renovate[bot]
662e9f6274
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [appleboy/ssh-action](https://github.com/appleboy/ssh-action) | action | patch | `v1.2.2` -> `v1.2.3` | --- ### Release Notes <details> <summary>appleboy/ssh-action (appleboy/ssh-action)</summary> ### [`v1.2.3`](https://github.com/appleboy/ssh-action/releases/tag/v1.2.3) [Compare Source](https://github.com/appleboy/ssh-action/compare/v1.2.2...v1.2.3) ##### Changelog ##### Features - [`20d5c5b`](20d5c5bbc9): feat: add configurable curl insecure flag to GitHub action ([@​appleboy](https://github.com/appleboy)) ##### Bug fixes - [`170eebb`](170eebb2ee): fix: enhance binary download flow with robust error handling ([#​394](https://github.com/appleboy/ssh-action/issues/394)) ([@​appleboy](https://github.com/appleboy)) ##### Enhancements - [`b27b9f8`](b27b9f8968): chore: refactor system to improve efficiency and update API usage ([@​appleboy](https://github.com/appleboy)) - [`0e19dd9`](0e19dd962d): chore: improve robustness and consistency across multiple scripts ([@​appleboy](https://github.com/appleboy)) ##### Refactor - [`b6690ee`](b6690ee817): refactor: improve error handling and code readability across scripts ([#​374](https://github.com/appleboy/ssh-action/issues/374)) ([@​appleboy](https://github.com/appleboy)) ##### Build process updates - [`2b3c650`](2b3c6504b3): ci: unify and enhance GitHub workflow configurations ([@​appleboy](https://github.com/appleboy)) - [`ffd1eec`](ffd1eec364): ci: add workflow step for multi-command SSH testing ([#​386](https://github.com/appleboy/ssh-action/issues/386)) ([@​appleboy](https://github.com/appleboy)) - [`53f5c5c`](53f5c5cedf): ci: add automated Trivy security scanning via GitHub Actions ([@​appleboy](https://github.com/appleboy)) ##### Documentation updates - [`52a1840`](52a1840ca6): docs: update SSH action version to v1 in all README files ([#​372](https://github.com/appleboy/ssh-action/issues/372)) ([@​appleboy](https://github.com/appleboy)) - [`689de3c`](689de3cf64): docs: improve CLI messaging and error clarity for users ([@​appleboy](https://github.com/appleboy)) - [`9ca1cd2`](9ca1cd2174): docs: document the new `curl_insecure` configuration option ([@​appleboy](https://github.com/appleboy)) - [`bd83ba7`](bd83ba7e2b): docs: document and configure drone-ssh version usage ([#​381](https://github.com/appleboy/ssh-action/issues/381)) ([@​appleboy](https://github.com/appleboy)) - [`b80f638`](b80f638dc4): docs: rewrite and unify documentation across all supported languages ([@​appleboy](https://github.com/appleboy)) - [`c7fbbc9`](c7fbbc9208): docs: add table of contents to multilingual README files ([@​appleboy](https://github.com/appleboy)) - [`4d84f05`](4d84f0522a): docs: revamp and unify multi-language readme documentation ([@​appleboy](https://github.com/appleboy)) - [`8f3cc07`](8f3cc07719): docs: add comprehensive tables of contents to all README files ([@​appleboy](https://github.com/appleboy)) - [`8745f95`](8745f9583c): docs: restructure and clarify parameter documentation across all readmes ([@​appleboy](https://github.com/appleboy)) - [`57f6f35`](57f6f3556d): docs(readme): better wording for script\_path property ([#​387](https://github.com/appleboy/ssh-action/issues/387)) ([@​kontur](https://github.com/kontur)) - [`3ca8a7c`](3ca8a7c535): docs: clarify script\_path usage in Chinese remote execution docs ([@​appleboy](https://github.com/appleboy)) - [`c680069`](c680069d84): docs: add comprehensive documentation for project setup and usage ([@​appleboy](https://github.com/appleboy)) - [`91f3272`](91f3272fc5): docs: add Trivy security scan badge to all documentation ([@​appleboy](https://github.com/appleboy)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4xLjMiLCJ1cGRhdGVkSW5WZXIiOiI0Mi4xLjMiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbInR5cGUvZGVwZW5kZW5jaWVzIl19--> Reviewed-on: #43 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>
