Skip to content
Deploy to Drift

Feat/object store documentation (#95) #35

Sign in to view logs

Feat/object store documentation (#95)

Feat/object store documentation (#95) #35

Workflow file for this run

.github/workflows/deploy.yml at 5f9386d
name: Deploy to Drift
on:
push:
branches:
- main
jobs:
deploy:
name: Deploy
runs-on: ubuntu-latest
concurrency:
group: deployment_lock
cancel-in-progress: false
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Set up SSH key
env:
PROXY_HOST: ${{ vars.PROXY_HOST }}
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
run: |
mkdir -p ~/.ssh
echo "$SSH_PRIVATE_KEY" > ~/.ssh/key
chmod 600 ~/.ssh/key
ssh-keyscan -H $PROXY_HOST >> ~/.ssh/known_hosts
- name: Deploy to OpenStack server
env:
PROXY_HOST: ${{ vars.PROXY_HOST }}
HOST: ${{ vars.HOST }}
USER: ${{ vars.USER }}
WORKING_DIRECTORY: ${{ vars.WORKING_DIRECTORY }}
VAULTWARDEN_MASTER_PASSWORD: ${{ secrets.VAULTWARDEN_MASTER_PASSWORD }}
VAULTWARDEN_ITEM_ID: ${{ secrets.VAULTWARDEN_ITEM_ID }}
ENV_RELATIVE_PATH: ${{ vars.ENV_RELATIVE_PATH }}
run: |
# Start ssh-agent and add the SSH key
eval $(ssh-agent -s)
ssh-add ~/.ssh/key
# SSH into the server via the proxy and run deployment commands
ssh -o StrictHostKeyChecking=no -J $USER@$PROXY_HOST $USER@$HOST << ENDSSH
# WE ARE NOW ON THE REMOTE SERVER
# If any command fails, the script will exit immediately with a non-zero status
set -euo pipefail
# Run the deployment commands as root
sudo bash -c '
# Exit immediately if a command exits with a non-zero status
set -euo pipefail
# Load environment variables from Vaultwarden
cd
./get-env.sh "$VAULTWARDEN_MASTER_PASSWORD" "$VAULTWARDEN_ITEM_ID" "$WORKING_DIRECTORY/$ENV_RELATIVE_PATH"
# Change permissions of .env to be readable only by the owner
chmod 0600 "$WORKING_DIRECTORY/$ENV_RELATIVE_PATH"
# Navigate to the working directory, pull the latest code, and run the deployment script
cd "$WORKING_DIRECTORY"
git fetch
git reset --hard origin/main
./deploy.sh
'
ENDSSH