Changing workflow secrets.
This commit is contained in:
@@ -4,15 +4,15 @@ on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches-ignore:
|
||||
- 'main'
|
||||
- 'renovate/**'
|
||||
- "main"
|
||||
- "renovate/**"
|
||||
paths:
|
||||
- '**/docker-compose.yml'
|
||||
- '**/pr-docker-deploy.yml'
|
||||
- "**/docker-compose.yml"
|
||||
- "**/pr-docker-deploy.yml"
|
||||
|
||||
env:
|
||||
HC_VAULT_VERSION: '1.20.0'
|
||||
TEA_VERSION: '0.10.1'
|
||||
HC_VAULT_VERSION: "1.20.0"
|
||||
TEA_VERSION: "0.10.1"
|
||||
|
||||
jobs:
|
||||
check-and-create-pr:
|
||||
@@ -42,16 +42,16 @@ jobs:
|
||||
- name: Gotify Notification
|
||||
uses: eikendev/gotify-action@master
|
||||
with:
|
||||
gotify_api_base: '${{ secrets.RIKKU_GOTIFY_URL }}'
|
||||
gotify_app_token: '${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}'
|
||||
notification_title: 'GITEA: PR Check'
|
||||
notification_message: 'Checking for existing PR... 🔍'
|
||||
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
|
||||
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
|
||||
notification_title: "GITEA: PR Check"
|
||||
notification_message: "Checking for existing PR... 🔍"
|
||||
|
||||
- name: Check if open PR exists
|
||||
id: check-opened-pr-step
|
||||
continue-on-error: true
|
||||
run: |
|
||||
tea login add --name gitea-rinoa --url "${{ secrets.RIKKU_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }}
|
||||
tea login add --name gitea-rinoa --url "${{ secrets.TREZ_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }}
|
||||
pr_exists=$(tea pr list --repo ${{ github.repository }} --state open --fields index,title,head | egrep '\[HA\].*${{ github.ref_name }}' | tail -1 | wc -l)
|
||||
echo "exists=$pr_exists" >> $GITHUB_OUTPUT
|
||||
|
||||
@@ -66,10 +66,10 @@ jobs:
|
||||
- name: Gotify Notification
|
||||
uses: eikendev/gotify-action@master
|
||||
with:
|
||||
gotify_api_base: '${{ secrets.RIKKU_GOTIFY_URL }}'
|
||||
gotify_app_token: '${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}'
|
||||
notification_title: 'GITEA: PR Check'
|
||||
notification_message: 'PR Created 🎟️'
|
||||
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
|
||||
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
|
||||
notification_title: "GITEA: PR Check"
|
||||
notification_message: "PR Created 🎟️"
|
||||
|
||||
generate-service-list:
|
||||
name: Generate list of added/modified/deleted services
|
||||
@@ -88,10 +88,10 @@ jobs:
|
||||
- name: Gotify Notification
|
||||
uses: eikendev/gotify-action@master
|
||||
with:
|
||||
gotify_api_base: '${{ secrets.RIKKU_GOTIFY_URL }}'
|
||||
gotify_app_token: '${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}'
|
||||
notification_title: 'GITEA: Services TBD'
|
||||
notification_message: 'Generating list of services to deploy...'
|
||||
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
|
||||
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
|
||||
notification_title: "GITEA: Services TBD"
|
||||
notification_message: "Generating list of services to deploy..."
|
||||
|
||||
- name: Save both versions of docker-compose.yml
|
||||
run: |
|
||||
@@ -137,7 +137,7 @@ jobs:
|
||||
needs: [generate-service-list]
|
||||
runs-on: ubuntu-latest
|
||||
env:
|
||||
VAULT_ADDR: ${{ secrets.RIKKU_VAULT_ADDR }}
|
||||
VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }}
|
||||
VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
|
||||
VAULT_NAMESPACE: ""
|
||||
RIKKU_REGISTRY_PASSWORD: ${{ secrets.BOT_GITEA_PASSWORD }}
|
||||
@@ -172,10 +172,10 @@ jobs:
|
||||
- name: Gotify Notification
|
||||
uses: eikendev/gotify-action@master
|
||||
with:
|
||||
gotify_api_base: '${{ secrets.RIKKU_GOTIFY_URL }}'
|
||||
gotify_app_token: '${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}'
|
||||
notification_title: 'GITEA: Docker Compose Dry Run @ Rikku'
|
||||
notification_message: 'Starting Docker Compose dry run...'
|
||||
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
|
||||
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
|
||||
notification_title: "GITEA: Docker Compose Dry Run @ Rikku"
|
||||
notification_message: "Starting Docker Compose dry run..."
