Renovate[BOT]
37a241eb70
All checks were successful
Deploy Ansible Pipeline / Deploy Ansible Pipeline (push) Successful in 1m5s
Co-authored-by: Renovate[BOT] <renovate-bot@auengun.net> Co-committed-by: Renovate[BOT] <renovate-bot@auengun.net>
117 lines
4.4 KiB
YAML
117 lines
4.4 KiB
YAML
# Private Forgejo instance for managing/automating Auengun.net
|
|
# Source available at git.auengun.net/homelab/host-git
|
|
# Copyright (C) 2024 GregoryDosh
|
|
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU Affero General Public License as
|
|
# published by the Free Software Foundation, either version 3 of the
|
|
# License, or (at your option) any later version.
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU Affero General Public License for more details.
|
|
|
|
# You should have received a copy of the GNU Affero General Public License
|
|
# along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
# SPDX-FileCopyrightText: 2024 GregoryDosh
|
|
---
|
|
name: Deploy Ansible Pipeline
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
pull_request:
|
|
|
|
jobs:
|
|
deploy-ansible-pipeline:
|
|
name: Deploy Ansible Pipeline
|
|
|
|
# This image may look generic enough, but it's an image
|
|
# that is continuously changing and managed specifically for
|
|
# commonly use Auengun.net runtime & buildtime dependencies.
|
|
# See:
|
|
# - https://git.auengun.net/homelab/image-forgejo-runner
|
|
runs-on: ubuntu-act-latest
|
|
|
|
steps:
|
|
# Before I started building common utilities into my base image above
|
|
# I used a common setup action to handle bootstrapping the ephemeral
|
|
# environments into my homelab so that I could SSH/SCP around or even
|
|
# have the ability to talk to the https internal sites without SSL errors.
|
|
#
|
|
# This is still needed for when I override the `runs-on` above for special
|
|
# circumstances, but overall this combines a lot of the common environment
|
|
# setup tasks I needed along with the real task of cloning the code into
|
|
# the local workspace while navigating the PKI/SSL Based auth flows.
|
|
- name: Clone Repo into Workspace
|
|
uses: https://git.auengun.net/homelab/action-common-setup@3e92f643023a84a6b2bdc495a271846c5e98c949 # 1.5.0
|
|
with:
|
|
STEP_CA_JWK_PASSWORD: "${{ secrets.STEP_CA_JWK_PASSWORD }}"
|
|
|
|
- name: License Check
|
|
id: license_check
|
|
shell: bash
|
|
run: |
|
|
set +e
|
|
make license-check 2>&1 | tee license_check.log
|
|
RESULT="$?"
|
|
set -e
|
|
{
|
|
echo ""
|
|
echo "## License Check `[ "$RESULT" -eq "0" ] && echo "✅" || echo "❌ (exit code: $RESULT)"`"
|
|
echo ""
|
|
echo "<details `[ "$RESULT" -ne "0" ] && echo "open"`>"
|
|
echo ""
|
|
echo "<summary>Shell Output</summary>"
|
|
echo ""
|
|
echo "\`\`\`shell"
|
|
cat license_check.log
|
|
echo "\`\`\`"
|
|
echo ""
|
|
echo "</details>"
|
|
} 2>&1 >> "${{ github.workspace }}/.pr-comment.md"
|
|
echo "Saved to '${{ github.workspace }}/.pr-comment.md'"
|
|
exit $RESULT
|
|
|
|
- name: Validate can pull host images (caches in Homelab OCI mirror too)
|
|
id: pull_image
|
|
shell: bash
|
|
run: |
|
|
set +e
|
|
make pull-image 2>&1 | tee pull_image.log
|
|
RESULT="$?"
|
|
set -e
|
|
{
|
|
echo ""
|
|
echo "## Image Pull `[ "$RESULT" -eq "0" ] && echo "✅" || echo "❌ (exit code: $RESULT)"`"
|
|
echo ""
|
|
echo "<details `[ "$RESULT" -ne "0" ] && echo "open"`>"
|
|
echo ""
|
|
echo "<summary>Shell Output</summary>"
|
|
echo ""
|
|
echo "\`\`\`shell"
|
|
cat pull_image.log
|
|
echo "\`\`\`"
|
|
echo ""
|
|
echo "</details>"
|
|
} 2>&1 >> "${{ github.workspace }}/.pr-comment.md"
|
|
echo "Saved to '${{ github.workspace }}/.pr-comment.md'"
|
|
exit $RESULT
|
|
|
|
- name: Post/Update PR Comment
|
|
if: ${{ github.event_name == 'pull_request' && !cancelled() }}
|
|
continue-on-error: true
|
|
uses: https://git.auengun.net/homelab/action-pr-comment@e50718ea836d26d3d2133278b97706ea1ccf48a0 # 1.3.0
|
|
|
|
- name: Deploy Ansible Pipeline
|
|
if: ${{ success() && github.ref == 'refs/heads/main' }}
|
|
env:
|
|
INFISICAL_CLIENT_ID: ${{ secrets.INFISICAL_CLIENT_ID }}
|
|
INFISICAL_CLIENT_SECRET: ${{ secrets.INFISICAL_CLIENT_SECRET }}
|
|
INFISICAL_PROJECT_ID: ${{ secrets.INFISICAL_PROJECT_ID }}
|
|
shell: bash
|
|
run: make ansible-pipeline
|