init

2025-11-11 02:29:49 +03:00
commit 1c90cc90af
10 changed files with 475 additions and 0 deletions
--- a/.gitea/workflows/helm_values_deploy.yaml
+++ b/.gitea/workflows/helm_values_deploy.yaml
@@ -0,0 +1,103 @@
+name: Deploy to application version
+on:
+  workflow_call:
+    inputs:
+      ci_image:
+        required: true
+        type: string
+        description: image to use inside the workflow jobs
+        default: git.romalex.cc/public/ci-image:v1
+      deploy_repo_server:
+        required: true
+        type: string
+        description: deploy repo server
+        default: git.romalex.cc
+      deploy_repo_server_port:
+        required: true
+        type: number
+        description: deploy repo server port
+        default: 2222
+      deploy_repo_server_user:
+        required: true
+        type: string
+        description: username to access the deploy repo server. Typically git for github and gitea for gitea
+        default: gitea
+      deploy_repo_branch:
+        required: true
+        type: string
+        description: branch to checkout and to update in deploy repo
+        default: master
+      tag_property_path:
+        required: true
+        type: string
+        description: path to the property containing image tag to update
+      version:
+        required: true
+        type: string
+        description: version of the docker image to update the application to
+      deploy_repo:
+        required: true
+        type: string
+        description: path to the deploy repo (without server). for example, romalex/deploy
+      values_file_path:
+        required: true
+        type: string
+        description: path to the helm values file to update the tag
+    secrets:
+      deploy_repo_ssh_key:
+        required: true
+        description: private SSH key to clone from/push to deploy repo
+
+jobs:
+  get_author_email:
+    name: Get author email
+    runs-on: romalex-public
+    container:
+      image: ${{ inputs.ci_image }}
+    outputs:
+      author_email: ${{ steps.get_email.outputs.author_email }}
+    steps:
+      - name: Get author email
+        id: get_email
+        run: |
+          email="$(curl -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
+          ${{ github.api_url }}/users/${{ github.actor }} | \
+          jq -r .email)"
+          echo "author_email=${email}" >> "${GITHUB_OUTPUT}"          
+
+  update_image_tag:
+    name: Update image tag
+    runs-on: romalex-public
+    container:
+      image: ${{ inputs.ci_image }}
+    needs: get_author_email
+    steps:
+      - name: Configure git
+        run: |
+          git config --global user.email "${{ needs.get_author_email.outputs.author_email }}"
+          git config --global user.name "${{ github.actor }}"
+      - name: Configure ssh
+        run: |
+          cat > ~/.ssh/private_key << EOF
+          ${{ secrets.deploy_repo_ssh_key }}
+          EOF
+          chmod 600 ~/.ssh/private_key
+          cat > ~/.ssh/config << EOF
+          Host ${{ inputs.deploy_repo_server }}
+              IdentityFile ~/.ssh/private_key
+              User ${{ inputs.deploy_repo_server_user }}
+              Port ${{ inputs.deploy_repo_server_port }}
+              StrictHostKeyChecking no
+          EOF
+      - name: Clone repo and update image tag
+        run: |
+          deploy_repo='ssh://${{ inputs.deploy_repo_server_user }}@${{ inputs.deploy_repo_server }}:${{ inputs.deploy_repo_server_port }}/${{ inputs.deploy_repo }}.git'
+          git clone --depth 1 "${deploy_repo}"
+          directory="${deploy_repo##*/}"
+          directory="${directory%.git}"
+          cd "${directory}"
+          git switch '${{ inputs.deploy_repo_branch }}'
+          yq e '${{ inputs.tag_property_path }} = "${{ inputs.version }}"' -i '${{ inputs.values_file_path }}'
+          git add .
+          git commit -m 'Update ${{ github.repository }} to ${{ inputs.version }}'
+          git push origin '${{ inputs.deploy_repo_branch }}'