Skip to content

Add per-PR frontend preview environments#102

Merged
imol-ai merged 4 commits into
mainfrom
feat/pr-frontend-preview-envs
Jun 17, 2026
Merged

Add per-PR frontend preview environments#102
imol-ai merged 4 commits into
mainfrom
feat/pr-frontend-preview-envs

Conversation

@jschoedl

@jschoedl jschoedl commented Jun 17, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

Spins up a live preview of the web-client for every PR that touches the frontend, so reviewers get a clickable link.

  • On open/sync: builds the PR's web-client, pushes it to GHCR, and deploys it into the app namespace as web-client-pr-<N>.
  • Reuses the production spring-api (same namespace), so a preview is one ~50m/64Mi pod.
  • Posts a sticky comment with the URL: https://pr-<N>.devsecops.stud.k8s.aet.cit.tum.de/team-devsecops/.
  • Torn down (by preview-pr label) when the PR is closed.

Frontend-only by design — backend/DB changes aren't exercised (those are covered by per-service CI).

@jschoedl @claude
Add per-PR frontend preview environments
ffaad2c 
Deploy an ephemeral preview of the web-client for PRs touching the frontend.
On open/sync, the PR's web-client is built, pushed to GHCR, and deployed into a
preview-pr-<N> namespace; the production backend is reused via a spring-api
ExternalName alias, so it's one ~50m/64Mi pod against real data. A sticky
comment posts the per-PR URL (wildcard DNS + per-host Let's Encrypt). The
namespace is torn down when the PR is closed.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@jschoedl @claude
Deploy previews into the existing app namespace
4f67e7c 
The AET cluster token is namespace-scoped and cannot create namespaces, so the
per-PR-namespace approach failed with a Forbidden error. Deploy preview
resources into the existing `app` namespace instead, named/labelled per PR
(web-client-pr-<N>, preview-pr=<N>). The production spring-api Service is already
in this namespace, so the web-client's nginx proxy reaches it directly and the
ExternalName alias is dropped. Teardown deletes by the preview-pr label.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@jschoedl @claude
Emit only the preview URL on deploy.sh stdout
9591997 
The deploy step captures the script's stdout into a step output; kubectl's
"... created" lines made it multi-line and broke the key=value GITHUB_OUTPUT
format. Route command output to stderr (still shown in logs) and write only the
URL to fd 3 / stdout.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@github-actions

github-actions Bot commented Jun 17, 2026
edited
Loading

Copy link
Copy Markdown

🧹 The preview environment was removed because this PR was closed.

@jschoedl jschoedl closed this Jun 17, 2026
@jschoedl jschoedl reopened this Jun 17, 2026
@jschoedl jschoedl requested review from imol-ai and paulwiese June 17, 2026 15:06
imol-ai
imol-ai approved these changes Jun 17, 2026
View reviewed changes

@imol-ai imol-ai left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great!

@imol-ai imol-ai merged commit babcfe1 into main Jun 17, 2026
8 checks passed
@imol-ai imol-ai deleted the feat/pr-frontend-preview-envs branch June 17, 2026 22:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@imol-ai imol-ai imol-ai approved these changes

@paulwiese paulwiese Awaiting requested review from paulwiese

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jschoedl @imol-ai