Launch a Render Deploy (#3)

* Update

* Use the installation script

Author: scottnuma

.github/workflows/example.yaml

@@ -4,18 +4,21 @@ name: example
 on:
   # Allows you to trigger this workflow via the GitHub API
   workflow_dispatch:
-
-env:
-  GIT_SHA: ${{ github.event.pull_request.head.sha || github.sha }}
+    inputs:
+      serviceID:
+        type: string
+        description: 'Render Service ID to deploy (e.g. srv-xxx)'
 
 jobs:
-  print-trigger-info:
+  deploy-service:
     runs-on: ubuntu-latest
     steps:
-    - name: checkout
-      uses: actions/checkout@v4
-      with:
-        ref: ${{ env.GIT_SHA }}
-    - name: Print Info
-      run: |
-        echo "hello"
+      - name: Install Render CLI
+        run: |
+          curl -fsSL https://raw.githubusercontent.com/render-oss/cli/refs/heads/main/bin/install.sh | sh
+      - name: Create Deploy
+        env:
+          RENDER_API_KEY: ${{ secrets.RENDER_API_KEY }}
+          CI: true
+        run: |
+          render deploys create ${{ inputs.serviceID }} --output json --confirm

README.md

@@ -1,21 +1,20 @@
 # Example to Trigger GitHub Actions from a Render Webhook
 
-This example triggers a GitHub Action workflow when a deploy ended webhook is received for a specific service.
+This example triggers a GitHub Action workflow that creates a deploy when a deploy ended webhook is received for a specific service.
 
 ## Deploy to Render
 
 1. Use the button below to deploy to Render </br>
 <a href="https://render.com/deploy?repo=https://github.com/render-examples/webhook-github-action/tree/main"><img src="https://render.com/images/deploy-to-render-button.svg" alt="Deploy to Render"></a>
 
-2. Follow [instructions](https://render.com/docs/webhooks) to create a webhook with the URL from your service and `/webhook` path
-3. Follow [instructions](https://render.com/docs/api#1-create-an-api-key) to create a Render API Key
-4. Follow [instructions](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#creating-a-fine-grained-personal-access-token) to create a GitHub api token with read/write permissions for `Actions`
-5. Create a github workflow with a dispatch trigger as shown in the [example](./.github/workflows/example.yaml)
-6. Set the following env vars
-   - `RENDER_WEBHOOK_SECRET` environment variable to the secret from the webhook created in step 2
-   - `RENDER_API_KEY` to the key created in step 3
-   - `GITHUB_API_TOKEN` to the token created in step 4
+2. Set the following environment variables:
    - `GITHUB_OWNER_NAME` to the owner of the GitHub repo the workflow is in (ex. `render-examples`)
    - `GITHUB_REPO_NAME` to the GitHub repo the workflow is in (ex. `webhook-github-action`)
    - `GITHUB_WORKFLOW_ID` to the ID or filename of the workflow to trigger (ex. `example.yaml`)
-7. Trigger a service deploy and watch the GitHub workflow get triggered.
+
+3. Follow the [Render documentation](https://render.com/docs/webhooks) to create a webhook with the URL from your service and `/webhook` path that is triggered upon only the `DeployEnded` event. Save the signing secret as the `RENDER_WEBHOOK_SECRET` environment variable.
+4. Follow the [Render documentation](https://render.com/docs/api#1-create-an-api-key) to create a Render API Key. Save the key as the `RENDER_API_KEY` environment variable.
+5. Follow [the GitHub documentation](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository) to create a GitHub Action secret named `RENDER_API_KEY` in your GitHub repo with the Render API key you created.
+6. Follow [the GitHub documentation](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#creating-a-fine-grained-personal-access-token) to create a GitHub API token with read/write permissions for `Actions`. Save the token as the `GITHUB_API_TOKEN` environment variable.
+7. Create a GitHub workflow with a dispatch trigger as shown in the [example](./.github/workflows/example.yaml)
+8. Trigger a service deploy and watch the GitHub workflow get triggered.

app.ts

@@ -7,14 +7,30 @@ const app = express();
 const port = process.env.PORT || 3001;
 const renderWebhookSecret = process.env.RENDER_WEBHOOK_SECRET || '';
 
+if (!renderWebhookSecret ) {
+    console.error("Error: RENDER_WEBHOOK_SECRET is not set.");
+    process.exit(1);
+}
+
 const renderAPIURL = process.env.RENDER_API_URL || "https://api.render.com/v1"
 
