CD | Production #132
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CD | Production | |
concurrency: | |
group: master | |
cancel-in-progress: false | |
on: | |
push: | |
branches: | |
- master | |
workflow_dispatch: | |
jobs: | |
deploy-frontman: | |
name: Deploy frontman on production | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Save known_hosts file | |
env: | |
KNOWN_HOSTS: ${{ secrets.KNOWN_HOSTS }} | |
shell: bash | |
run: | | |
mkdir -p ~/.ssh | |
echo "$KNOWN_HOSTS" >> ~/.ssh/known_hosts | |
- name: Save id_rsa file | |
env: | |
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} | |
shell: bash | |
run: | | |
echo "$SSH_PRIVATE_KEY" > id_rsa && chmod 600 id_rsa | |
- name: Save vault password to vault.txt | |
env: | |
VAULT_PASSWORD: ${{ secrets.VAULT_PASSWORD }} | |
shell: bash | |
run: | | |
echo "$VAULT_PASSWORD" > vault.txt && chmod 600 vault.txt | |
- name: Run playbook | |
shell: bash | |
run: make deploy_frontman | |
deploy-proxies: | |
name: Deploy proxies on production | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Save known_hosts file | |
env: | |
KNOWN_HOSTS: ${{ secrets.KNOWN_HOSTS }} | |
shell: bash | |
run: | | |
mkdir -p ~/.ssh | |
echo "$KNOWN_HOSTS" >> ~/.ssh/known_hosts | |
- name: Save id_rsa file | |
env: | |
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} | |
shell: bash | |
run: | | |
echo "$SSH_PRIVATE_KEY" > id_rsa && chmod 600 id_rsa | |
- name: Save vault password to vault.txt | |
env: | |
VAULT_PASSWORD: ${{ secrets.VAULT_PASSWORD }} | |
shell: bash | |
run: | | |
echo "$VAULT_PASSWORD" > vault.txt && chmod 600 vault.txt | |
- name: Run playbook | |
shell: bash | |
run: make deploy_proxies | |
generate-users-csv: | |
name: Generate users.csv | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Save vault password to vault.txt | |
env: | |
VAULT_PASSWORD: ${{ secrets.VAULT_PASSWORD }} | |
shell: bash | |
run: | | |
echo "$VAULT_PASSWORD" > vault.txt && chmod 600 vault.txt | |
- name: Run playbook | |
shell: bash | |
run: make users_csv_generate users_csv_encrypt | |
- name: Upload users.csv | |
uses: actions/upload-artifact@v3 | |
with: | |
name: users.csv | |
path: users.csv |