Deployment smoke test for GitHub CI bootstrap#74
Conversation
Qodo reviews are paused for this user.Troubleshooting steps vary by plan Learn more → On a Teams plan? Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center? |
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
/pulumi test up |
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
No issues found across 1 file
Confidence score: 5/5
- Automated review surfaced no issues in the provided summaries.
- No files require special attention.
Architecture diagram
sequenceDiagram
participant Dev as Developer
participant GH as GitHub PR
participant GHA as GitHub Actions
participant Bot as Pulumi Bot
participant Backend as Pulumi Backend
participant AWS as AWS Test Account
Note over Dev,AWS: Deployment smoke-test flow
Dev->>GH: Comment "/pulumi test up"
GH->>GHA: Trigger workflow dispatch
GHA->>Bot: Process command dispatch
Bot->>GHA: Identify target stack (github-ci-bootstrap/test)
Note over GHA,AWS: Command intake complete
GHA->>Bot: Request stack preview
Bot->>Backend: Fetch current stack state
Backend-->>Bot: Stack state (if any)
Bot->>GHA: Return preview results
alt Preview succeeds
GHA->>Bot: Validate IAM / destructive gates
Bot->>AWS: Check IAM policy & test account permissions
AWS-->>Bot: Validation result
alt All gates pass
GHA->>Bot: Proceed with apply
Bot->>AWS: Apply infrastructure changes
AWS-->>Bot: Apply result
Bot->>GHA: Return apply status
GHA->>Bot: Trigger post-apply drift check
Bot->>AWS: Compare current vs desired state
AWS-->>Bot: Drift report
Bot-->>GHA: Drift check complete
GHA-->>GH: Post success status
else Gate fails
Bot-->>GHA: Validation error
GHA-->>GH: Post failure with details
end
else Preview fails
Bot-->>GHA: Preview error
GHA-->>GH: Post failure with details
end
|
Queued A trusted runner workflow will re-check the PR head SHA before using AWS credentials. |
Pulumi PR command result
Production stages are gated behind a successful test apply and test post-apply drift check for the same PR head SHA. |
dmytrocraft
force-pushed
the
codex/deployment-smoke-issue59
branch
from
4a6a70e to
f9749e7
Compare
Pulumi PR command result
Production stages are gated behind a successful test apply and test post-apply drift check for the same PR head SHA. |
dmytrocraft
force-pushed
the
codex/deployment-smoke-issue59
branch
from
f9749e7 to
4663b1c
Compare
|
/pulumi test up |
1 similar comment
|
/pulumi test up |
|
Queued A trusted runner workflow will re-check the PR head SHA before using AWS credentials. |
Pulumi PR command result
Production stages are gated behind a successful test apply and test post-apply drift check for the same PR head SHA. |
dmytrocraft
force-pushed
the
codex/deployment-smoke-issue59
branch
from
4663b1c to
5e035b9
Compare
|
/pulumi test up |
|
Queued A trusted runner workflow will re-check the PR head SHA before using AWS credentials. |
Pulumi PR command result
Production stages are gated behind a successful test apply and test post-apply drift check for the same PR head SHA. |
dmytrocraft
force-pushed
the
codex/deployment-smoke-issue59
branch
from
5e035b9 to
f5b3af5
Compare
|
/pulumi test up |
|
Queued A trusted runner workflow will re-check the PR head SHA before using AWS credentials. |
Pulumi PR command result
Production stages are gated behind a successful test apply and test post-apply drift check for the same PR head SHA. |
dmytrocraft
force-pushed
the
codex/deployment-smoke-issue59
branch
from
f5b3af5 to
451bbdd
Compare
|
/pulumi test up |
|
Queued A trusted runner workflow will re-check the PR head SHA before using AWS credentials. |
Pulumi PR command result
Production stages are gated behind a successful test apply and test post-apply drift check for the same PR head SHA. |
dmytrocraft
force-pushed
the
codex/deployment-smoke-issue59
branch
from
451bbdd to
5af66fc
Compare
|
/pulumi test up |
|
Queued A trusted runner workflow will re-check the PR head SHA before using AWS credentials. |
Pulumi PR command result
