-
Notifications
You must be signed in to change notification settings - Fork 2
59 lines (54 loc) · 1.94 KB
/
cd.yml
File metadata and controls
59 lines (54 loc) · 1.94 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# SPDX-FileCopyrightText: 2026 William Jin <AuraMindNest@outlook.com>
#
# SPDX-License-Identifier: BSL-1.0
name: CD
# workflow_run grants an elevated GITHUB_TOKEN by default. Mitigations:
# - permissions: contents: read (no write access)
# - job-level 'if' requires conclusion == 'success' AND event == 'push'
# (ignores PRs, forks, and failed/cancelled runs)
on:
workflow_run:
workflows: [CI]
branches: [develop]
types: [completed]
permissions:
contents: read
concurrency:
group: deploy-${{ github.event.workflow_run.head_branch }}
cancel-in-progress: false
jobs:
cd:
if: >-
github.event.workflow_run.conclusion == 'success'
&& github.event.workflow_run.event == 'push'
runs-on: ubuntu-latest
timeout-minutes: 20
environment: staging
steps:
- name: Deploy via SSH
uses: appleboy/ssh-action@0ff4204d59e8e51228ff73bce53f80d53301dee2
env:
WEBLATE_PORT: ${{ secrets.WEBLATE_PORT }}
WEBLATE_URL_PREFIX: ${{ secrets.WEBLATE_URL_PREFIX }}
with:
host: ${{ secrets.SSH_HOST }}
username: ${{ secrets.SSH_USER }}
key: ${{ secrets.SSH_PRIVATE_KEY }}
envs: WEBLATE_PORT,WEBLATE_URL_PREFIX
script: |
set -euo pipefail
cd /opt/cppa-weblate-plugin
git fetch origin develop
git checkout develop
git pull origin develop
docker compose -f docker/docker-compose.cd.yml --env-file .env build
docker compose -f docker/docker-compose.cd.yml --env-file .env up -d
WEBLATE_PORT="${WEBLATE_PORT:-8080}"
WEBLATE_URL_PREFIX="${WEBLATE_URL_PREFIX:-}"
for i in $(seq 1 36); do
curl -sf "http://127.0.0.1:${WEBLATE_PORT}${WEBLATE_URL_PREFIX}/healthz/" && exit 0
sleep 5
done
echo "Weblate not healthy after 180s"
docker compose -f docker/docker-compose.cd.yml --env-file .env logs weblate | tail -40
exit 1