auth0/auth0-deploy-cli

Add option to compare between local and deployed configurations

eladbs opened this issue · 3 comments

eladbs commented

Checklist

Describe the problem you'd like to have solved

Hi,
Today our CI/CD workflow with the deploy CLI tool is lacking the option to compare between the local and the deployed configuration.
We use gitops for publishing configuration to our tenants. Each new PR is reviewed against the deployed configuration and approved before being merged.
We want the ability to compare each of the files against the deployed version.
Need to support yaml, js and html.

Describe the ideal solution

Add the option to compare. For i.e., to run:

a0deploy compare --config_file=config.json --input-folder=~/local

This should result in a proper diff view of the changes between the configuration in the ~/local folder and the configuration deployed in the tenant.

Alternatives and current workarounds

There are 3rd party diff/compare tools but they lack support for the custom attribute mapping in the config and they are not context aware, just comparing text line by line.

Additional context

No response

@eladbs Solid idea but do you think this is different than #70?

eladbs commented

As I see it, #70 is more about to check if a configuration is valid, schema wise. I.e., can it be deployed with no errors.
Going over those large files to look if a change has been implemented correctly, and without affecting other configs, is hard.
This is especially true with mappings and exclusions (that behave differently in import/export b.t.w.).
For our CI/CD flow #70 is less important but I can see how it can help others.

If I may give an example of such tool, Kong Deck is one: https://docs.konghq.com/deck.
It supports both feature requests and more.

If you are willing to go the long road for this, you can always:

  1. Save your config.json into a secret manager
  2. Pull the config.json from secret manager to a temp folder
  3. Pull the tenant content using the dump method from the node module into the temp folder
  4. Compare your config.json (I prefer yaml, easier to compare) from the temp folder and the git-controlled folder using diff package
  5. Render the tenant.yaml with the keyword mappings programmatically in both your git-controlled folder and in the temp folder to circumvent the issue that the cli embeds some of the keyword mappings in the tenant.yaml and strip some of the others
  6. Compare both rendered tenant.yaml using diff package
  7. Compare both directories using dir-compare package

I did most of this, only to give up. But hey, if having the steps can help you do what you want, all the power to you.