- .forgejo/workflows/argocd-diff-preview.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.forgejo/workflows/argocd-diff-preview.yaml b/.forgejo/workflows/argocd-diff-preview.yaml index 223e698..882b4ab 100644 --- a/.forgejo/workflows/argocd-diff-preview.yaml +++ b/.forgejo/workflows/argocd-diff-preview.yaml @@ -12,6 +12,7 @@ jobs: runs-on: docker env: PR_NUMBER: ${{ forge.event.pull_request.number }} + GITHUB_TOKEN: ${{ secrets.FORGEJO_TOKEN }} steps: - uses: https://github.com/actions/checkout@v4 with: From f47f2d6bc2528fac3e975818b8d74bdde2209bd7 Mon Sep 17 00:00:00 2001 From: pgijsbertsen <117165507+pgijsbertsen@users.noreply.github.com> Date: Fri, 29 May 2026 09:38:00 +0200 Subject: [PATCH 03/15] fix: Attempt dind --- .forgejo/workflows/argocd-diff-preview.yaml | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/.forgejo/workflows/argocd-diff-preview.yaml b/.forgejo/workflows/argocd-diff-preview.yaml index 882b4ab..bb8a687 100644 --- a/.forgejo/workflows/argocd-diff-preview.yaml +++ b/.forgejo/workflows/argocd-diff-preview.yaml @@ -10,15 +10,22 @@ on: jobs: argocd-diff-preview: runs-on: docker + services: + docker: + image: docker:27-dind + options: --privileged + env: + DOCKER_TLS_CERTDIR: "" env: PR_NUMBER: ${{ forge.event.pull_request.number }} GITHUB_TOKEN: ${{ secrets.FORGEJO_TOKEN }} + DOCKER_HOST: tcp://docker:2375 steps: - - uses: https://github.com/actions/checkout@v4 + - uses: https://github.com/actions/checkout@v6 with: path: pull-request - - uses: https://github.com/actions/checkout@v4 + - uses: https://github.com/actions/checkout@v6 with: ref: main path: main @@ -26,18 +33,15 @@ jobs: - name: Generate Diff run: | docker run \ - --network=host \ - -v /var/run/docker.sock:/var/run/docker.sock \ -v $(pwd)/main:/base-branch \ -v $(pwd)/pull-request:/target-branch \ -v $(pwd)/output:/output \ -e TARGET_BRANCH=refs/pull/$PR_NUMBER/merge \ -e REPO=${{ forge.repository }} \ - dagandersen/argocd-diff-preview:v0.2.1 + dagandersen/argocd-diff-preview:v0.2.8 - name: Add comment id: comment - if: always() run: | DIFF_BODY=$(cat output/diff.md) payload="{\"body\": $DIFF_BODY}" From 5ece983a8326333284d346c7319e67f62b840ebd Mon Sep 17 00:00:00 2001 From: pgijsbertsen <117165507+pgijsbertsen@users.noreply.github.com> Date: Fri, 29 May 2026 09:39:50 +0200 Subject: [PATCH 04/15] fix: use non-dind image --- .forgejo/workflows/argocd-diff-preview.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/argocd-diff-preview.yaml b/.forgejo/workflows/argocd-diff-preview.yaml index bb8a687..e28fc8c 100644 --- a/.forgejo/workflows/argocd-diff-preview.yaml +++ b/.forgejo/workflows/argocd-diff-preview.yaml @@ -12,7 +12,7 @@ jobs: runs-on: docker services: docker: - image: docker:27-dind + image: docker:27 options: --privileged env: DOCKER_TLS_CERTDIR: "" From 70cdc148256d8560c2a1e244dce921f4e7ff405f Mon Sep 17 00:00:00 2001 From: pgijsbertsen <117165507+pgijsbertsen@users.noreply.github.com> Date: Fri, 29 May 2026 09:41:16 +0200 Subject: [PATCH 05/15] maybe this works? --- .forgejo/workflows/argocd-diff-preview.