2020-07-02 20:18:25 +00:00
|
|
|
---
|
|
|
|
|
name: Deploy
|
|
|
|
|
|
|
|
|
|
on:
|
2020-11-02 00:49:29 +00:00
|
|
|
push:
|
2020-07-02 20:18:25 +00:00
|
|
|
branches:
|
|
|
|
|
- production
|
2020-08-24 10:49:40 +00:00
|
|
|
workflow_dispatch:
|
2020-07-02 20:18:25 +00:00
|
|
|
|
|
|
|
|
jobs:
|
|
|
|
|
deploy:
|
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
|
|
|
|
|
|
name: Deploy via Ansible
|
|
|
|
|
|
|
|
|
|
env:
|
|
|
|
|
ANSIBLE_FORCE_COLOR: 1
|
|
|
|
|
ANSIBLE_HOST_KEY_CHECKING: no
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Checkout the code
|
2020-10-30 01:26:52 +00:00
|
|
|
uses: actions/checkout@a81bbbf
|
2020-07-02 20:18:25 +00:00
|
|
|
|
|
|
|
|
- name: Add the deployment SSH key
|
2020-10-30 01:26:52 +00:00
|
|
|
uses: shimataro/ssh-key-action@6f350ca
|
2020-07-02 20:18:25 +00:00
|
|
|
with:
|
|
|
|
|
key: ${{ secrets.SSH_PRIVATE_KEY }}
|
|
|
|
|
name: id_rsa
|
|
|
|
|
known_hosts: ${{ secrets.SSH_KNOWN_HOSTS }}
|
|
|
|
|
|
|
|
|
|
- name: Cache dependencies
|
2020-10-30 01:26:52 +00:00
|
|
|
uses: actions/cache@d974700
|
2020-07-02 20:18:25 +00:00
|
|
|
with:
|
|
|
|
|
path: tools/ansible/.roles
|
|
|
|
|
key: dependencies-composer-${{ hashFiles('tools/ansible/requirements.yml') }}
|
|
|
|
|
|
|
|
|
|
- name: Download Ansible roles
|
|
|
|
|
run: ansible-galaxy install -r tools/ansible/requirements.yml
|
|
|
|
|
|
|
|
|
|
- name: Export the Ansible Vault password
|
|
|
|
|
run: echo $ANSIBLE_VAULT_PASS > tools/ansible/.vault-pass.txt
|
|
|
|
|
env:
|
|
|
|
|
ANSIBLE_VAULT_PASS: ${{ secrets.ANSIBLE_VAULT_PASS }}
|
|
|
|
|
|
|
|
|
|
- name: Deploy the code
|
|
|
|
|
run: >
|
|
|
|
|
ansible-playbook tools/ansible/deploy.yml
|
|
|
|
|
-i tools/ansible/hosts.yml
|
|
|
|
|
-e "ansistrano_deploy_branch=$GITHUB_SHA"
|
|
|
|
|
--vault-password-file=tools/ansible/.vault-pass.txt
|
|
|
|
|
|
|
|
|
|
- name: Remove the Ansible Vault password file
|
|
|
|
|
run: rm tools/ansible/.vault-pass.txt
|
