feat: do not create branch planner resources if there are no terraform changes

Branch Planner creates new resources if there is a new Pull Request. It
does this even if the Pull Request has no changes at all to the path
defined in `.spec.path` on the original Terraform object.

Listing pull requests doesn't contain information about the changes, an
extra API call is required to get this information. As it uses an extra
API call, I added a new field to Terraform that can be the place to
configure other options like a reference to a secret. Now, it contains
only one field to enable path scoping for Pull Requests.

Closes flux-iac#803

References:
* flux-iac#803

Signed-off-by: Balazs Nadasdi <[email protected]>

Author: yitsushi

Makefile

@@ -52,6 +52,7 @@ manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and Cust
 
 .PHONY: generate
 generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations.
+	go generate ./...
 	$(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..."
 	cd api; $(CONTROLLER_GEN) object:headerFile="../hack/boilerplate.go.txt" paths="./..."
 

api/v1alpha2/terraform_types.go

@@ -256,6 +256,18 @@ type TerraformSpec struct {
 	// and allow interactive shell in case of emergency.
 	// +optional
 	BreakTheGlass bool `json:"breakTheGlass,omitempty"`
+
+	// BarnchPlanner configuration.
+	// +optional
+	BranchPlanner *BranchPlanner `json:"branchPlanner,omitempty"`
+}
+
+type BranchPlanner struct {
+	// EnablePathScope specifies if the Branch Planner should or shouldn't check
+	// if a Pull Request has changes under `.spec.path`. If enabled extra
+	// resources will be created only if there are any changes in terraform files.
+	// +optional
+	EnablePathScope bool `json:"enablePathScope"`
 }
 
 type CloudSpec struct {

api/v1alpha2/zz_generated.deepcopy.go

@@ -5062,6 +5062,16 @@ spec:
                   - name
                   type: object
                 type: array
+              branchPlanner:
+                description: BarnchPlanner configuration.
+                properties:
+                  enablePathScope:
+                    description: EnablePathScope specifies if the Branch Planner should
+                      or shouldn't check if a Pull Request has changes under `.spec.path`.
+                      If enabled extra resources will be created only if there are
+                      any changes in terraform files.
+                    type: boolean
+                type: object
               breakTheGlass:
                 description: BreakTheGlass specifies if the reconciliation should
                   stop and allow interactive shell in case of emergency.

config/crd/bases/infra.contrib.fluxcd.io_terraforms.yaml

@@ -165,6 +165,40 @@ transient error will still result in a reconciliation failure.</p>
 </table>
 </div>
 </div>
+<h3 id="infra.contrib.fluxcd.io/v1alpha2.BranchPlanner">BranchPlanner
+</h3>
+<p>
+(<em>Appears on:</em>
+<a href="#infra.contrib.fluxcd.io/v1alpha2.TerraformSpec">TerraformSpec</a>)
+</p>
+<div class="md-typeset__scrollwrap">
+<div class="md-typeset__table">
+<table>
+<thead>
+<tr>
+<th>Field</th>
+<th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td>
+<code>enablePathScope</code><br>
+<em>
+bool
+</em>
+</td>
+<td>
+<em>(Optional)</em>
+<p>EnablePathScope specifies if the Branch Planner should or shouldn&rsquo;t check
+if a Pull Request has changes under <code>.spec.path</code>. If enabled extra
+resources will be created only if there are any changes in terraform files.</p>
+</td>
+</tr>
+</tbody>
+</table>
+</div>
+</div>
 <h3 id="infra.contrib.fluxcd.io/v1alpha2.CloudSpec">CloudSpec
 </h3>
 <p>
@@ -1712,6 +1746,19 @@ bool
 and allow interactive shell in case of emergency.</p>
 </td>
 </tr>
+<tr>
+<td>
+<code>branchPlanner</code><br>
+<em>
+<a href="#infra.contrib.fluxcd.io/v1alpha2.BranchPlanner">
+BranchPlanner
+</a>
+</em>
+</td>
+<td>
+<p>BarnchPlanner configuration.</p>
+</td>
+</tr>
 </table>
 </td>
 </tr>
@@ -2234,6 +2281,19 @@ bool
 and allow interactive shell in case of emergency.</p>
 </td>
 </tr>
+<tr>
+<td>
+<code>branchPlanner</code><br>
+<em>
+<a href="#infra.contrib.fluxcd.io/v1alpha2.BranchPlanner">
+BranchPlanner
+</a>
+</em>
+</td>
+<td>
+<p>BarnchPlanner configuration.</p>
+</td>
+</tr>
 </tbody>
 </table>
 </div>