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.forgejo/workflows/argocd-diff-preview.yaml b/.forgejo/workflows/argocd-diff-preview.yaml index e28fc8c..4a179dd 100644 --- a/.forgejo/workflows/argocd-diff-preview.yaml +++ b/.forgejo/workflows/argocd-diff-preview.yaml @@ -10,9 +10,10 @@ on: jobs: argocd-diff-preview: runs-on: docker + container: docker:27 services: docker: - image: docker:27 + image: docker:27-dind options: --privileged env: DOCKER_TLS_CERTDIR: "" From 453d49ffc19435e0c9cc5b765213a2f3365289db Mon Sep 17 00:00:00 2001 From: pgijsbertsen <117165507+pgijsbertsen@users.noreply.github.com> Date: Fri, 29 May 2026 09:43:03 +0200 Subject: [PATCH 06/15] fix: install deps --- .forgejo/workflows/argocd-diff-preview.yaml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.forgejo/workflows/argocd-diff-preview.yaml b/.forgejo/workflows/argocd-diff-preview.yaml index 4a179dd..77d8b68 100644 --- a/.forgejo/workflows/argocd-diff-preview.yaml +++ b/.forgejo/workflows/argocd-diff-preview.yaml @@ -10,7 +10,6 @@ on: jobs: argocd-diff-preview: runs-on: docker - container: docker:27 services: docker: image: docker:27-dind @@ -31,6 +30,14 @@ jobs: ref: main path: main + - name: Install Docker CLI + run: | + if command -v apt-get &>/dev/null; then + apt-get update -qq && apt-get install -y --no-install-recommends docker.io + elif command -v apk &>/dev/null; then + apk add --no-cache docker-cli + fi + - name: Generate Diff run: | docker run \ From 4da26a262213717035e242c5e13650afa7356db6 Mon Sep 17 00:00:00 2001 From: pgijsbertsen <117165507+pgijsbertsen@users.noreply.github.com> Date: Fri, 29 May 2026 09:54:46 +0200 Subject: [PATCH 07/15] revert --- .forgejo/workflows/argocd-diff-preview.yaml | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/.forgejo/workflows/argocd-diff-preview.yaml b/.forgejo/workflows/argocd-diff-preview.yaml index 77d8b68..ffc07e2 100644 --- a/.forgejo/workflows/argocd-diff-preview.yaml +++ b/.forgejo/workflows/argocd-diff-preview.yaml @@ -10,16 +10,11 @@ on: jobs: argocd-diff-preview: runs-on: docker - services: - docker: - image: docker:27-dind - options: --privileged - env: - DOCKER_TLS_CERTDIR: "" + container: + options: --volume /var/run/docker.sock:/var/run/docker.sock env: PR_NUMBER: ${{ forge.event.pull_request.number }} GITHUB_TOKEN: ${{ secrets.FORGEJO_TOKEN }} - DOCKER_HOST: tcp://docker:2375 steps: - uses: https://github.com/actions/checkout@v6 with: @@ -41,6 +36,8 @@ jobs: - name: Generate Diff run: | docker run \ + --network=host \ + -v /var/run/docker.sock:/var/run/docker.sock \ -v $(pwd)/main:/base-branch \ -v $(pwd)/pull-request:/target-branch \ -v $(pwd)/output:/output \ From 674a94e23e161ec59ae0d483403a8d3830530623 Mon Sep 17 00:00:00 2001 From: pgijsbertsen <117165507+pgijsbertsen@users.noreply.github.com> Date: Fri, 29 May 2026 10:06:34 +0200 Subject: [PATCH 08/15] fix: parse dirs correctly --- .forgejo/workflows/argocd-diff-preview.