.gitea/workflows/pr-cloudflare-docker-deploy.yml

@@ -58,26 +58,25 @@ jobs:
           gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
           notification_title: 'GITEA: PR Check'
           notification_message: 'PR Created 🎟️'
-  docker-compose-dry-run:
-    name: Docker Compose Dry Run
-    needs: [check-and-create-pr]
+  generate-service-list:
+    name: Generate list of added/modified/deleted services
     runs-on: ubuntu-latest
-    env:
-      VAULT_ADDR: ${{ secrets.RINOA_VAULT_ADDR }}
-      VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
-      VAULT_NAMESPACE: ""
-      RINOA_REGISTRY_PASSWORD: ${{ secrets.BOT_GITEA_PASSWORD }}
+    needs: [check-and-create-pr]
     outputs:
-      svc_deploy_list: ${{ steps.modded_svcs.outputs.rinoa_svcs }}
+      svc_deploy_list: ${{ steps.detected_services.outputs.docker_svc_list }}
     steps:
       - name: Checkout
         uses: actions/checkout@v4
       - name: Fetch base branch
         run: |
           git fetch origin ${{ github.event.pull_request.base.ref }}
-      - name: Login to Gitea Container Registry
-        run: |
-          docker login -u gitea-sonarqube-bot -p ${RINOA_REGISTRY_PASSWORD} git.trez.wtf
+      - name: Gotify Notification
+        uses: eikendev/gotify-action@master
+        with:
+          gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
+          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
+          notification_title: 'GITEA: Services TBD'
+          notification_message: 'Generating list of services to deploy...'
       - name: Save both versions of docker-compose.yml
         run: |
           git show origin/main:docker-compose.yml > docker-compose-main.yml || touch docker-compose-main.yml
@@ -107,8 +106,27 @@ jobs:
           echo "Detected service changes:"
           cat service_changes.txt
 
-          svc_list=$(paste -sd '|' service_changes.txt)
-          echo "classified_services=$svc_list" >> "$GITHUB_OUTPUT"
+          temp_svc_list=$(paste -sd '|' service_changes.txt)
+          mod_svcs=$(echo "${temp_svc_list}" | sed -e 's/|//g' -e 's/: \(add\|modifi\|delet\)ed/ /g')
+          echo "docker_svc_list=$mod_svcs" >> "$GITHUB_OUTPUT"
+      - name: Testing service list output
+        run: |
+          echo ${{ steps.detected_services.outputs.docker_svc_list }}
+  docker-compose-dry-run:
+    name: Docker Compose Dry Run
+    needs: [generate-service-list]
+    runs-on: ubuntu-latest
+    env:
+      VAULT_ADDR: ${{ secrets.RINOA_VAULT_ADDR }}
+      VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
+      VAULT_NAMESPACE: ""
+      RINOA_REGISTRY_PASSWORD: ${{ secrets.BOT_GITEA_PASSWORD }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Login to Gitea Container Registry
+        run: |
+          docker login -u gitea-sonarqube-bot -p ${RINOA_REGISTRY_PASSWORD} git.trez.wtf
       - name: Install Vault
         uses: cpanato/vault-installer@main
       - name: Gotify Notification
@@ -118,37 +136,18 @@ jobs:
           gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
           notification_title: 'GITEA: Docker Compose Dry Run @ Rinoa'
           notification_message: 'Starting Docker Compose dry run...'
-      - name: Cache .env Files
-        uses: actions/cache@v4
-        with:
-          path: .env
-          key: ${{ runner.os }}-env-${{ hashFiles('docker-compose.yml') }}
-      - name: Generate modified services list & .env file for Docker Compose Dry Run
-        id: modded_svcs
+      - name: Generate .env file for Docker Compose
         run: |
-          mod_svcs=$(echo "${{ steps.detect_services.outputs.classified_services }}" | sed -e 's/|//g' -e 's/: \(add\|modifi\|delet\)ed/ /g')
-          echo ${mod_svcs}
           vault kv get -format=json rinoa-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env
-          echo "rinoa_svcs=${mod_svcs}" >> "$GITHUB_OUTPUT"
-      - name: Testing service list output
-        run: |
-          echo ${{ steps.modded_svcs.outputs.rinoa_svcs }}
       - name: Docker Compose Dry Run
-        timeout-minutes: 360
-        continue-on-error: true
-        uses: chaplyk/docker-compose-remote-action@v1.1
-        with:
-          ssh_host: 192.168.1.254
-          ssh_port: 22
-          ssh_user: gitea-deploy
-          ssh_key: ${{ secrets.RINOA_GITEA_PRIVATE_SSH_KEY }}
-          service: ${{ steps.modded_svcs.outputs.rinoa_svcs }}
-          compose_file: docker-compose.yml
-          pull: false
-          build: false
-          options: -d --remove-orphans
+        uses: hoverkraft-tech/compose-action@v2.2.0
         env:
           DOCKER_HOST: tcp://dockerproxy:2375
+        with:
+          services: ${{ needs.generate-service-list.outputs.svc_deploy_list }}
+          up-flags: -d --remove-orphans --dry-run
+          down-flags: --dry-run
+          compose-flags: --dry-run
       - name: Gotify Notification
         uses: eikendev/gotify-action@master
         with:
@@ -158,7 +157,7 @@ jobs:
           notification_message: 'Docker Compose dry run completed successfully.'
   cloudflare-dns-setup:
     name: Cloudflare DNS Setup
-    needs: [docker-compose-ansible-lints]
+    needs: [docker-compose-dry-run]
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
@@ -299,7 +298,7 @@ jobs:
   docker-compose-deploy:
     name: Docker Compose Deployment
     runs-on: ubuntu-latest
-    needs: [docker-compose-dry-run, pr-merge]
+    needs: [generate-service-list, docker-compose-dry-run, pr-merge]
     env:
       VAULT_ADDR: ${{ secrets.RINOA_VAULT_ADDR }}
       VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
@@ -333,21 +332,14 @@ jobs:
         run: |
            vault kv get -format=json rinoa-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env
       - name: Docker Compose Deployment
-        timeout-minutes: 360
-        continue-on-error: true
-        uses: chaplyk/docker-compose-remote-action@v1.1
+        uses: hoverkraft-tech/compose-action@v2.2.0
         env:
           DOCKER_HOST: tcp://dockerproxy:2375
         with:
-          ssh_host: 192.168.1.254
-          ssh_port: 22
-          ssh_user: gitea-deploy
-          ssh_key: ${{ secrets.RINOA_GITEA_PRIVATE_SSH_KEY }}
-          service: ${DOCKER_SVC_LIST}
-          compose_file: docker-compose.yml
-          pull: false
-          build: false
-          options: -d --remove-orphans
+          docker-flags: -H "$DOCKER_HOST"
+          services: ${{ needs.generate-service-list.outputs.svc_deploy_list }}
+          up-flags: -d --remove-orphans
+          down-flags: --dry-run
       - name: Gotify Notification
         uses: eikendev/gotify-action@master
         with:

docker-compose.yml

@@ -718,7 +718,7 @@ services:
     environment:
       DOCKER_HOST: tcp://dockerproxy:2375
       GID: 1000
-      BOUNCER_KEY_SWAG: ${CROWDSEC_API_KEY}
+      BOUNCER_KEY_SWAG: ${CROWDSEC_SWAG_API_KEY}
       COLLECTIONS: >-
         corvese/apache-guacamole
         crowdsecurity/home-assistant