|
||||
|
||||
- name: Generate .env file for Docker Compose
|
||||
run: |
|
||||
@@ -186,13 +186,13 @@ jobs:
|
||||
with:
|
||||
mode: compose
|
||||
file: docker-compose.yml
|
||||
name: 'rikku'
|
||||
name: "rikku"
|
||||
host: 192.168.1.252
|
||||
user: pi
|
||||
ssh_key: ${{ secrets.RIKKU_SSH_PRIVATE_KEY }}
|
||||
ssh_key: ${{ secrets.RUNNER_SSH_PRIVATE_KEY }}
|
||||
args: --remove-orphans -d --dry-run ${{ needs.generate-service-list.outputs.svc_deploy_list }}
|
||||
env_file: '.env'
|
||||
registry_host: 'ghcr.io'
|
||||
env_file: ".env"
|
||||
registry_host: "ghcr.io"
|
||||
registry_user: TrezOne
|
||||
registry_pass: ${{ secrets.GHCR_LOGIN_TOKEN }}
|
||||
summary: true
|
||||
@@ -200,10 +200,10 @@ jobs:
|
||||
- name: Gotify Notification
|
||||
uses: eikendev/gotify-action@master
|
||||
with:
|
||||
gotify_api_base: '${{ secrets.RIKKU_GOTIFY_URL }}'
|
||||
gotify_app_token: '${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}'
|
||||
notification_title: 'GITEA: Docker Compose Dry Run @ Rikku'
|
||||
notification_message: 'Docker Compose dry run completed successfully.'
|
||||
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
|
||||
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
|
||||
notification_title: "GITEA: Docker Compose Dry Run @ Rikku"
|
||||
notification_message: "Docker Compose dry run completed successfully."
|
||||
|
||||
regenerate-readme-modified-services:
|
||||
name: Update README & Generate List of Modified Services
|
||||
@@ -219,10 +219,10 @@ jobs:
|
||||
- name: Gotify Notification
|
||||
uses: eikendev/gotify-action@master
|
||||
with:
|
||||
gotify_api_base: '${{ secrets.RIKKU_GOTIFY_URL }}'
|
||||
gotify_app_token: '${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}'
|
||||
notification_title: 'GITEA: README Update'
|
||||
notification_message: 'Updating README...'
|
||||
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
|
||||
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
|
||||
notification_title: "GITEA: README Update"
|
||||
notification_message: "Updating README..."
|
||||
|
||||
- name: Generate service list
|
||||
run: |
|
||||
@@ -250,14 +250,19 @@ jobs:
|
||||
- name: Gotify Notification
|
||||
uses: eikendev/gotify-action@master
|
||||
with:
|
||||
gotify_api_base: '${{ secrets.RIKKU_GOTIFY_URL }}'
|
||||
gotify_app_token: '${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}'
|
||||
notification_title: 'GITEA: README Update'
|
||||
notification_message: 'README updated'
|
||||
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
|
||||
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
|
||||
notification_title: "GITEA: README Update"
|
||||
notification_message: "README updated"
|
||||
|
||||
pr-merge:
|
||||
name: PR Merge
|
||||
needs: [generate-service-list, docker-compose-dry-run, regenerate-readme-modified-services]
|
||||
needs:
|
||||
[
|
||||
generate-service-list,
|
||||
docker-compose-dry-run,
|
||||
regenerate-readme-modified-services,
|
||||
]
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
@@ -280,7 +285,7 @@ jobs:
|
||||
- name: PR Merge
|
||||
id: pr_merge
|
||||
run: |
|
||||
tea login add --name gitea-rinoa --url ${{ secrets.RIKKU_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }}
|
||||
tea login add --name gitea-rinoa --url ${{ secrets.TREZ_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }}
|
||||
tea login default gitea-rinoa
|
||||
echo "Merging PR..."
|
||||
pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --fields index,title,head,state --output csv | egrep ${{ github.ref_name }} | awk -F"," '{print $1}' | sed -e 's|"||g')
|
||||
@@ -290,17 +295,17 @@ jobs:
|
||||
- name: Gotify Notification
|
||||
uses: eikendev/gotify-action@master
|
||||
with:
|
||||
gotify_api_base: '${{ secrets.RIKKU_GOTIFY_URL }}'
|
||||
gotify_app_token: '${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}'
|
||||
notification_title: 'GITEA: PR Merge Successful'
|
||||
notification_message: 'PR #${{ steps.pr_merge.outputs.pr_index }} merged.'
|
||||
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
|
||||
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
|
||||
notification_title: "GITEA: PR Merge Successful"
|
||||
notification_message: "PR #${{ steps.pr_merge.outputs.pr_index }} merged."
