dryrun_diff: add HTML breakdown

README.md

@@ -38,7 +38,7 @@ The following commands are available in the Docker container (or Python installa
 * [manheim-c7n-runner](https://manheim-c7n-tools.readthedocs.io/en/latest/runner/) - A single entrypoint to wrap running one or more, or all, of the following steps (as well as `custodian` itself, `c7n-mailer` deploy, and Sphinx documentation build) in the proper order, in either run (real) or dryrun mode.
 * [policygen](https://manheim-c7n-tools.readthedocs.io/en/latest/policygen/) - The python script to generate the actual custodian YML config files from a configuration repo/directory, as well as handling layering of mailer template files. Must be run from a config repository directory.
 * [s3-archiver](https://manheim-c7n-tools.readthedocs.io/en/latest/s3archiver/) - Script to clean up custodian S3 buckets by moving logs from any deleted policies to an "archived-logs/" prefix.
-* [dryrun-diff](https://manheim-c7n-tools.readthedocs.io/en/latest/dryrun-diff/) - Script to compare the number of resources matched per-policy, per-region between a dryrun and the last actual run of each policy, and write the results to a Markdown file (to be added as a comment on the PR).
+* [dryrun-diff](https://manheim-c7n-tools.readthedocs.io/en/latest/dryrun-diff/) - Script to compare the number of resources matched per-policy, per-region between a dryrun and the last actual run of each policy, and write the results to a Markdown file (to be added as a comment on the PR). Optionally, a HTML report listing the affected resources in the dryrun can be generated when a jinja template is provided in the `./reporting-template` directory.
 * ``errorscan`` - Script using boto3 to examine CloudWatch Metrics, Logs, and SQS Dead Letter Queue for cloud-custodian Lambda functions, and alert on any failed executions, dead letters, etc.
 * c7n's built-in `mugc` Lambda garbage collection. This is vendored-in to manheim-c7n-tools, as c7n provides it only as a non-executable Python source file in their git repo.
 * c7n's `c7n-mailer` installed as a dependency for convenience.

docs/source/dryrun-diff.rst

@@ -9,3 +9,5 @@ Dryrun-Diff
 The ``dryrun-diff`` entrypoint (and corresponding ``manheim-c7n-tools`` step) must be run in a directory containing the ``dryrun/`` output directory from a custodian dry run. It parses the resource counts for each policy executed in each region during the dry run, then retrieves the logs from the last actual custodian run from S3. The matched resource counts are compared, and a markdown file is generated for use as a GitHub PR comment. This allows us to compare the impact of policy change pull requests.
 
 The generated markdown file will be written to ``./pr_diff.md`` in the current directory.
+
+If the ``dryrun-diff`` entrypoint has been run in a directory containing a jinja template located at ``./reporting-template/report.j2``, this template will be used to generate a detailed HTML report of which resources have been affected by policy changes. An example of a reporting jinja template can be found within the ``./example_config_repo`` folder at the root of the Manheim repository. The report will written to ``./pr_report.html`` in the current directory.

example_config_repo/reporting-template/report.j2

@@ -0,0 +1,73 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,300italic,700,700italic">
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/normalize.css">
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/milligram/1.3.0/milligram.css">
+    <title>Report: {{ account_name }}</title>
+  </head>
+  <body style="padding: 20px;">
+    <h2>Difference Report</h2>
+    <h3>Account: {{ account_name }}</h3>
+    <p>
+      This document is a break-down of all of the resources that are affected by the changes made within a certain policy.
+    </p>
+    <p>
+      Each section of this document is broken down by policy name, the region in which the policy was ran against, and the list of all of the affected resources.
+    </p>
+    <p>
+      You might find that the list of affected resources are highlighted in certain colors, with a marker placed against them. The table outlined below will tell you what each color and marker represents:
+    </p>
+    <table>
+      <th>Color</th>
+      <th>Marker</th>
+      <th>Explaination</th>
+      <th>Example</th>
+      <tr>
+        <td>Green</td>
+        <td>+</td>
+        <td>This outlines a resource that has been added by changes under this PR against the last run on master</td>
+        <td style="background-color: #98e8736b;padding-left: 10px;padding-right: 10px;"><code style="background: none;">+ arn://hellotherewowthisisanarn.ohcool.amazing</code></td>
+      </tr>
+      <tr>
+        <td>Red</td>
+        <td>-</td>
+        <td>This outlines a resource that has been removed by changes under this PR against the last run on master</td>
+        <td style="background-color: #e873736b;padding-left: 10px;padding-right: 10px;"><code style="background: none;">- arn://hellotherewowthisisanarn.ohcool.amazing</code></td>
+      </tr>
+      <tr>
+        <td>Grey</td>
+        <td>=</td>
+        <td>This outlines a resource that has remained in changes under this PR against the last run on master</td>
+        <td style="background-color: #fafafa;padding-left: 10px;padding-right: 10px;"><code style="background: none;">= arn://hellotherewowthisisanarn.ohcool.amazing</code></td>
+      </tr>
+    </table>
+    {% for policy, entry in entries.items() -%}
+    <h4> {{ policy }} </h4>
+    <ul>
+      {% for region, item in entry.items() -%}
+      <li>
+        <strong>{{ region }}</strong>
+        <code style="background-color: #98e8736b;">+ {{ item.total_add }}</code>
+        <code style="background-color: #e873736b;">- {{ item.total_remove }}</code>
+        <code style="background-color: #fafafa;">= {{ item.total_untouch }}</code>
+        <div style="padding: 15px 15px 0 15px;">
+          <table>
+            {% for r in item.resources -%}
+            {% if r.type == 'added' -%}
+            <tr style="background-color: #98e8736b;"><td style="padding-left: 10px;padding-right: 10px;"><code style="background: none;"> + {{ r.id }} </code></td></tr>
+            {% elif r.type == 'removed' -%}
+            <tr style="background-color: #e873736b;"><td style="padding-left: 10px;padding-right: 10px;"><code style="background: none;"> - {{ r.id }} </code></td></tr>
+            {% elif r.type == 'unchanged' -%}
+            <tr style="background-color: #fafafa;"><td style="padding-left: 10px;padding-right: 10px;"><code style="background: none;"> = {{ r.id }} </code></td></tr>
+            {%- endif %}
+            {%- endfor %}
+          </table>
+        </div>
+      </li>
+      {%- endfor %}
+    </ul>
+    {%- endfor %}
+  </body>
+</html>