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.forgejo/workflows/argocd-diff-preview.yaml b/.forgejo/workflows/argocd-diff-preview.yaml index ffc07e2..615bdf4 100644 --- a/.forgejo/workflows/argocd-diff-preview.yaml +++ b/.forgejo/workflows/argocd-diff-preview.yaml @@ -35,12 +35,15 @@ jobs: - name: Generate Diff run: | + HOST_WS=$(docker inspect --format='{{range .Mounts}}{{if eq .Destination "/workspace"}}{{.Source}}{{end}}{{end}}' "$HOSTNAME") + REL=${PWD#/workspace/} + mkdir -p output docker run \ --network=host \ -v /var/run/docker.sock:/var/run/docker.sock \ - -v $(pwd)/main:/base-branch \ - -v $(pwd)/pull-request:/target-branch \ - -v $(pwd)/output:/output \ + -v "$HOST_WS/$REL/main:/base-branch" \ + -v "$HOST_WS/$REL/pull-request:/target-branch" \ + -v "$HOST_WS/$REL/output:/output" \ -e TARGET_BRANCH=refs/pull/$PR_NUMBER/merge \ -e REPO=${{ forge.repository }} \ dagandersen/argocd-diff-preview:v0.2.8 From 0a617241d39e2c19be17f150f8c52990715323ba Mon Sep 17 00:00:00 2001 From: pgijsbertsen <117165507+pgijsbertsen@users.noreply.github.com> Date: Fri, 29 May 2026 11:15:14 +0200 Subject: [PATCH 09/15] fix: parse dirs attempt 2 --- .forgejo/workflows/argocd-diff-preview.yaml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/.forgejo/workflows/argocd-diff-preview.yaml b/.forgejo/workflows/argocd-diff-preview.yaml index 615bdf4..6410c4d 100644 --- a/.forgejo/workflows/argocd-diff-preview.yaml +++ b/.forgejo/workflows/argocd-diff-preview.yaml @@ -35,15 +35,13 @@ jobs: - name: Generate Diff run: | - HOST_WS=$(docker inspect --format='{{range .Mounts}}{{if eq .Destination "/workspace"}}{{.Source}}{{end}}{{end}}' "$HOSTNAME") - REL=${PWD#/workspace/} - mkdir -p output + mkdir -p /workspace/${{ forge.repository }}/output docker run \ --network=host \ -v /var/run/docker.sock:/var/run/docker.sock \ - -v "$HOST_WS/$REL/main:/base-branch" \ - -v "$HOST_WS/$REL/pull-request:/target-branch" \ - -v "$HOST_WS/$REL/output:/output" \ + -v /workspace/${{ forge.repository }}/main:/base-branch \ + -v /workspace/${{ forge.repository }}/pull-request:/target-branch \ + -v /workspace/${{ forge.repository }}/output:/output \ -e TARGET_BRANCH=refs/pull/$PR_NUMBER/merge \ -e REPO=${{ forge.repository }} \ dagandersen/argocd-diff-preview:v0.2.8 From b9311cad64ba3c0acebb9438bc6e0a75267d7c26 Mon Sep 17 00:00:00 2001 From: pgijsbertsen <117165507+pgijsbertsen@users.noreply.github.com> Date: Fri, 29 May 2026 11:17:31 +0200 Subject: [PATCH 10/15] debug --- .forgejo/workflows/argocd-diff-preview.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.forgejo/workflows/argocd-diff-preview.yaml b/.forgejo/workflows/argocd-diff-preview.yaml index 6410c4d..62ae98f 100644 --- a/.forgejo/workflows/argocd-diff-preview.yaml +++ b/.forgejo/workflows/argocd-diff-preview.yaml @@ -36,6 +36,8 @@ jobs: - name: Generate Diff run: | mkdir -p /workspace/${{ forge.repository }}/output + echo "$(pwd)" + echo "/workspace/${{ forge.repository }}" docker run \ --network=host \ -v /var/run/docker.sock:/var/run/docker.sock \ From 11281f03da0cd5a515be2f7c6b9d6861201e184c Mon Sep 17 00:00:00 2001 From: pgijsbertsen <117165507+pgijsbertsen@users.noreply.github.com> Date: Fri, 29 May 2026 11:21:55 +0200 Subject: [PATCH 11/15] debug --- .forgejo/workflows/argocd-diff-preview.