-
Notifications
You must be signed in to change notification settings - Fork 0
46 lines (39 loc) · 1.41 KB
/
cd.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
name: CD
on:
push:
branches: [master]
workflow_dispatch:
jobs:
deploy:
runs-on: ubuntu-latest
environment:
name: xsnippet.org
url: https://xsnippet.org
concurrency: xsnippet.org
steps:
- uses: actions/checkout@v4
- name: Install Ansible
run: |
python -m pip install --upgrade pip
python -m pip install --upgrade ansible
ansible-galaxy collection install --force ansible.posix
ansible-galaxy collection install --force community.postgresql
- name: Setup a deployment SSH key
env:
DEPLOYMENT_SSH_KEY_PATH: ${{ runner.temp }}/id_ed25519
run: |
echo "${{ secrets.DEPLOYMENT_SSH_KEY }}" > $DEPLOYMENT_SSH_KEY_PATH
chmod 0600 $DEPLOYMENT_SSH_KEY_PATH
echo "uri=$DEPLOYMENT_SSH_KEY_PATH" >> $GITHUB_OUTPUT
id: ssh-key
- name: Deploy to production
run: |
# Ensure that servers we're deploying to are known. Otherwise,
# Ansible may fail with host key verification error.
mkdir -p ~/.ssh && echo "${{ secrets.SSH_KNOWN_HOSTS }}" >> ~/.ssh/known_hosts
ansible-playbook \
-vv \
-e ansible_ssh_private_key_file="${{ steps.ssh-key.outputs.uri }}" \
-e goaccess_basicauth_password="${{ secrets.GOACCESS_PASSWORD }}" \
--inventory inventories/production \
site.yml