From c7d83e47492932de5c7ace1420349ce18d0f57b2 Mon Sep 17 00:00:00 2001 From: Dominic Vos Date: Mon, 4 Aug 2025 14:24:44 +0000 Subject: [PATCH 1/3] Update .gitea/workflows/deploy.yml --- .gitea/workflows/deploy.yml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index c22bd9b..d186947 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -4,6 +4,12 @@ on: ssh-private-key: required: true type: string + certificate-pem: + required: false + type: string + private-key-pem: + required: false + type: string inputs: image: required: false @@ -70,6 +76,29 @@ jobs: - name: Append kamal registry password run: echo "KAMAL_REGISTRY_PASSWORD=${{ inputs.password }}" >> .kamal/secrets.${{ inputs.environment }} + - name: Add optional PEM secrets to .env + run: | + ENV_FILE=".kamal/secrets.${{ inputs.environment }}" + + # Add certificate-pem if present + if [[ -n "${{ secrets.certificate-pem }}" ]]; then + { + echo ""; + echo "CERTIFICATE_PEM='"; + echo "${{ secrets.certificate-pem }}"; + echo "'"; + } >> "$ENV_FILE" + fi + + if [[ -n "${{ secrets.private-key-pem }}" ]]; then + { + echo ""; + echo "PRIVATE_KEY_PEM='"; + echo "${{ secrets.private-key-pem }}"; + echo "'"; + } >> "$ENV_FILE" + fi + - name: Boot accessories run: kamal accessory reboot all -d ${{ inputs.environment }} -- 2.49.1 From a7335eb800011c9d401a83f430ed1d7566f267fb Mon Sep 17 00:00:00 2001 From: Dominic Vos Date: Tue, 5 Aug 2025 09:45:25 +0000 Subject: [PATCH 2/3] Update .gitea/workflows/deploy.yml --- .gitea/workflows/deploy.yml | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index d186947..3c6caa6 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -79,24 +79,17 @@ jobs: - name: Add optional PEM secrets to .env run: | ENV_FILE=".kamal/secrets.${{ inputs.environment }}" + mkdir -p "$(dirname "$ENV_FILE")" + touch "$ENV_FILE" - # Add certificate-pem if present if [[ -n "${{ secrets.certificate-pem }}" ]]; then - { - echo ""; - echo "CERTIFICATE_PEM='"; - echo "${{ secrets.certificate-pem }}"; - echo "'"; - } >> "$ENV_FILE" + echo "" >> "$ENV_FILE" + echo "CERTIFICATE_PEM=\"$(echo "${{ secrets.certificate-pem }}" | awk '{printf "%s\\n", $0}')\"" >> "$ENV_FILE" fi if [[ -n "${{ secrets.private-key-pem }}" ]]; then - { - echo ""; - echo "PRIVATE_KEY_PEM='"; - echo "${{ secrets.private-key-pem }}"; - echo "'"; - } >> "$ENV_FILE" + echo "" >> "$ENV_FILE" + echo "PRIVATE_KEY_PEM=\"$(echo "${{ secrets.private-key-pem }}" | awk '{printf "%s\\n", $0}')\"" >> "$ENV_FILE" fi - name: Boot accessories -- 2.49.1 From fa7d71345059a167416ee83963471dcaa47cb191 Mon Sep 17 00:00:00 2001 From: Jamie Schouten Date: Tue, 5 Aug 2025 12:59:48 +0000 Subject: [PATCH 3/3] Update .gitea/workflows/deploy.yml --- .gitea/workflows/deploy.yml | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 3c6caa6..636c913 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -79,19 +79,26 @@ jobs: - name: Add optional PEM secrets to .env run: | ENV_FILE=".kamal/secrets.${{ inputs.environment }}" - mkdir -p "$(dirname "$ENV_FILE")" - touch "$ENV_FILE" if [[ -n "${{ secrets.certificate-pem }}" ]]; then echo "" >> "$ENV_FILE" - echo "CERTIFICATE_PEM=\"$(echo "${{ secrets.certificate-pem }}" | awk '{printf "%s\\n", $0}')\"" >> "$ENV_FILE" + { + echo "CERTIFICATE_PEM='" + echo "${{ secrets.certificate-pem }}" + echo "'" + } >> "$ENV_FILE" fi if [[ -n "${{ secrets.private-key-pem }}" ]]; then echo "" >> "$ENV_FILE" - echo "PRIVATE_KEY_PEM=\"$(echo "${{ secrets.private-key-pem }}" | awk '{printf "%s\\n", $0}')\"" >> "$ENV_FILE" + { + echo "PRIVATE_KEY_PEM='" + echo "${{ secrets.private-key-pem }}" + echo "'" + } >> "$ENV_FILE" fi + - name: Boot accessories run: kamal accessory reboot all -d ${{ inputs.environment }} -- 2.49.1