andre/betterlifesg
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
betterlifesg/.forgejo/workflows/deploy.yml
Andre K 19a7fa0e48
Some checks failed
Deploy Better Life SG / deploy (push) Failing after 3s
Details
Deploy Better Life SG / notify (push) Successful in 2s
Details
Add deployment workflow for automatic deployment via Forgejo Actions
2026-04-16 08:23:44 +08:00

116 lines
No EOL
3.6 KiB
YAML
Raw Blame History

name: Deploy Better Life SG
on:
push:
branches: [master]
workflow_dispatch:
concurrency:
group: deploy-betterlifesg-${{ forgejo.ref }}
cancel-in-progress: false
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Configure SSH
shell: bash
env:
VPS_SSH_KEY: ${{ secrets.VPS_SSH_KEY }}
run: |
set -euo pipefail
install -d -m 700 ~/.ssh
python3 - <<'PY'
import os
from pathlib import Path
key = os.environ["VPS_SSH_KEY"]
if "\\n" in key and "\n" not in key:
key = key.replace("\\n", "\n")
key = key.replace("\r\n", "\n").replace("\r", "\n").strip() + "\n"
Path.home().joinpath(".ssh", "id_ed25519").write_text(key, encoding="utf-8")
PY
chmod 600 ~/.ssh/id_ed25519
ssh-keygen -y -f ~/.ssh/id_ed25519 >/dev/null
ssh-keyscan -H 23.226.133.245 >> ~/.ssh/known_hosts
- name: Deploy on VPS
shell: bash
run: |
set -euo pipefail
ssh root@23.226.133.245 "cd /opt/src/betterlifesg && bash scripts/deploy-betterlifesg.sh"
notify:
if: ${{ always() }}
needs: [deploy]
runs-on: ubuntu-latest
steps:
- name: Send ntfy notification
shell: bash
env:
JOB_RESULTS: ${{ toJson(needs) }}
NTFY_TOKEN: ${{ secrets.NTFY_TOKEN }}
NTFY_TOPIC_URL: https://ntfy.bytesizeprotip.com/deploy
RUN_URL: ${{ forgejo.server_url }}/${{ forgejo.repository }}/actions/runs/${{ forgejo.run_id }}
run: |
set -euo pipefail
if [ -z "$NTFY_TOKEN" ]; then
echo "NTFY_TOKEN secret not configured, skipping notification."
exit 0
fi
eval "$(python3 - <<'PY'
import json
import os
import shlex
needs = json.loads(os.environ["JOB_RESULTS"])
results = {name: str(data.get("result") or "unknown") for name, data in needs.items()}
has_failure = any(result == "failure" for result in results.values())
has_cancelled = any(result == "cancelled" for result in results.values())
if has_failure:
status = "failure"
priority = "5"
tags = "rotating_light,x"
elif has_cancelled:
status = "cancelled"
priority = "4"
tags = "warning"
else:
status = "success"
priority = "2"
tags = "white_check_mark"
summary = ", ".join(f"{name}:{result}" for name, result in results.items()) or "no upstream jobs"
message = "\n".join([
f"Repo: {os.environ['FORGEJO_REPOSITORY']}",
f"Workflow: {os.environ['FORGEJO_WORKFLOW']}",
f"Status: {status}",
f"Ref: {os.environ.get('FORGEJO_REF_NAME', '')}",
f"Actor: {os.environ.get('FORGEJO_ACTOR', '')}",
f"Run: {os.environ['RUN_URL']}",
f"Jobs: {summary}",
])
values = {
"NTFY_TITLE": f"{os.environ['FORGEJO_WORKFLOW']} {status}",
"NTFY_PRIORITY": priority,
"NTFY_TAGS": tags,
"NTFY_MESSAGE": message,
}
for key, value in values.items():
print(f"{key}={shlex.quote(value)}")
PY
)"
curl --fail --show-error --silent \
-H "Authorization: Bearer $NTFY_TOKEN" \
-H "Title: $NTFY_TITLE" \
-H "Priority: $NTFY_PRIORITY" \
-H "Tags: $NTFY_TAGS" \
-H "Click: $RUN_URL" \
-d "$NTFY_MESSAGE" \
"$NTFY_TOPIC_URL"
Reference in a new issue View git blame Copy permalink