signal-works/ice
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Merge pull request 'Add .forgejo/workflows/deploy-scripts.yml' (#18) from deco-patch-2 into main

Browse source 
Reviewed-on: deco/ice#18
This commit is contained in:
Decobus 2025-07-06 23:26:51 +03:00
commit f4d3f58f74
1 changed files with 113 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

113
.forgejo/workflows/deploy-scripts.yml Normal file
View file

@ -0,0 +1,113 @@
name: Deploy Scripts to S3
on:
push:
branches: [ main ]
paths:
- 'scripts/**'
- '.forgejo/workflows/deploy-scripts.yml'
workflow_dispatch:
permissions:
id-token: write
contents: write
pull-requests: write
jobs:
deploy-scripts:
runs-on: self-hosted
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Configure AWS credentials using OIDC
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
aws-region: ${{ secrets.AWS_REGION }}
role-session-name: icewatch-deploy-scripts
- name: Upload deployment script to S3
run: |
# Upload the main deployment script
aws s3 cp scripts/deploy.sh s3://${{ secrets.S3_BUCKET_NAME }}/scripts/deploy.sh \
--content-type "text/plain" \
--cache-control "max-age=300" \
--metadata-directive REPLACE \
--metadata "version=$(git rev-parse --short HEAD),updated=$(date -u +%Y-%m-%dT%H:%M:%SZ)"
# Upload systemd service file
aws s3 cp scripts/icewatch.service s3://${{ secrets.S3_BUCKET_NAME }}/scripts/icewatch.service \
--content-type "text/plain" \
--cache-control "max-age=3600"
# Upload Caddyfile
aws s3 cp scripts/Caddyfile s3://${{ secrets.S3_BUCKET_NAME }}/scripts/Caddyfile \
--content-type "text/plain" \
--cache-control "max-age=3600"
echo "✅ Scripts uploaded successfully!"
echo "📁 Deploy script URL: https://${{ secrets.S3_BUCKET_NAME }}.s3.amazonaws.com/scripts/deploy.sh"
- name: Update README with current URLs
run: |
# Update README with current S3 URLs
sed -i "s|curl -sSL.*deploy.sh|curl -sSL https://${{ secrets.S3_BUCKET_NAME }}.s3.amazonaws.com/scripts/deploy.sh|g" README.md
# Check if README was modified
if git diff --quiet README.md; then
echo "No README updates needed"
else
echo "README updated with new S3 URLs"
# Get current branch name
CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD)
echo "Current branch: $CURRENT_BRANCH"
if [[ "$CURRENT_BRANCH" == "main" ]]; then
echo "On main branch - creating PR instead of direct commit"
# Create a new branch for the update
BRANCH_NAME="update-readme-urls-$(date +%Y%m%d-%H%M%S)"
git checkout -b "$BRANCH_NAME"
# Configure git and commit changes
git config --local user.email "action@github.com"
git config --local user.name "GitHub Action"
git add README.md
git commit -m "Update deployment URLs
- Updated S3 URLs in README.md
- Deploy script URL: https://${{ secrets.S3_BUCKET_NAME }}.s3.amazonaws.com/scripts/deploy.sh"
# Push the new branch
git push origin "$BRANCH_NAME"
# Create PR using GitHub CLI
gh pr create \
--title "Update deployment URLs in README" \
--body "🤖 **Automated update from deployment workflow**
This PR updates the deployment URLs in README.md with the current S3 bucket URLs.
**Changes:**
- Updated deploy script URL to: https://${{ secrets.S3_BUCKET_NAME }}.s3.amazonaws.com/scripts/deploy.sh
**Generated by:** ${{ github.workflow }} workflow
**Commit:** ${{ github.sha }}" \
--head "$BRANCH_NAME" \
--base "main"
echo "✅ PR created successfully!"
else
echo "Not on main branch - committing directly"
git config --local user.email "action@github.com"
git config --local user.name "GitHub Action"
git add README.md
git commit -m "Update deployment URLs [skip ci]"
git push
fi
fi
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}