 // To create a Render API token, follow instructions here: https://render.com/docs/api#1-create-an-api-key
-const renderAPIToken = process.env.RENDER_API_TOKEN || '';
+const renderAPIToken = process.env.RENDER_API_KEY || '';
+
+if (!renderAPIToken) {
+    console.error("Error: RENDER_API_KEY is not set.");
+    process.exit(1);
+}
 
 const githubAPIToken = process.env.GITHUB_API_TOKEN || '';
 const githubOwnerName = process.env.GITHUB_OWNER_NAME || '';
 const githubRepoName = process.env.GITHUB_REPO_NAME || '';
+
+if (!githubAPIToken || !githubOwnerName || !githubRepoName) {
+		console.error("Error: GITHUB_API_TOKEN, GITHUB_OWNER_NAME, or GITHUB_REPO_NAME is not set.");
+		process.exit(1);
+}
+
 const githubWorkflowID = process.env.GITHUB_WORKFLOW_ID || 'example.yaml';
 
 const octokit = new Octokit({
@@ -45,6 +61,10 @@ app.use((err: any, req: Request, res: Response, next: NextFunction) => {
     }
 });
 
+app.get('/', (req: Request, res: Response) => {
+  res.send('Render Webhook GitHub Action is listening!')
+})
+
 const server = app.listen(port, () => console.log(`Example app listening on port ${port}!`));
 
 function validateWebhook(req: Request) {
@@ -62,6 +82,7 @@ async function handleWebhook(payload: WebhookPayload) {
     try {
         switch (payload.type) {
             case "deploy_ended":
+                console.log("handling deploy_ended event")
                 const event = await fetchEventInfo(payload)
 
                 // TODO add human readable status
@@ -84,7 +105,7 @@ async function handleWebhook(payload: WebhookPayload) {
                 }
 
                 console.log(`triggering github workflow for ${githubOwnerName}/${githubRepoName} for ${service.name}`)
-                await triggerWorkflow(service.name, service.branch)
+                await triggerWorkflow(service.id, service.branch)
                 return
             default:
                 console.log(`unhandled webhook type ${payload.type} for service ${payload.data.serviceId}`)
@@ -94,14 +115,14 @@ async function handleWebhook(payload: WebhookPayload) {
     }
 }
 
-async function triggerWorkflow(serviceName: string, branch: string) {
+async function triggerWorkflow(serviceID: string, branch: string) {
     await octokit.request('POST /repos/{owner}/{repo}/actions/workflows/{workflow_id}/dispatches', {
         owner: githubOwnerName,
         repo: githubRepoName,
         workflow_id: githubWorkflowID,
         ref: branch,
         inputs: {
-            // service: serviceName
+            serviceID: serviceID
         },
         headers: {
             'X-GitHub-Api-Version': '2022-11-28'
@@ -113,21 +134,23 @@ async function triggerWorkflow(serviceName: string, branch: string) {
 // some events have additional information that isn't in the webhook payload
 // for example, deploy events have the deploy id
 async function fetchEventInfo(payload: WebhookPayload): Promise<RenderEvent> {
+    const url = `${renderAPIURL}/events/${payload.data.id}`
+		console.log(`fetching event info at ${url}`)
     const res = await fetch(
-        `${renderAPIURL}/events/${payload.data.id}`,
+        url,
         {
-            method: "get",
+            method: "GET",
             headers: {
-                "Content-Type": "application/json",
-                Accept: "application/json",
-                Authorization: `Bearer ${renderAPIToken}`,
+                accept: "application/json",
+                authorization: `Bearer ${renderAPIToken}`,
             },
         },
     )
+
     if (res.ok) {
         return res.json()
     } else {
-        throw new Error(`unable to fetch event info; received code :${res.status.toString()}`)
+        throw new Error(`unable to fetch event info; received code ${res.status.toString()}`)
     }
 }
 

render.yaml

@@ -2,14 +2,20 @@ services:
 - type: web
   name: webhook-github-action
   runtime: node
-  repo: https://github.com/render-examples/webhook-github-action
-  branch: create-webhook-github-action
   plan: starter
   envVars:
+  - key: GITHUB_OWNER_NAME
+    sync: false
+  - key: GITHUB_REPO_NAME
+    sync: false
+  - key: GITHUB_WORKFLOW_ID
+    sync: false
   - key: RENDER_WEBHOOK_SECRET
     sync: false
   - key: RENDER_API_KEY
     sync: false
+  - key: GITHUB_API_TOKEN
+    sync: false
   region: oregon
   buildCommand: pnpm install && pnpm run build
   startCommand: pnpm run start