97 lines
3.4 KiB
YAML
97 lines
3.4 KiB
YAML
name: Docker Compose Deploy Stack
|
|
|
|
on:
|
|
workflow_call:
|
|
secrets:
|
|
DEPLOY_HOST:
|
|
required: true
|
|
type: string
|
|
DEPLOY_USERNAME:
|
|
required: true
|
|
type: string
|
|
DEPLOY_SSHKEY:
|
|
required: true
|
|
type: string
|
|
DEPLOY_PORT:
|
|
required: true
|
|
type: string
|
|
PUSHOVER_USER_TOKEN:
|
|
required: true
|
|
type: string
|
|
|
|
jobs:
|
|
deploy:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: "[ON RUNNER] Notify Build Start"
|
|
uses: https://git.tainton.uk/actions/pushover-action@v1.1.4
|
|
env:
|
|
PUSHOVER_APP_TOKEN: ${{ secrets.PUSHOVER_APP_TOKEN }}
|
|
PUSHOVER_USER_TOKEN: ${{ secrets.PUSHOVER_USER_TOKEN }}
|
|
with:
|
|
message: "Deploying stack ${{ gitea.repository }}"
|
|
title: 'Stack Deployment Started'
|
|
url: "${{ gitea.server_url }}/${{ gitea.repository }}/actions/runs/${{ gitea.run_id }}"
|
|
url_title: 'View Logs'
|
|
|
|
- name: "[ON RUNNER] Checkout the repo"
|
|
uses: actions/checkout@v5
|
|
|
|
- name: "[ON RUNNER] Set project variables"
|
|
run: |
|
|
projectname="${{ gitea.event.repository.name }}"
|
|
echo "project_name=$projectname" >> $GITEA_ENV
|
|
echo "project_folder=/home/${{ secrets.DEPLOY_USERNAME }}/$projectname" >> $GITEA_ENV
|
|
|
|
- name: "[ON RUNNER] Create env file"
|
|
run: |
|
|
rm -f ".env"
|
|
touch ".env"
|
|
echo "$ALLVARS" | jq -r '. | to_entries[] | select(.key | startswith("DC_")) | .key + "=" + .value' >> ".env"
|
|
echo "$ALLSECRETS" | jq -r '. | to_entries[] | select(.key | startswith("DC_")) | .key + "=" + .value' >> ".env"
|
|
env:
|
|
ALLVARS: ${{ toJSON(vars) }}
|
|
ALLSECRETS: ${{ toJSON(secrets) }}
|
|
|
|
- name: "[ON HOST] Make directory if not exists"
|
|
uses: appleboy/ssh-action@v1.2.3
|
|
with:
|
|
host: ${{ secrets.DEPLOY_HOST }}
|
|
username: ${{ secrets.DEPLOY_USERNAME }}
|
|
key: ${{ secrets.DEPLOY_SSHKEY }}
|
|
port: ${{ secrets.DEPLOY_PORT }}
|
|
script: |
|
|
mkdir -p ${{ env.project_folder }}
|
|
|
|
- name: "[ON HOST] SCP files to host"
|
|
uses: appleboy/scp-action@v1.0.0
|
|
with:
|
|
host: ${{ secrets.DEPLOY_HOST }}
|
|
username: ${{ secrets.DEPLOY_USERNAME }}
|
|
port: ${{ secrets.DEPLOY_PORT }}
|
|
key: ${{ secrets.DEPLOY_SSHKEY }}
|
|
source: "./compose.yaml,./.env"
|
|
target: "${{ env.project_folder }}/"
|
|
|
|
- name: "[ON HOST] Deploy Stack"
|
|
uses: appleboy/ssh-action@v1.2.3
|
|
with:
|
|
host: ${{ secrets.DEPLOY_HOST }}
|
|
username: ${{ secrets.DEPLOY_USERNAME }}
|
|
key: ${{ secrets.DEPLOY_SSHKEY }}
|
|
port: ${{ secrets.DEPLOY_PORT }}
|
|
script: |
|
|
cd ${{ env.project_folder }}
|
|
docker compose --env-file .env up --detach
|
|
|
|
- name: "[ON RUNNER] Notify Build End"
|
|
uses: https://git.tainton.uk/actions/pushover-action@v1.1.4
|
|
env:
|
|
PUSHOVER_APP_TOKEN: ${{ secrets.PUSHOVER_APP_TOKEN }}
|
|
PUSHOVER_USER_TOKEN: ${{ secrets.PUSHOVER_USER_TOKEN }}
|
|
with:
|
|
message: "Deployed stack ${{ gitea.repository }}"
|
|
title: 'Stack Deployment ${{ job.status }}'
|
|
url: "${{ gitea.server_url }}/${{ gitea.repository }}/actions/runs/${{ gitea.run_id }}"
|
|
url_title: 'View Logs'
|