41 lines
1.4 KiB
Markdown
41 lines
1.4 KiB
Markdown
<!--
|
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
# SPDX-FileCopyrightText: 2024 GregoryDosh
|
|
-->
|
|
|
|
# action-common-setup
|
|
|
|
A little composite action to consistently setup GitHub Actions across my homelab runner environments.
|
|
|
|
- If the `ssh-agent` bin exists
|
|
- Starts a fresh `ssh-agent`
|
|
- Sets the env vars for future steps
|
|
- Installs the `step` binary for step-ca commands
|
|
- Bootstraps the environment for the Homelab SPM CA Trust
|
|
- Tries to update any CA certs for the system that were missed.
|
|
- Configures `git` commands for `https://git.auengun.net` to use the Root CA for trust.
|
|
- If `JWK_PASSWORD` is defined:
|
|
- Attempts to provision a ssh user certificate for the `${{ github.actor }}` (username of the user that triggered the initial workflow run) for clone/inter-node actions.
|
|
- Runs `step ssh config` to update known hosts and other params for easier `ssh` commands.
|
|
- Clones the repo's code into the `/workspace` using https://code.forgejo.org/actions/checkout
|
|
|
|
## Example
|
|
|
|
```yaml
|
|
name: Terraform - Apply
|
|
|
|
on:
|
|
pull_request:
|
|
types: [labeled]
|
|
|
|
jobs:
|
|
apply-on-label:
|
|
name: Apply on Label
|
|
if: contains(github.event.pull_request.labels.*.name, 'terraform/apply')
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Homelab Setup
|
|
uses: https://git.auengun.net/homelab/action-common-setup@main
|
|
with:
|
|
STEP_CA_JWK_PASSWORD: ${{ secrets.STEP_CA_JWK_PASSWORD }}
|
|
```
|