95 lines
3.1 KiB
YAML
95 lines
3.1 KiB
YAML
name: 'Auto Deploy Stage'
|
|
description: 'Stages a new deployment on the app server'
|
|
inputs:
|
|
ssh_key:
|
|
description: 'SSH Private Key'
|
|
required: true
|
|
host:
|
|
description: 'Remote App Host'
|
|
required: true
|
|
port:
|
|
description: 'Remote SSH Port'
|
|
required: true
|
|
user:
|
|
description: 'Remote User'
|
|
required: true
|
|
harbor_user:
|
|
description: 'Harbor Username'
|
|
required: true
|
|
harbor_secret:
|
|
description: 'Harbor Secret'
|
|
required: true
|
|
harbor_host:
|
|
description: 'Docker Registry Host'
|
|
required: false
|
|
default: 'harbor.hclife.co'
|
|
image_tag:
|
|
description: 'Image Tag to deploy'
|
|
required: true
|
|
app_key:
|
|
description: 'Application Key'
|
|
required: true
|
|
auto_deploy_path:
|
|
description: 'Path to auto-deploy repo on remote'
|
|
required: true
|
|
auto_deploy_branch:
|
|
description: 'Branch to checkout in auto-deploy repo'
|
|
required: false
|
|
default: 'main'
|
|
runs:
|
|
using: 'composite'
|
|
steps:
|
|
- name: SSH Deploy Stage
|
|
shell: bash
|
|
env:
|
|
SSH_KEY: ${{ inputs.ssh_key }}
|
|
DEPLOY_HOST: ${{ inputs.host }}
|
|
DEPLOY_PORT: ${{ inputs.port }}
|
|
DEPLOY_USER: ${{ inputs.user }}
|
|
HARBOR_USER: ${{ inputs.harbor_user }}
|
|
HARBOR_SECRET: ${{ inputs.harbor_secret }}
|
|
HARBOR_HOST: ${{ inputs.harbor_host }}
|
|
IMAGE_TAG: ${{ inputs.image_tag }}
|
|
APP_KEY: ${{ inputs.app_key }}
|
|
AUTO_DEPLOY_PATH: ${{ inputs.auto_deploy_path }}
|
|
AUTO_DEPLOY_BRANCH: ${{ inputs.auto_deploy_branch }}
|
|
run: |
|
|
set -eu
|
|
|
|
SSH_TMP_DIR="$(mktemp -d)"
|
|
trap 'rm -rf "$SSH_TMP_DIR"' EXIT
|
|
|
|
echo "$SSH_KEY" > "$SSH_TMP_DIR/id_rsa"
|
|
chmod 600 "$SSH_TMP_DIR/id_rsa"
|
|
ssh-keyscan -p "$DEPLOY_PORT" "$DEPLOY_HOST" > "$SSH_TMP_DIR/known_hosts"
|
|
|
|
SSH_OPTS=(
|
|
-i "$SSH_TMP_DIR/id_rsa"
|
|
-o UserKnownHostsFile="$SSH_TMP_DIR/known_hosts"
|
|
-o StrictHostKeyChecking=yes
|
|
-p "$DEPLOY_PORT"
|
|
)
|
|
|
|
ssh "${SSH_OPTS[@]}" "$DEPLOY_USER@$DEPLOY_HOST" \
|
|
"APP_KEY=$(printf '%q' "$APP_KEY") \
|
|
IMAGE_TAG=$(printf '%q' "$IMAGE_TAG") \
|
|
HARBOR_USER=$(printf '%q' "$HARBOR_USER") \
|
|
HARBOR_SECRET=$(printf '%q' "$HARBOR_SECRET") \
|
|
HARBOR_HOST=$(printf '%q' "$HARBOR_HOST") \
|
|
AUTO_DEPLOY_PATH=$(printf '%q' "$AUTO_DEPLOY_PATH") \
|
|
AUTO_DEPLOY_BRANCH=$(printf '%q' "$AUTO_DEPLOY_BRANCH") \
|
|
bash -se" << 'EOF'
|
|
printf "%s" "$HARBOR_SECRET" | sudo /usr/bin/docker login "$HARBOR_HOST" -u "$HARBOR_USER" --password-stdin
|
|
echo "[remote] Harbor login succeeded"
|
|
cd "$AUTO_DEPLOY_PATH"
|
|
git checkout "$AUTO_DEPLOY_BRANCH"
|
|
git pull --ff-only
|
|
git submodule sync --recursive
|
|
git submodule update --init --recursive
|
|
echo "[remote] auto-deploy repo updated"
|
|
./common/deploy.sh deploy "$APP_KEY" "$IMAGE_TAG"
|
|
echo "[remote] $APP_KEY deploy staged with IMAGE_TAG=$IMAGE_TAG"
|
|
echo "[remote] current deployment status:"
|
|
./common/deploy.sh status "$APP_KEY" --format env
|
|
EOF
|