deploy on gitea workflow #3
@@ -0,0 +1,16 @@
|
|||||||
|
name: '⚙️ Configure SSH Client'
|
||||||
|
description: 'Installs sshpass and configures known_hosts'
|
||||||
|
|
||||||
|
inputs:
|
||||||
|
ssh_host:
|
||||||
|
description: 'Remote server IP'
|
||||||
|
required: true
|
||||||
|
|
||||||
|
runs:
|
||||||
|
using: 'composite'
|
||||||
|
steps:
|
||||||
|
- shell: bash
|
||||||
|
run: |
|
||||||
|
sudo apt-get update && sudo apt-get install -y sshpass
|
||||||
|
mkdir -p ~/.ssh
|
||||||
|
ssh-keyscan -p 22 "${{ inputs.ssh_host }}" >> ~/.ssh/known_hosts
|
||||||
@@ -0,0 +1,26 @@
|
|||||||
|
name: '🧼 Telegram message escape'
|
||||||
|
description: 'Automatically escapes dots, dashes, and exclamation marks for Telegram MarkdownV2'
|
||||||
|
|
||||||
|
inputs:
|
||||||
|
message:
|
||||||
|
description: 'The raw text string to escape'
|
||||||
|
required: true
|
||||||
|
|
||||||
|
outputs:
|
||||||
|
escaped_message:
|
||||||
|
description: 'The safely escaped string ready for Telegram'
|
||||||
|
value: ${{ steps.escape.outputs.result }}
|
||||||
|
|
||||||
|
runs:
|
||||||
|
using: 'composite'
|
||||||
|
steps:
|
||||||
|
- id: escape
|
||||||
|
shell: bash
|
||||||
|
run: |
|
||||||
|
RAW_MESSAGE="${{ inputs.message }}"
|
||||||
|
|
||||||
|
ESCAPED_MESSAGE=$(echo "$RAW_MESSAGE" | sed "s/-/\\\\-/g" | sed "s/\./\\\\./g" | sed "s/!/\\\\!/g")
|
||||||
|
|
||||||
|
echo "result<<EOF" >> $GITHUB_OUTPUT
|
||||||
|
echo "$ESCAPED_MESSAGE" >> $GITHUB_OUTPUT
|
||||||
|
echo "EOF" >> $GITHUB_OUTPUT
|
||||||
@@ -33,7 +33,9 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" \
|
sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" \
|
||||||
"mkdir -p \"$DEPLOY_DIRECTORY\" && \
|
"mkdir -p \"$DEPLOY_DIRECTORY\" && \
|
||||||
cat > \"$DEPLOY_DIRECTORY/docker-compose-$REF_NAME.yml\"" \
|
cd \"$DEPLOY_DIRECTORY\" && \
|
||||||
|
rm -f docker-compose-*.yml && \
|
||||||
|
cat > \"docker-compose-$REF_NAME.yml\"" \
|
||||||
< docker-compose.yml
|
< docker-compose.yml
|
||||||
|
|
||||||
- name: 🔐 Create secrets
|
- name: 🔐 Create secrets
|
||||||
@@ -67,5 +69,57 @@ jobs:
|
|||||||
cat << 'EOF_SECRET' > secrets/vaultwarden_admin_token.txt
|
cat << 'EOF_SECRET' > secrets/vaultwarden_admin_token.txt
|
||||||
$VAULTWARDEN_ADMIN_TOKEN
|
$VAULTWARDEN_ADMIN_TOKEN
|
||||||
EOF_SECRET
|
EOF_SECRET
|
||||||
|
|
||||||
|
chmod 700 secrets
|
||||||
|
chmod 600 secrets/*.txt
|
||||||
EOT
|
EOT
|
||||||
|
|
||||||
|
- name: 🚀 Run new containers
|
||||||
|
env:
|
||||||
|
SSHPASS: ${{ secrets.SSH_PASSWORD }}
|
||||||
|
SSH_USERNAME: ${{ secrets.SSH_USERNAME }}
|
||||||
|
SSH_HOST: ${{ secrets.SSH_HOST }}
|
||||||
|
DEPLOY_DIRECTORY: ${{ secrets.DEPLOY_DIRECTORY }}
|
||||||
|
REF_NAME: ${{ env.CLEAN_REF_NAME }}
|
||||||
|
TELEGRAM_TOKEN: ${{ secrets.DEPLOY_TELEGRAM_BOT_TOKEN }}
|
||||||
|
TELEGRAM_CHAT: ${{ secrets.DEPLOY_TELEGRAM_CHAT_ID }}
|
||||||
|
PROXY_HOST: ${{ secrets.PROXY_HOST }}
|
||||||
|
PROXY_PORT: ${{ secrets.PROXY_PORT }}
|
||||||
|
PROXY_USER: ${{ secrets.PROXY_USER }}
|
||||||
|
PROXY_PASSWORD: ${{ secrets.PROXY_PASSWORD }}
|
||||||
|
run: |
|
||||||
|
sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT
|
||||||
|
set -e
|
||||||
