{"id":19399902,"url":"https://github.com/pipe-cd/actions-plan-preview","last_synced_at":"2025-11-18T02:03:16.789Z","repository":{"id":41821654,"uuid":"382981703","full_name":"pipe-cd/actions-plan-preview","owner":"pipe-cd","description":"An action that comments PipeCD's PlanPreview result on GitHub pull request","archived":false,"fork":false,"pushed_at":"2025-09-24T07:15:01.000Z","size":646,"stargazers_count":16,"open_issues_count":0,"forks_count":8,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-09-24T09:13:54.892Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://pipecd.dev/docs/user-guide/plan-preview","language":"Dockerfile","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pipe-cd.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2021-07-05T01:21:58.000Z","updated_at":"2025-09-24T07:12:30.000Z","dependencies_parsed_at":"2023-12-07T12:25:00.347Z","dependency_job_id":"64e5a7bd-5543-4935-be8b-dcad277645c2","html_url":"https://github.com/pipe-cd/actions-plan-preview","commit_stats":{"total_commits":43,"total_committers":4,"mean_commits":10.75,"dds":"0.11627906976744184","last_synced_commit":"0eaa0c6cda214327fc0770640eee0dca93f81e3c"},"previous_names":[],"tags_count":20,"template":false,"template_full_name":null,"purl":"pkg:github/pipe-cd/actions-plan-preview","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pipe-cd%2Factions-plan-preview","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pipe-cd%2Factions-plan-preview/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pipe-cd%2Factions-plan-preview/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pipe-cd%2Factions-plan-preview/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pipe-cd","download_url":"https://codeload.github.com/pipe-cd/actions-plan-preview/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pipe-cd%2Factions-plan-preview/sbom","scorecard":{"id":735074,"data":{"date":"2025-08-11","repo":{"name":"github.com/pipe-cd/actions-plan-preview","commit":"2e8e598e3983e288a42420bf5a5851e16e844258"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.7,"checks":[{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":5,"reason":"Found 10/18 approved changesets -- score normalized to 5","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Maintained","score":4,"reason":"5 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Pinned-Dependencies","score":10,"reason":"all dependencies are pinned","details":["Info:   1 out of   1 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 24 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-22T15:31:21.914Z","repository_id":41821654,"created_at":"2025-08-22T15:31:21.914Z","updated_at":"2025-08-22T15:31:21.914Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":284988465,"owners_count":27095952,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-11-18T02:00:05.759Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-10T11:12:08.497Z","updated_at":"2025-11-18T02:03:16.783Z","avatar_url":"https://github.com/pipe-cd.png","language":"Dockerfile","funding_links":[],"categories":[],"sub_categories":[],"readme":"# actions-plan-preview\n\nAn action that comments PipeCD's PlanPreview result on GitHub pull request. This action can be used for all application kinds: Kubernetes, Terraform, CloudRun, Lambda, Amazon ECS.\n\nSee https://pipecd.dev/docs/user-guide/plan-preview/ for more details about this feature.\n\n**NOTE**: The source code of this GitHub Action is placing under the tool directory of of [pipe-cd/pipecd](https://github.com/pipe-cd/pipecd/tree/master/tool) repository. If you want to make a pull request or raise an issue, please send it to [pipe-cd/pipecd](https://github.com/pipe-cd/pipecd) repository.\n\n## Screenshots\n\n- Plan-preview comment shows the diff of an Kubernetes application\n\n![](/assets/plan-preview-comment-kubernetes.png)\n\n- Plan-preview comment shows the diff of an Terraform application\n\n![](/assets/plan-preview-comment-terraform.png)\n\n## Usage\n\nBy adding the following workflow to your `.github` directory (eg: `.github/workflows/plan-preview.yaml`) you will have:\n\n- The result of plan-preview will be automatically commented on pull request when it is opened or updated \n- You can leave a `/pipecd plan-preview` comment on pull request to trigger a plan-preview manually\n\n\n``` yaml\nname: PipeCD\n\non:\n  pull_request:\n    branches:\n      - main\n    types: [opened, synchronize, reopened]\n  issue_comment:\n    types: [created]\n\njobs:\n  plan-preview:\n    name: Plan Preview\n    runs-on: ubuntu-latest\n    if: \"github.event_name == 'pull_request'\"\n    steps:\n      - uses: pipe-cd/actions-plan-preview@v1.7.5\n        with:\n          address: ${{ secrets.PIPECD_API_ADDRESS }}\n          api-key: ${{ secrets.PIPECD_PLAN_PREVIEW_API_KEY }}\n          token: ${{ secrets.GITHUB_TOKEN }}\n\n  plan-preview-on-comment:\n    name: Plan Preview\n    runs-on: ubuntu-latest\n    if: \"github.event_name == 'issue_comment' \u0026\u0026 github.event.issue.pull_request \u0026\u0026 startsWith(github.event.comment.body, '/pipecd plan-preview')\"\n    steps:\n      - uses: pipe-cd/actions-plan-preview@v1.7.5\n        with:\n          address: ${{ secrets.PIPECD_API_ADDRESS }}\n          api-key: ${{ secrets.PIPECD_PLAN_PREVIEW_API_KEY }}\n          token: ${{ secrets.GITHUB_TOKEN }}\n```\n\n## Inputs\n\n| Name                            | Description                                                                                       | Required | Default Value |\n|---------------------------------|---------------------------------------------------------------------------------------------------|:--------:|:-------------:|\n| address                         | The API address of PipeCD's control-plane.                                                        |    yes   |               |\n| api-key                         | The API key with READ_WRITE role used by pipectl while communicating with PipeCD's control-plane. |    yes   |               |\n| token                           | The GITHUB_TOKEN secret.                                                                          |    yes   |               |\n| timeout                         | Maximum amount of time to run.                                                                    |    no    | 5m            |\n| piped-handle-timeout            | Maximum amount of time to wait for piped handle the plan preview.                                 |    no    | 5m            |\n| sort-label-keys                 | The application label keys to sort the results by.                                                |    no    | \"\"            |\n| title                           | The title shown at the top of the result comment to distinguish results from multiple projects.   |    no    | \"\"            |\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpipe-cd%2Factions-plan-preview","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpipe-cd%2Factions-plan-preview","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpipe-cd%2Factions-plan-preview/lists"}