steffen/cryodev
1
0
Fork 0
Code Issues Pull requests Projects Releases 2 Packages Wiki Activity Actions
cryodev/.forgejo/workflows/deploy.yml
steffen 8b467f071f
Some checks failed
Deploy / flake-check (push) Successful in 35s
Details
Deploy / deploy-cryodev-main (push) Has been cancelled
Details
Deploy / create-release (push) Has been cancelled
Details
Deploy / build-pi-images (cryodev-pi) (push) Has been cancelled
Details
fix deploy-rs: set sshUser=root explicitly, fix host key verification 
deploy-rs was using 'gitea-runner' as ssh_user because the runner
process runs as that user. Set sshUser=root at the node level.
Also add StrictHostKeyChecking=accept-new as fallback for host key.
2026-03-14 14:26:51 +01:00

113 lines
3.5 KiB
YAML
Raw Blame History

name: Deploy
on:
push:
branches:
- main
jobs:
flake-check:
runs-on: host
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Run flake check
run: nix flake check --impure
deploy-cryodev-main:
needs: flake-check
runs-on: host
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up SSH
env:
DEPLOY_KEY: ${{ secrets.DEPLOY_SSH_KEY }}
run: |
mkdir -p ~/.ssh
echo "$DEPLOY_KEY" > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
ssh-keyscan -p 2299 -H cryodev.xyz >> ~/.ssh/known_hosts
chmod 644 ~/.ssh/known_hosts
- name: Deploy with deploy-rs
run: NIX_SSHOPTS="-p 2299 -o StrictHostKeyChecking=accept-new" nix run github:serokell/deploy-rs -- -s .#cryodev-main
build-pi-images:
needs: flake-check
runs-on: host
strategy:
matrix:
host: [cryodev-pi]
fail-fast: false
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Build SD image for ${{ matrix.host }}
run: |
echo "Building SD image for: ${{ matrix.host }}"
nix build .#nixosConfigurations.${{ matrix.host }}.config.system.build.sdImage \
--extra-platforms aarch64-linux \
--out-link result-${{ matrix.host }}
IMAGE_PATH=$(find result-${{ matrix.host }} -name "*.img.zst" -type f | head -1)
if [ -z "$IMAGE_PATH" ]; then
echo "Error: No image found!"
exit 1
fi
cp "$IMAGE_PATH" ./${{ matrix.host }}-sd-image.img.zst
sha256sum ${{ matrix.host }}-sd-image.img.zst > ${{ matrix.host }}-sd-image.img.zst.sha256
echo "Image size:"
ls -lh ${{ matrix.host }}-sd-image.img.zst
- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: ${{ matrix.host }}-sd-image
path: |
${{ matrix.host }}-sd-image.img.zst
${{ matrix.host }}-sd-image.img.zst.sha256
create-release:
needs: build-pi-images
runs-on: host
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Download all artifacts
uses: actions/download-artifact@v3
with:
path: artifacts/
- name: Create Release and Upload
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
VERSION="v$(date +%Y-%m-%d)-$(git rev-parse --short HEAD)"
curl -s -X POST \
-H "Authorization: token ${GITHUB_TOKEN}" \
-H "Content-Type: application/json" \
-d "{\"tag_name\": \"${VERSION}\", \"name\": \"Pi Images ${VERSION}\", \"body\": \"Raspberry Pi SD card images. See docs for usage.\", \"draft\": false, \"prerelease\": false}" \
"https://git.cryodev.xyz/api/v1/repos/${GITHUB_REPOSITORY}/releases" \
-o release.json
RELEASE_ID=$(jq -r '.id' release.json)
echo "Release ID: $RELEASE_ID"
for file in $(find artifacts -type f); do
echo "Uploading: $(basename $file)"
curl -s -X POST \
-H "Authorization: token ${GITHUB_TOKEN}" \
-H "Content-Type: application/octet-stream" \
--data-binary @"$file" \
"https://git.cryodev.xyz/api/v1/repos/${GITHUB_REPOSITORY}/releases/${RELEASE_ID}/assets?name=$(basename $file)"
done
echo "Done: https://git.cryodev.xyz/${GITHUB_REPOSITORY}/releases/tag/${VERSION}"
Reference in a new issue View git blame Copy permalink