|
||||
|
||||
docker-compose-deploy:
|
||||
name: Docker Compose Deployment
|
||||
runs-on: ubuntu-latest
|
||||
needs: [pr-merge]
|
||||
env:
|
||||
VAULT_ADDR: ${{ secrets.RIKKU_VAULT_ADDR }}
|
||||
VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }}
|
||||
VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
|
||||
RIKKU_REGISTRY_PASSWORD: ${{ secrets.BOT_GITEA_PASSWORD }}
|
||||
DOCKER_SVC_LIST: ${{ needs.generate-service-list.outputs.svc_deploy_list }}
|
||||
@@ -330,28 +335,28 @@ jobs:
|
||||
- name: Gotify Notification
|
||||
uses: eikendev/gotify-action@master
|
||||
with:
|
||||
gotify_api_base: '${{ secrets.RIKKU_GOTIFY_URL }}'
|
||||
gotify_app_token: '${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}'
|
||||
notification_title: 'GITEA: Docker Compose Deployment @ Rikku'
|
||||
notification_message: 'Starting Docker Compose run...'
|
||||
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
|
||||
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
|
||||
notification_title: "GITEA: Docker Compose Deployment @ Rikku"
|
||||
notification_message: "Starting Docker Compose run..."
|
||||
|
||||
- name: Generate .env file for deployment
|
||||
run: |
|
||||
vault kv get -format=json rikku-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env
|
||||
echo ${DOCKER_SVC_LIST}
|
||||
vault kv get -format=json rikku-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env
|
||||
echo ${DOCKER_SVC_LIST}
|
||||
|
||||
- name: Docker Compose Deployment
|
||||
uses: cssnr/stack-deploy-action@d58b92bcd776afc57ef12f55bafff71200fd218e # v1.4.0
|
||||
with:
|
||||
mode: compose
|
||||
file: docker-compose.yml
|
||||
name: 'rikku'
|
||||
name: "rikku"
|
||||
host: 192.168.1.252
|
||||
user: pi
|
||||
ssh_key: ${{ secrets.RIKKU_SSH_PRIVATE_KEY }}
|
||||
ssh_key: ${{ secrets.RUNNER_SSH_PRIVATE_KEY }}
|
||||
args: --remove-orphans -d ${{ needs.generate-service-list.outputs.svc_deploy_list }}
|
||||
env_file: '.env'
|
||||
registry_host: 'ghcr.io'
|
||||
env_file: ".env"
|
||||
registry_host: "ghcr.io"
|
||||
registry_user: TrezOne
|
||||
registry_pass: ${{ secrets.GHCR_LOGIN_TOKEN }}
|
||||
summary: true
|
||||
@@ -370,7 +375,7 @@ jobs:
|
||||
- name: Gotify Notification
|
||||
uses: eikendev/gotify-action@master
|
||||
with:
|
||||
gotify_api_base: '${{ secrets.RIKKU_GOTIFY_URL }}'
|
||||
gotify_app_token: '${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}'
|
||||
notification_title: 'GITEA: Docker Compose Deployment @ Rikku'
|
||||
notification_message: 'Deployment completed successfully.'
|
||||
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
|
||||
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
|
||||
notification_title: "GITEA: Docker Compose Deployment @ Rikku"
|
||||
notification_message: "Deployment completed successfully."
|
||||
|
||||
@@ -10,7 +10,7 @@ on:
|
||||
- "**/docker-compose.yml"
|
||||
|
||||
env:
|
||||
VAULT_ADDR: ${{ secrets.RIKKU_VAULT_ADDR }}
|
||||
VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }}
|
||||
VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
|
||||
HC_VAULT_VERSION: "1.18.0"
|
||||
|
||||
@@ -93,8 +93,8 @@ jobs:
|
||||
- name: Gotify Notification
|
||||
uses: eikendev/gotify-action@master
|
||||
with:
|
||||
gotify_api_base: "${{ secrets.RIKKU_GOTIFY_URL }}"
|
||||
gotify_app_token: "${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}"
|
||||
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
|
||||
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
|
||||
notification_title: "GITEA: [RENOVATE] Docker Compose Deployment @ Rikku"
|
||||
notification_message: "Starting Docker Compose run..."
|
||||
|
||||
@@ -106,7 +106,7 @@ jobs:
|
||||
name: "rikku"
|
||||
host: 192.168.1.252
|
||||
user: pi
|
||||
ssh_key: ${{ secrets.RIKKU_SSH_PRIVATE_KEY }}
|
||||
ssh_key: ${{ secrets.RUNNER_SSH_PRIVATE_KEY }}
|
||||
args: --remove-orphans -d ${{ needs.generate-service-list.outputs.svc_deploy_list }}
|
||||
env_file: ".env"
|
||||
registry_host: "ghcr.io"
|
||||
@@ -128,7 +128,7 @@ jobs:
|
||||
- name: Gotify Notification
|
||||
uses: eikendev/gotify-action@master
|
||||
with:
|
||||
gotify_api_base: "${{ secrets.RIKKU_GOTIFY_URL }}"
|
||||
gotify_app_token: "${{ secrets.RIKKU_RUNNER_GOTIFY_TOKEN }}"
|
||||
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
|
||||
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
|
||||
notification_title: "GITEA: [RENOVATE] Docker Compose Deployment @ Rikku"
|
||||
notification_message: "Deployment completed successfully."
|
||||
|
||||
Reference in New Issue
Block a user