This commit is contained in:
parent
9fe6ff1f64
commit
c6bd67e1e9
39
.gitea/workflows/deploy-containers.yml
Normal file
39
.gitea/workflows/deploy-containers.yml
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
name: Deploy
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches:
|
||||||
|
- master
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
deploy:
|
||||||
|
name: Prepare Build
|
||||||
|
runs-on: homelab
|
||||||
|
container: alpine:latest
|
||||||
|
steps:
|
||||||
|
- name: Install dependencies
|
||||||
|
run: |
|
||||||
|
apk update
|
||||||
|
apk add --no-cache nodejs npm git bash openssh python3 py3-pip py3-passlib
|
||||||
|
python3 -m pip install --user ansible --break-system-packages
|
||||||
|
export PATH="/root/.local/bin:$PATH"
|
||||||
|
|
||||||
|
- name: Checkout code
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
with:
|
||||||
|
fetch-depth: 0
|
||||||
|
|
||||||
|
- name: Deploy containers
|
||||||
|
run: |
|
||||||
|
mkdir -p ~/.ssh
|
||||||
|
echo "${{ secrets.SSH_KNOWN_HOSTS }}" >> ~/.ssh/known_hosts
|
||||||
|
chmod 644 ~/.ssh/known_hosts
|
||||||
|
eval $(ssh-agent -s)
|
||||||
|
ssh-add <(echo "${{ secrets.SSH_PRIVATE_KEY }}")
|
||||||
|
echo "HOST *" > ~/.ssh/config
|
||||||
|
echo "StrictHostKeyChecking no" >> ~/.ssh/config
|
||||||
|
echo "${{ secrets.ANSIBLE_VAULT_PASSWORD }}" > ~/.vault_password.txt
|
||||||
|
echo "nameserver 10.10.10.1" > /etc/resolv.conf
|
||||||
|
./.gitea/workflows/deploy.sh "${{ github.event.before }}" "${{ github.sha }}"
|
||||||
|
|
||||||
|
|
14
.gitea/workflows/deploy.sh
Normal file
14
.gitea/workflows/deploy.sh
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
changed_tasks=($(git diff --name-only $1 $2 | grep '\.yml$'))
|
||||||
|
if [ ! -z "$changed_tasks" ]; then
|
||||||
|
for task in "${changed_tasks[@]}"; do
|
||||||
|
tag=$(echo "$task" | awk -F/ '{print $2}')
|
||||||
|
if [[ "$tag" != "deploy-homelab.yml" && "$tag" != "main.yml" && "$tag" != "all.yml" && "$tag" != "all.example.yml" && "$tag" != "ISSUE_TEMPLATE" && "$tag" != "workflows" ]] ; then
|
||||||
|
tag=${tag%.*}_install
|
||||||
|
/root/.local/bin/ansible-playbook main.yml --tags "$tag" --vault-password-file ~/.vault_password.txt
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
else
|
||||||
|
echo "No changes detected in task files. Skipping Ansible playbook execution."
|
||||||
|
fi
|
Loading…
Reference in New Issue
Block a user