update workflow #1
@ -23,6 +23,22 @@ on:
|
||||
required: false
|
||||
type: string
|
||||
default: ${{ vars.REGISTRY_PASSWORD }}
|
||||
warden-client-id:
|
||||
description: 'Bitwarden client id'
|
||||
required: true
|
||||
warden-client-secret:
|
||||
description: 'Bitwarden client secret'
|
||||
required: true
|
||||
warden-password:
|
||||
description: 'Bitwarden password'
|
||||
required: true
|
||||
warden-server:
|
||||
description: 'Bitwarden server'
|
||||
required: false
|
||||
default: ${{ vars.WARDEN_URL }}
|
||||
secrets:
|
||||
description: "One or more secret Ids to retrieve and the corresponding Gitea environment variable name to set"
|
||||
required: true
|
||||
|
||||
jobs:
|
||||
deploy:
|
||||
@ -35,14 +51,29 @@ jobs:
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
- uses: webfactory/ssh-agent@dc588b651fe13675774614f8e6a936a468676387
|
||||
|
||||
- name: Setup SSH agent
|
||||
uses: webfactory/ssh-agent@dc588b651fe13675774614f8e6a936a468676387
|
||||
with:
|
||||
ssh-private-key: ${{ secrets.ssh-private-key }}
|
||||
|
||||
- name: Get bitwarden secrets
|
||||
uses: actions/warden@1a8c7e1c69cdd51454ba08e2b8779fbc5e058b3d
|
||||
with:
|
||||
client-id: ${{ inputs.warden-client-id }}
|
||||
secret-id: ${{ inputs.warden-client-secret }}
|
||||
password: ${{ inputs.warden-password }}
|
||||
server: ${{ inputs.warden-server }}
|
||||
secrets: ${{ inputs.secrets }}
|
||||
|
||||
- name: Create .env file from secret
|
||||
run: echo "${{ secrets.env }}" > .kamal/secrets.${{ inputs.environment }}
|
||||
run: echo "$ENV" > .kamal/secrets.${{ inputs.environment }}
|
||||
|
||||
- name: Append kamal registry password
|
||||
run: echo "KAMAL_REGISTRY_PASSWORD=${{ inputs.password }}" >> .kamal/secrets.${{ inputs.environment }}
|
||||
|
||||
- name: Boot accessories
|
||||
run: kamal accessory reboot all -d ${{ inputs.environment }}
|
||||
|
||||
- name: Deploy
|
||||
run: kamal deploy -d ${{ inputs.environment }}
|
||||
|
||||
10
.idea/.gitignore
generated
vendored
Normal file
10
.idea/.gitignore
generated
vendored
Normal file
@ -0,0 +1,10 @@
|
||||
# Default ignored files
|
||||
/shelf/
|
||||
/workspace.xml
|
||||
# Editor-based HTTP Client requests
|
||||
/httpRequests/
|
||||
# Datasource local storage ignored files
|
||||
/dataSources/
|
||||
/dataSources.local.xml
|
||||
|
||||
.idea/
|
||||
Loading…
x
Reference in New Issue
Block a user