torsten/yourpart3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(deploy): update deployment workflow for production
All checks were successful
Deploy to production / deploy (push) Successful in 3m1s
Details

Browse Source 
- Renamed workflow from "Deploy yourpart (blue-green)" to "Deploy to production" for clarity.
- Removed environment variables for SSH configuration and replaced them with direct references to secrets for improved security.
- Updated SSH connection and deployment script steps to utilize secrets for host, port, and user, enhancing the deployment process.
This commit is contained in:
Torsten Schulz (local)
2026-03-31 10:14:09 +02:00
parent dba9eb8692
commit 9b3898e43c
1 changed files with 7 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
.gitea/workflows/deploy.yml
View File

@@ -1,4 +1,4 @@
name: Deploy yourpart (blue-green) name: Deploy to production
on: on:
push: push:
@@ -9,44 +9,26 @@ jobs:
deploy: deploy:
runs-on: ubuntu-latest runs-on: ubuntu-latest
env:
SSH_HOST: ${{ vars.PROD_HOST }}
SSH_PORT: ${{ vars.PROD_PORT }}
SSH_USER: ${{ vars.PROD_USER }}
steps: steps:
- name: Show resolved non-secret config
run: |
echo "SSH_HOST=$SSH_HOST"
echo "SSH_PORT=$SSH_PORT"
echo "SSH_USER=$SSH_USER"
- name: Prepare SSH - name: Prepare SSH
run: | run: |
set -e
mkdir -p ~/.ssh mkdir -p ~/.ssh
printf "%s" "${{ secrets.PROD_SSH_KEY }}" > ~/.ssh/id_ed25519 printf "%s" "${{ secrets.PROD_SSH_KEY }}" > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519 chmod 600 ~/.ssh/id_ed25519
ssh-keyscan -p "$SSH_PORT" "$SSH_HOST" >> ~/.ssh/known_hosts ssh-keyscan -p "${{ secrets.PROD_PORT }}" "${{ secrets.PROD_HOST }}" >> ~/.ssh/known_hosts
- name: Test SSH connection - name: Test SSH connection
run: | run: |
set -e
ssh -i ~/.ssh/id_ed25519 \ ssh -i ~/.ssh/id_ed25519 \
-o StrictHostKeyChecking=no \ -o StrictHostKeyChecking=no \
-o BatchMode=yes \ -o BatchMode=yes \
-o ConnectTimeout=10 \ -p "${{ secrets.PROD_PORT }}" \
-p "$SSH_PORT" \ "${{ secrets.PROD_USER }}@${{ secrets.PROD_HOST }}" \
"$SSH_USER@$SSH_HOST" \
"echo SSH OK" "echo SSH OK"
- name: Run blue-green deployment - name: Run deployment script
run: | run: |
set -e
ssh -i ~/.ssh/id_ed25519 \ ssh -i ~/.ssh/id_ed25519 \
-o StrictHostKeyChecking=no \ -p "${{ secrets.PROD_PORT }}" \
-o BatchMode=yes \ "${{ secrets.PROD_USER }}@${{ secrets.PROD_HOST }}" \
-o ConnectTimeout=10 \
-p "$SSH_PORT" \
"$SSH_USER@$SSH_HOST" \
"/home/tsschulz/deploy-yourpart-bluegreen.sh" "/home/tsschulz/deploy-yourpart-bluegreen.sh"