docs/References/terraform.md

@@ -0,0 +1,14 @@
+package provider
+
+type Change struct {
+	Path         string
+	PreviousPath string
+	Patch        string
+	Sha          string
+	Additions    int
+	Deletions    int
+	Changes      int
+	Added        bool
+	Renamed      bool
+	Deleted      bool
+}

internal/git/provider/change.go

@@ -21,6 +21,32 @@ type GitHubProvider struct {
 	client   *scm.Client
 }
 
+func (p *GitHubProvider) ListPullRequestChanges(ctx context.Context, pr PullRequest) ([]Change, error) {
+	changes := []Change{}
+
+	changeList, _, err := p.client.PullRequests.ListChanges(ctx, pr.Repository.String(), pr.Number, &scm.ListOptions{})
+	if err != nil {
+		return changes, fmt.Errorf("unable to list pull request changes: %w", err)
+	}
+
+	for _, change := range changeList {
+		changes = append(changes, Change{
+			Path:         change.Path,
+			PreviousPath: change.PreviousPath,
+			Patch:        change.Patch,
+			Sha:          change.Sha,
+			Additions:    change.Additions,
+			Deletions:    change.Deletions,
+			Changes:      change.Changes,
+			Added:        change.Added,
+			Renamed:      change.Renamed,
+			Deleted:      change.Deleted,
+		})
+	}
+
+	return changes, nil
+}
+
 func (p *GitHubProvider) ListPullRequests(ctx context.Context, repo Repository) ([]PullRequest, error) {
 	prList, _, err := p.client.PullRequests.List(ctx, repo.String(), &scm.PullRequestListOptions{})
 	if err != nil {

internal/git/provider/github_provider.go

@@ -2,11 +2,12 @@ package provider
 
 import (
 	"fmt"
+	"time"
+
 	"github.com/go-logr/logr"
 	giturl "github.com/kubescape/go-git-url"
 	giturlapis "github.com/kubescape/go-git-url/apis"
 	"golang.org/x/net/context"
-	"time"
 )
 
 type ProviderType string
@@ -25,6 +26,7 @@ type Provider interface {
 	AddCommentToPullRequest(ctx context.Context, repo PullRequest, body []byte) (*Comment, error)
 	GetLastComments(ctx context.Context, pr PullRequest, since time.Time) ([]*Comment, error)
 	UpdateCommentOfPullRequest(ctx context.Context, pr PullRequest, commentID int, body []byte) error
+	ListPullRequestChanges(ctx context.Context, pr PullRequest) ([]Change, error)
 
 	SetLogger(logr.Logger) error
 	SetToken(tokenType, token string) error

internal/git/provider/provider.go

@@ -70,8 +70,8 @@ func expectToSucceed(g gomega.Gomega, arg interface{}) {
 	g.ExpectWithOffset(1, arg).To(gomega.Succeed())
 }
 
-func expectToEqual(g gomega.Gomega, arg interface{}, expect interface{}) {
-	g.ExpectWithOffset(1, arg).To(gomega.Equal(expect))
+func expectToEqual(g gomega.Gomega, arg interface{}, expect interface{}, desc ...interface{}) {
+	g.ExpectWithOffset(1, expect).To(gomega.Equal(arg), desc...)
 }
 
 // Minimal test to check the scaffolding works.