Files
rinoa-docker/.gitea/workflows/renovate-pr-deploy.yml
T

114 lines
4.0 KiB
YAML

name: Renovate Image Tag Deployment
on:
pull_request:
types: [closed]
branches:
- main
paths:
- "**/docker-compose.yml"
env:
HC_VAULT_VERSION: "1.18.0"
VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }}
VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
jobs:
deploy:
name: Renovate PR Deployment
if: |
github.event.pull_request.merged == true &&
github.event.pull_request.user.login == 'renovate-bot'
runs-on: ubuntu-latest
steps:
- name: Checkout full repository
uses: actions/checkout@v4
with:
fetch-depth: 0 # Required for branch diffing
- name: Install Vault
uses: cpanato/vault-installer@main
with:
version: ${{ env.HC_VAULT_VERSION }}
- name: Save both versions of docker-compose.yml
run: |
git show origin/main:docker-compose.yml > docker-compose-main.yml || touch docker-compose-main.yml
cp docker-compose.yml docker-compose-head.yml
- name: Detect services with changed image tags/digests
id: detect_services
run: |
echo "Getting services from main and ${{ github.ref_name }}"
# Get service names from both files
yq '.services | keys | .[]' docker-compose-main.yml | sort > services_main.txt
yq '.services | keys | .[]' docker-compose-head.yml | sort > services_head.txt
echo "Checking for image changes..."
touch service_changes.txt
# Only check services that exist in both files
comm -12 services_main.txt services_head.txt | while read service; do
img_main=$(yq -r ".services.\"$service\".image // empty" docker-compose-main.yml)
img_head=$(yq -r ".services.\"$service\".image // empty" docker-compose-head.yml)
if [ "$img_main" != "$img_head" ]; then
echo "$service: image_changed" >> service_changes.txt
fi
done
echo "Detected services with changed images:"
cat service_changes.txt
mod_svcs=$(cut -d':' -f1 service_changes.txt | sort | uniq)
echo "docker_svc_list<<EOF" >> "$GITHUB_OUTPUT"
echo "$mod_svcs" >> "$GITHUB_OUTPUT"
echo "EOF" >> "$GITHUB_OUTPUT"
- name: Stop if no image changes
if: steps.detect_services.outputs.docker_svc_list == ''
run: |
echo "No image tag/digest changes detected. Exiting."
exit 0
- name: Generate .env file for Docker Compose
run: |
vault kv get -format=json rinoa-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env
- name: Gotify Notification (Start)
uses: eikendev/gotify-action@master
with:
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
notification_title: "GITEA: [RENOVATE] Docker Compose Deployment @ Rinoa"
notification_message: "Starting Docker Compose run..."
- name: Docker Compose Deployment
uses: hoverkraft-tech/compose-action@v2.3.0
env:
DOCKER_HOST: tcp://dockerproxy:2375
with:
services: |
${{ steps.detect_services.outputs.docker_svc_list }}
up-flags: -d --remove-orphans --pull always
compose-flags: --profile rinoa-apps
- name: Docker Compose Healthcheck
id: health
uses: jaracogmbh/docker-compose-health-check-action@v1.0.0
with:
max-retries: 30
retry-interval: 10
compose-file: "docker-compose.yml"
skip-exited: "true"
skip-no-healthcheck: "true"
- name: Gotify Notification (Finish)
uses: eikendev/gotify-action@master
with:
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
notification_title: "GITEA: [RENOVATE] Docker Compose Deployment @ Rinoa"
notification_message: "Deployment completed successfully."