name: Deploy Scripts to S3 on: push: branches: [ main ] paths: - 'scripts/**' - '.forgejo/workflows/deploy-scripts.yml' workflow_dispatch: permissions: contents: write pull-requests: write jobs: deploy-scripts: runs-on: [self-hosted, aws-cli] steps: - name: Checkout code uses: actions/checkout@v4 - name: Configure AWS credentials using access keys uses: aws-actions/configure-aws-credentials@v4 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ secrets.AWS_REGION }} - name: Upload deployment script to S3 run: | # Upload the main deployment script aws s3 cp scripts/deploy.sh s3://${{ secrets.S3_BUCKET_NAME }}/scripts/deploy.sh \ --content-type "text/plain" \ --cache-control "max-age=300" \ --metadata-directive REPLACE \ --metadata "version=$(git rev-parse --short HEAD),updated=$(date -u +%Y-%m-%dT%H:%M:%SZ)" # Upload systemd service file aws s3 cp scripts/icewatch.service s3://${{ secrets.S3_BUCKET_NAME }}/scripts/icewatch.service \ --content-type "text/plain" \ --cache-control "max-age=3600" # Upload Caddyfile aws s3 cp scripts/Caddyfile s3://${{ secrets.S3_BUCKET_NAME }}/scripts/Caddyfile \ --content-type "text/plain" \ --cache-control "max-age=3600" echo "✅ Scripts uploaded successfully!" echo "📁 Deploy script URL: https://${{ secrets.S3_BUCKET_NAME }}.s3.amazonaws.com/scripts/deploy.sh" - name: Update README with current URLs run: | # Update README with current S3 URLs sed -i "s|curl -sSL.*deploy.sh|curl -sSL https://${{ secrets.S3_BUCKET_NAME }}.s3.amazonaws.com/scripts/deploy.sh|g" README.md # Check if README was modified if git diff --quiet README.md; then echo "No README updates needed" else echo "README updated with new S3 URLs" # Get current branch name CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD) echo "Current branch: $CURRENT_BRANCH" if [[ "$CURRENT_BRANCH" == "main" ]]; then echo "On main branch - creating PR instead of direct commit" # Create a new branch for the update BRANCH_NAME="update-readme-urls-$(date +%Y%m%d-%H%M%S)" git checkout -b "$BRANCH_NAME" # Configure git and commit changes git config --local user.email "action@github.com" git config --local user.name "GitHub Action" git add README.md git commit -m "Update deployment URLs - Updated S3 URLs in README.md - Deploy script URL: https://${{ secrets.S3_BUCKET_NAME }}.s3.amazonaws.com/scripts/deploy.sh" # Push the new branch git push origin "$BRANCH_NAME" # Create PR using GitHub CLI gh pr create \ --title "Update deployment URLs in README" \ --body "🤖 **Automated update from deployment workflow** This PR updates the deployment URLs in README.md with the current S3 bucket URLs. **Changes:** - Updated deploy script URL to: https://${{ secrets.S3_BUCKET_NAME }}.s3.amazonaws.com/scripts/deploy.sh **Generated by:** ${{ github.workflow }} workflow **Commit:** ${{ github.sha }}" \ --head "$BRANCH_NAME" \ --base "main" echo "✅ PR created successfully!" else echo "Not on main branch - committing directly" git config --local user.email "action@github.com" git config --local user.name "GitHub Action" git add README.md git commit -m "Update deployment URLs [skip ci]" git push fi fi env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}