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.forgejo/workflows/argocd-diff-preview.yaml b/.forgejo/workflows/argocd-diff-preview.yaml index 62ae98f..1919f8d 100644 --- a/.forgejo/workflows/argocd-diff-preview.yaml +++ b/.forgejo/workflows/argocd-diff-preview.yaml @@ -35,15 +35,15 @@ jobs: - name: Generate Diff run: | - mkdir -p /workspace/${{ forge.repository }}/output - echo "$(pwd)" - echo "/workspace/${{ forge.repository }}" + mkdir -p $(pwd)/output + ls $(pwd)/main + ls $(pwd)/pull-request docker run \ --network=host \ -v /var/run/docker.sock:/var/run/docker.sock \ - -v /workspace/${{ forge.repository }}/main:/base-branch \ - -v /workspace/${{ forge.repository }}/pull-request:/target-branch \ - -v /workspace/${{ forge.repository }}/output:/output \ + -v $(pwd)/main:/base-branch \ + -v $(pwd)/pull-request:/target-branch \ + -v $(pwd)/output:/output \ -e TARGET_BRANCH=refs/pull/$PR_NUMBER/merge \ -e REPO=${{ forge.repository }} \ dagandersen/argocd-diff-preview:v0.2.8 From 89960102a1a112c735c21c4085e80de6acb0b4a0 Mon Sep 17 00:00:00 2001 From: pgijsbertsen <117165507+pgijsbertsen@users.noreply.github.com> Date: Fri, 29 May 2026 11:26:25 +0200 Subject: [PATCH 12/15] trigger change --- k8s-peterg/argo-workflows/values.yaml | 74 --------------------------- 1 file changed, 74 deletions(-) diff --git a/k8s-peterg/argo-workflows/values.yaml b/k8s-peterg/argo-workflows/values.yaml index deb3575..d1c1655 100644 --- a/k8s-peterg/argo-workflows/values.yaml +++ b/k8s-peterg/argo-workflows/values.yaml @@ -266,77 +266,3 @@ server: - groups rbac: enabled: true - -# -- Array of extra K8s manifests to deploy -extraObjects: - - apiVersion: v1 - kind: ServiceAccount - metadata: - name: admin-user - namespace: argo-workflows - annotations: - workflows.argoproj.io/rbac-rule: "'ArgoCD Admins' in groups" - workflows.argoproj.io/rbac-rule-precedence: "1" - - apiVersion: v1 - kind: ServiceAccount - metadata: - name: read-only - namespace: argo-workflows - annotations: - workflows.argoproj.io/rbac-rule: "true" - workflows.argoproj.io/rbac-rule-precedence: "0" - - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - metadata: - name: argo-workflows-admin-user - subjects: - - kind: ServiceAccount - name: admin-user - namespace: argo-workflows - roleRef: - kind: ClusterRole - name: argo-workflows-admin - apiGroup: rbac.authorization.k8s.io - - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - metadata: - name: argo-workflows-read-only - subjects: - - kind: ServiceAccount - name: read-only - namespace: argo-workflows - roleRef: - kind: ClusterRole - name: argo-workflows-view - apiGroup: rbac.authorization.k8s.io - - apiVersion: rbac.authorization.k8s.io/v1 - kind: Role - metadata: - name: argo-workflows-server-sso - namespace: argo-workflows - rules: - - apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get - - apiGroups: - - "" - resources: - - serviceaccounts/token - verbs: - - create - - apiVersion: rbac.authorization.k8s.io/v1 - kind: RoleBinding - metadata: - name: argo-workflows-server-sso - namespace: argo-workflows - subjects: - - kind: ServiceAccount - name: argo-workflows-server - namespace: argo-workflows - roleRef: - kind: Role - name: argo-workflows-server-sso - apiGroup: rbac.authorization.k8s.io From f7b42cb9dd6f663a1da2adcb34cedb4a566eb483 Mon Sep 17 00:00:00 2001 From: pgijsbertsen <117165507+pgijsbertsen@users.noreply.github.com> Date: Fri, 29 May 2026 11:29:45 +0200 Subject: [PATCH 13/15] determine changed files --- .forgejo/workflows/argocd-diff-preview.