a9e368beb1
All checks were successful
/ continuous-deploy (push) Successful in 23s
- continuous deploy revision - environments variables validation - vscode tasks for deploy - vscode testing some new plugins
81 lines
3.2 KiB
YAML
81 lines
3.2 KiB
YAML
on:
|
|
schedule:
|
|
- cron: '0 9 * * 0' # every sunday 9 am
|
|
push:
|
|
branches:
|
|
- main
|
|
pull_request:
|
|
branches:
|
|
- main
|
|
jobs:
|
|
continuous-deploy:
|
|
runs-on: ["deploy", "kubectl", "limbosolutions-com"]
|
|
env:
|
|
GITHUB_TEMP: ${{ runner.temp }} # fix missing GITHUB_TEMP on gitea
|
|
steps:
|
|
|
|
- name: Checkout code
|
|
uses: actions/checkout@v3
|
|
|
|
- name: limbo public actions
|
|
env:
|
|
WORKSPACE: "${{ gitea.workspace }}"
|
|
run: |
|
|
curl -fsSL https://git.limbosolutions.com/kb/gitea/raw/branch/main/cloud-scripts/setup-limbo-actions.sh | bash 2>&1
|
|
|
|
|
|
# limbo custom actions required https://git.limbosolutions.com/kb/gitea/raw/branch/main
|
|
- name: Configure kubectl config
|
|
uses: ./.gitea/limbo_actions/kubectl-setup
|
|
with:
|
|
kube_server: ${{ secrets.HOSTING_KUBE_SERVER }}
|
|
kube_ca_base64: ${{ secrets.HOSTING_KUBE_CA_BASE64 }}
|
|
kube_token: ${{ secrets.HOSTING_KUBE_TOKEN }}
|
|
|
|
- name: Deploy
|
|
shell: bash
|
|
env:
|
|
# used by kustomization requires env files
|
|
MARIADB_USER: ${{ secrets.MARIADB_USER }}
|
|
MARIADB_PASSWORD: ${{ secrets.MARIADB_PASSWORD }}
|
|
MARIADB_ROOT_PASSWORD: ${{ secrets.MARIADB_ROOT_PASSWORD }}
|
|
MARIADB_DATABASE: ${{ secrets.MARIADB_DATABASE }}
|
|
PBS_REPOSITORY: ${{ secrets.PBS_REPOSITORY }}
|
|
PBS_PASSWORD: ${{ secrets.PBS_PASSWORD }}
|
|
PBS_FINGERPRINT: ${{ secrets.PBS_FINGERPRINT }}
|
|
ONLYOFFICE_SECRET: ${{ secrets.ONLYOFFICE_SECRET }}
|
|
|
|
# used only on helm set values - only required as environment variables
|
|
NEXTCLOUD_HOST: ${{ secrets.NEXTCLOUD_HOST }}
|
|
NEXTCLOUD_USERNAME: ${{ secrets.NEXTCLOUD_USERNAME }}
|
|
NEXTCLOUD_PASSWORD: ${{ secrets.NEXTCLOUD_PASSWORD }}
|
|
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
# ensure cleanup always runs
|
|
trap '
|
|
[ -d deploy/app/.env.d ] && rm -rf deploy/app/.env.d/*;
|
|
[ -d deploy/app/onlyoffice/.env.d ] && rm -rf deploy/app/onlyoffice/.env.d/*;
|
|
' EXIT
|
|
|
|
# setup secrets files
|
|
|
|
echo "MARIADB_USER=${MARIADB_USER:?Missing MARIADB_USER}" >> deploy/app/.env.d/nextcloud-mariadb.env
|
|
echo "MARIADB_PASSWORD=${MARIADB_PASSWORD:?Missing MARIADB_PASSWORD}" >> deploy/app/.env.d/nextcloud-mariadb.env
|
|
echo "MARIADB_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD:?Missing MARIADB_ROOT_PASSWORD}" >> deploy/app/.env.d/nextcloud-mariadb.env
|
|
echo "MARIADB_DATABASE=${MARIADB_DATABASE:?Missing MARIADB_DATABASE}" >> deploy/app/.env.d/nextcloud-mariadb.env
|
|
|
|
echo "PBS_REPOSITORY=${PBS_REPOSITORY:?Missing PBS_REPOSITORY}" >> deploy/app/.env.d/pbs.env
|
|
echo "PBS_PASSWORD=${PBS_PASSWORD:?Missing PBS_PASSWORD}" >> deploy/app/.env.d/pbs.env
|
|
echo "PBS_FINGERPRINT=${PBS_FINGERPRINT:?Missing PBS_FINGERPRINT}" >> deploy/app/.env.d/pbs.env
|
|
|
|
echo "secret=${ONLYOFFICE_SECRET:?Missing ONLYOFFICE_SECRET}" >> deploy/app/onlyoffice/.env.d/onlyoffice.env
|
|
|
|
# enforce secrets files security
|
|
chmod 600 deploy/app/.env.d/*
|
|
chmod 600 deploy/app/onlyoffice/.env.d/*
|
|
|
|
# invoke deploy script
|
|
ops-scripts/apply-app.sh
|