name: 'Auto Deploy Finalize' description: 'Finalizes the deployment on the app server' inputs: ssh_key: description: 'SSH Private Key' required: true host: description: 'Remote App Host' required: true port: description: 'Remote SSH Port' required: true user: description: 'Remote User' required: true app_key: description: 'Application Key' required: true auto_deploy_path: description: 'Path to auto-deploy repo on remote' required: true auto_deploy_branch: description: 'Branch to checkout in auto-deploy repo' required: false default: 'main' runs: using: 'composite' steps: - name: SSH Deploy Finalize shell: bash env: SSH_KEY: ${{ inputs.ssh_key }} DEPLOY_HOST: ${{ inputs.host }} DEPLOY_PORT: ${{ inputs.port }} DEPLOY_USER: ${{ inputs.user }} APP_KEY: ${{ inputs.app_key }} AUTO_DEPLOY_PATH: ${{ inputs.auto_deploy_path }} AUTO_DEPLOY_BRANCH: ${{ inputs.auto_deploy_branch }} run: | set -eu SSH_TMP_DIR="$(mktemp -d)" trap 'rm -rf "$SSH_TMP_DIR"' EXIT echo "$SSH_KEY" > "$SSH_TMP_DIR/id_rsa" chmod 600 "$SSH_TMP_DIR/id_rsa" ssh-keyscan -p "$DEPLOY_PORT" "$DEPLOY_HOST" > "$SSH_TMP_DIR/known_hosts" SSH_OPTS=( -i "$SSH_TMP_DIR/id_rsa" -o UserKnownHostsFile="$SSH_TMP_DIR/known_hosts" -o StrictHostKeyChecking=yes -p "$DEPLOY_PORT" ) ssh "${SSH_OPTS[@]}" "$DEPLOY_USER@$DEPLOY_HOST" \ "APP_KEY=$(printf '%q' "$APP_KEY") \ AUTO_DEPLOY_PATH=$(printf '%q' "$AUTO_DEPLOY_PATH") \ AUTO_DEPLOY_BRANCH=$(printf '%q' "$AUTO_DEPLOY_BRANCH") \ bash -se" << 'EOF' cd "$AUTO_DEPLOY_PATH" git checkout "$AUTO_DEPLOY_BRANCH" git pull --ff-only git submodule sync --recursive git submodule update --init --recursive echo "[remote] auto-deploy repo updated" ./common/deploy.sh finalize "$APP_KEY" echo "[remote] $APP_KEY deployment finalized" EOF