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.forgejo/workflows/argocd-diff-preview.yaml b/.forgejo/workflows/argocd-diff-preview.yaml index 1919f8d..725d8a8 100644 --- a/.forgejo/workflows/argocd-diff-preview.yaml +++ b/.forgejo/workflows/argocd-diff-preview.yaml @@ -25,6 +25,10 @@ jobs: ref: main path: main + - name: Get changed files + id: changed-files + uses: https://github.com/tj-actions/changed-files@v45 + - name: Install Docker CLI run: | if command -v apt-get &>/dev/null; then @@ -36,8 +40,6 @@ jobs: - name: Generate Diff run: | mkdir -p $(pwd)/output - ls $(pwd)/main - ls $(pwd)/pull-request docker run \ --network=host \ -v /var/run/docker.sock:/var/run/docker.sock \ @@ -46,6 +48,7 @@ jobs: -v $(pwd)/output:/output \ -e TARGET_BRANCH=refs/pull/$PR_NUMBER/merge \ -e REPO=${{ forge.repository }} \ + -e FILES_CHANGED="${{ steps.changed-files.outputs.all_changed_files }}" \ dagandersen/argocd-diff-preview:v0.2.8 - name: Add comment From a5ece4f205944731cd1512a2b6a6e38176314d15 Mon Sep 17 00:00:00 2001 From: pgijsbertsen <117165507+pgijsbertsen@users.noreply.github.com> Date: Fri, 29 May 2026 11:52:59 +0200 Subject: [PATCH 14/15] revert --- .forgejo/workflows/argocd-diff-preview.yaml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.forgejo/workflows/argocd-diff-preview.yaml b/.forgejo/workflows/argocd-diff-preview.yaml index 725d8a8..ae5e61e 100644 --- a/.forgejo/workflows/argocd-diff-preview.yaml +++ b/.forgejo/workflows/argocd-diff-preview.yaml @@ -25,10 +25,6 @@ jobs: ref: main path: main - - name: Get changed files - id: changed-files - uses: https://github.com/tj-actions/changed-files@v45 - - name: Install Docker CLI run: | if command -v apt-get &>/dev/null; then @@ -48,7 +44,6 @@ jobs: -v $(pwd)/output:/output \ -e TARGET_BRANCH=refs/pull/$PR_NUMBER/merge \ -e REPO=${{ forge.repository }} \ - -e FILES_CHANGED="${{ steps.changed-files.outputs.all_changed_files }}" \ dagandersen/argocd-diff-preview:v0.2.8 - name: Add comment From 8485ce2b1f1e7bf0e83f64d8fbdc838baef4c9fe Mon Sep 17 00:00:00 2001 From: pgijsbertsen <117165507+pgijsbertsen@users.noreply.github.com> Date: Fri, 29 May 2026 12:15:45 +0200 Subject: [PATCH 15/15] huh --- .forgejo/workflows/argocd-diff-preview.yaml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/.forgejo/workflows/argocd-diff-preview.yaml b/.forgejo/workflows/argocd-diff-preview.yaml index ae5e61e..36c6e8a 100644 --- a/.forgejo/workflows/argocd-diff-preview.yaml +++ b/.forgejo/workflows/argocd-diff-preview.yaml @@ -35,13 +35,16 @@ jobs: - name: Generate Diff run: | - mkdir -p $(pwd)/output - docker run \ + CONTAINER_ID=$(docker inspect --format='{{.Id}}' "$HOSTNAME") + docker cp "$CONTAINER_ID:$(pwd)/main" /tmp/argocd-main + docker cp "$CONTAINER_ID:$(pwd)/pull-request" /tmp/argocd-pr + mkdir -p output + docker run --rm \ --network=host \ -v /var/run/docker.sock:/var/run/docker.sock \ - -v $(pwd)/main:/base-branch \ - -v $(pwd)/pull-request:/target-branch \ - -v $(pwd)/output:/output \ + -v /tmp/argocd-main:/base-branch \ + -v /tmp/argocd-pr:/target-branch \ + -v /tmp/argocd-output:/output \ -e TARGET_BRANCH=refs/pull/$PR_NUMBER/merge \ -e REPO=${{ forge.repository }} \ dagandersen/argocd-diff-preview:v0.2.8