Production stages are gated behind a successful test apply and test post-apply drift check for the same PR head SHA. |
dmytrocraft
force-pushed
the
codex/deployment-smoke-issue59
branch
from
5af66fc to
c204490
Compare
Pulumi PR command result
Production stages are gated behind a successful test apply and test post-apply drift check for the same PR head SHA. |
dmytrocraft
force-pushed
the
codex/deployment-smoke-issue59
branch
from
29a4ad0 to
3ca5909
Compare
|
/pulumi test up |
|
Queued A trusted runner workflow will re-check the PR head SHA before using AWS credentials. |
dmytrocraft
force-pushed
the
codex/deployment-smoke-issue59
branch
from
3ca5909 to
4286044
Compare
|
/pulumi test up |
Pulumi PR command result
Production stages are gated behind a successful test apply and test post-apply drift check for the same PR head SHA. |
|
Queued A trusted runner workflow will re-check the PR head SHA before using AWS credentials. |
dmytrocraft
force-pushed
the
codex/deployment-smoke-issue59
branch
from
4286044 to
b35d549
Compare
|
/pulumi test up |
Pulumi PR command result
Production stages are gated behind a successful test apply and test post-apply drift check for the same PR head SHA. |
|
Queued A trusted runner workflow will re-check the PR head SHA before using AWS credentials. |
Pulumi PR command result
Production stages are gated behind a successful test apply and test post-apply drift check for the same PR head SHA. |
dmytrocraft
force-pushed
the
codex/deployment-smoke-issue59
branch
from
b35d549 to
bdfdb6a
Compare
|
/pulumi test up |
|
Queued A trusted runner workflow will re-check the PR head SHA before using AWS credentials. |
Pulumi PR command result
Production stages are gated behind a successful test apply and test post-apply drift check for the same PR head SHA. |
dmytrocraft
force-pushed
the
codex/deployment-smoke-issue59
branch
from
bdfdb6a to
935b0f5
Compare
|
/pulumi test up |
|
Queued A trusted runner workflow will re-check the PR head SHA before using AWS credentials. |
Pulumi PR command result
Production stages are gated behind a successful test apply and test post-apply drift check for the same PR head SHA. |
dmytrocraft
force-pushed
the
codex/deployment-smoke-issue59
branch
from
935b0f5 to
42cc3ed
Compare
|
/pulumi test up |
|
Queued A trusted runner workflow will re-check the PR head SHA before using AWS credentials. |
Pulumi PR command result
Production stages are gated behind a successful test apply and test post-apply drift check for the same PR head SHA. |
dmytrocraft
force-pushed
the
codex/deployment-smoke-issue59
branch
from
42cc3ed to
a77e4f8
Compare
|
/pulumi test up |
|
Queued A trusted runner workflow will re-check the PR head SHA before using AWS credentials. |
Pulumi PR command result
Production stages are gated behind a successful test apply and test post-apply drift check for the same PR head SHA. |
2 participants
Pull Request
Description
Adds a disposable smoke-test record so GitHub Actions can exercise the PR deployment command path against the current GitHub CI bootstrap feature branch.
Related Issue
Related to issue #59 and PR #60.
Motivation and Context
This PR exists to manually verify that GitHub deployment commands can preview, validate, apply, and drift-check the test account after the bootstrap changes.
How Has This Been Tested?
Planned manual validation: post
/pulumi test upon this PR and confirm the GitHub Actions runner completes test preview, destructive diff gate, IAM validation, apply, and post-apply drift.Screenshots (if appropriate)
N/A
Types of changes
Checklist
Summary by cubic
Adds a disposable smoke-test record at
specs/issue-59-github-ci-aws-bootstrap/deployment-smoke-2026-06-07.mdto exercise the GitHub Actions PR deployment path for the GitHub CI bootstrap stack. Comment/pulumi test upto run preview, IAM validation, apply, and post-apply drift checks against thetestaccount andgithub-ci-bootstrap/teststack.Written for commit a77e4f8. Summary will update on new commits.