CD #50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CD | |
| on: | |
| push: | |
| branches: [master] | |
| workflow_dispatch: | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: xsnippet.org | |
| url: https://xsnippet.org | |
| concurrency: xsnippet.org | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Ansible | |
| run: | | |
| python -m pip install --upgrade pip | |
| python -m pip install --upgrade ansible | |
| ansible-galaxy collection install --force ansible.posix | |
| ansible-galaxy collection install --force community.postgresql | |
| - name: Setup a deployment SSH key | |
| env: | |
| DEPLOYMENT_SSH_KEY_PATH: ${{ runner.temp }}/id_ed25519 | |
| run: | | |
| echo "${{ secrets.DEPLOYMENT_SSH_KEY }}" > $DEPLOYMENT_SSH_KEY_PATH | |
| chmod 0600 $DEPLOYMENT_SSH_KEY_PATH | |
| echo "uri=$DEPLOYMENT_SSH_KEY_PATH" >> $GITHUB_OUTPUT | |
| id: ssh-key | |
| - name: Deploy to production | |
| run: | | |
| # Ensure that servers we're deploying to are known. Otherwise, | |
| # Ansible may fail with host key verification error. | |
| mkdir -p ~/.ssh && echo "${{ secrets.SSH_KNOWN_HOSTS }}" >> ~/.ssh/known_hosts | |
| ansible-playbook \ | |
| -vv \ | |
| -e ansible_ssh_private_key_file="${{ steps.ssh-key.outputs.uri }}" \ | |
| -e goaccess_basicauth_password="${{ secrets.GOACCESS_PASSWORD }}" \ | |
| --inventory inventories/production \ | |
| site.yml |