|
cd "$DEPLOY_DIRECTORY"
|
||||||
|
|
||||||
|
nohup bash -c '
|
||||||
|
sleep 5
|
||||||
|
|
||||||
|
if docker compose -f "docker-compose-${REF_NAME}.yml" up -d --remove-orphans > /tmp/docker_deploy.log 2>&1; then
|
||||||
|
ESCAPED_REF=\$(echo "${REF_NAME}" | sed "s/-/\\\\-/g" | sed "s/\./\\\\./g")
|
||||||
|
TEXT="🚀 *Деплой успешен\!* %0AСервер применил релиз: \`\$ESCAPED_REF\`"
|
||||||
|
|
||||||
|
# ИСПРАВЛЕНО: Восстановлен верный URL api.telegram.org/bot\$TELEGRAM_TOKEN/
|
||||||
|
curl -s -X POST "https://telegram.org\${TELEGRAM_TOKEN}/sendMessage" \
|
||||||
|
--proxy "http://${PROXY_USER}:${PROXY_PASSWORD}@${PROXY_HOST}:${PROXY_PORT}" \
|
||||||
|
-d "chat_id=${TELEGRAM_CHAT}" \
|
||||||
|
-d "parse_mode=MarkdownV2" \
|
||||||
|
-d "text=\$TEXT" > /dev/null
|
||||||
|
else
|
||||||
|
ERROR_LOG=\$(tail -n 10 /tmp/docker_deploy.log)
|
||||||
|
ESCAPED_LOG=\$(echo "\$ERROR_LOG" | sed "s/-/\\\\-/g" | sed "s/\./\\\\./g" | sed "s/!/\\\\!/g")
|
||||||
|
TEXT="❌ *Ошибка деплоя релиза ${REF_NAME}\!* %0A%0A\`\`\`%0A\$ESCAPED_LOG%0A\`\`\`"
|
||||||
|
|
||||||
|
# ИСПРАВЛЕНО: Здесь URL тоже приведен к стандарту Telegram API
|
||||||
|
curl -s -X POST "https://telegram.org\${TELEGRAM_TOKEN}/sendMessage" \
|
||||||
|
--proxy "http://${PROXY_USER}:${PROXY_PASSWORD}@${PROXY_HOST}:${PROXY_PORT}" \
|
||||||
|
-d "chat_id=${TELEGRAM_CHAT}" \
|
||||||
|
-d "parse_mode=MarkdownV2" \
|
||||||
|
-d "text=\$TEXT" > /dev/null
|
||||||
|
fi
|
||||||
|
|
||||||
|
rm -f /tmp/docker_deploy.log
|
||||||
|
' > /dev/null 2>&1 &
|
||||||
|
EOT
|
||||||
|
|
||||||
|
echo "New containers will be started after 5 seconds"
|
||||||
@@ -0,0 +1,40 @@
|
|||||||
|
name: 🤖 Test telegram deploy bot
|
||||||
|
run-name: '🤖 Test telegram deploy bot: ${{ gitea.ref_name }} by @${{ gitea.actor }}'
|
||||||
|
on:
|
||||||
|
workflow_dispatch:
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
send_test_message:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checout repository
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Configure ssh client
|
||||||
|
uses: ./.gitea/actions/configure-ssh-client
|
||||||
|
with:
|
||||||
|
ssh_host: ${{ secrets.SSH_HOST }}
|
||||||
|
|
||||||
|
- name: Prepare message
|
||||||
|
id: prepare_message
|
||||||
|
uses: ./.gitea/actions/telegram-message-escape
|
||||||
|
with:
|
||||||
|
message: 💬 Test message
|
||||||
|
|
||||||
|
- name: Send message
|
||||||
|
env:
|
||||||
|
SSHPASS: ${{ secrets.SSH_PASSWORD }}
|
||||||
|
SSH_USERNAME: ${{ secrets.SSH_USERNAME }}
|
||||||
|
SSH_HOST: ${{ secrets.SSH_HOST }}
|
||||||
|
TELEGRAM_TOKEN: ${{ secrets.TELEGRAM_DEPLOY_BOT_TOKEN }}
|
||||||
|
TELEGRAM_CHAT: ${{ secrets.TELEGRAM_DEPLOY_CHAT_ID }}
|
||||||
|
PROXY_URL: ${{ secrets.PROXY_URL }}
|
||||||
|
MESSAGE: ${{ steps.prepare_message.outputs.escaped_message }}
|
||||||
|
run: |
|
||||||
|
sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT
|
||||||
|
curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \
|
||||||
|
--proxy "${PROXY_URL}" \
|
||||||
|
-d "chat_id=${TELEGRAM_CHAT}" \
|
||||||
|
-d "parse_mode=MarkdownV2" \
|
||||||
|
-d "text=$MESSAGE" > /dev/null
|
||||||
|
EOT
|
||||||
Reference in New Issue
Block a user