diff options
| author | Jan Holthuis <jan.holthuis@ruhr-uni-bochum.de> | 2021-04-27 13:57:51 +0200 |
|---|---|---|
| committer | Jan Holthuis <jan.holthuis@ruhr-uni-bochum.de> | 2021-04-29 02:07:40 +0200 |
| commit | a9739a8e78b3b6aa711f25a885faba9474d28b13 (patch) | |
| tree | c4fe81f8c849050984e188dd45209f8a85c64c1c /.github/workflows/build.yml | |
| parent | e35a5e30ee67944b9b1cbb478a7dbe776ef40ca1 (diff) | |
CI: Use SSH Agent to deploy to download server
Diffstat (limited to '.github/workflows/build.yml')
| -rw-r--r-- | .github/workflows/build.yml | 46 |
1 files changed, 36 insertions, 10 deletions
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 333d6e282f..843ae3eecb 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -391,15 +391,28 @@ jobs: --dest-url 'https://downloads.mixxx.org' ${{ matrix.artifacts_path }} + - name: "Set up SSH Agent" + if: github.event_name == 'push' && env.SSH_PRIVATE_KEY != null + shell: bash + env: + SSH_AUTH_SOCK: /tmp/ssh_agent.sock + SSH_PRIVATE_KEY: ${{ secrets.DOWNLOADS_HOSTGATOR_DOT_MIXXX_DOT_ORG_KEY }} + SSH_HOST: downloads-hostgator.mixxx.org + run: | + ssh-agent -a $SSH_AUTH_SOCK > /dev/null + ssh-add - <<< "${SSH_PRIVATE_KEY}" + mkdir -p "${HOME}/.ssh" + ssh-keyscan "${SSH_HOST}" >> "${HOME}/.ssh/known_hosts" + echo "SSH_AUTH_SOCK=${SSH_AUTH_SOCK}" >> "${GITHUB_ENV}" + - name: "[macOS/Windows] Upload build to downloads.mixxx.org" # skip deploying Ubuntu builds to downloads.mixxx.org because these are deployed to the PPA - if: runner.os != 'Linux' && github.event_name == 'push' && env.SSH_PASSWORD != null - run: bash tools/deploy.sh deploy/ + if: runner.os != 'Linux' && github.event_name == 'push' && env.SSH_AUTH_SOCK != null + shell: bash --login -eo pipefail "{0}" + run: rsync --verbose --recursive --checksum --times --delay-updates "deploy/" "${SSH_USER}@${SSH_HOST}:${DESTDIR}/" env: - DESTDIR: public_html/downloads/ + DESTDIR: public_html/downloads SSH_HOST: downloads-hostgator.mixxx.org - SSH_KEY: packaging/certificates/downloads-hostgator.mixxx.org.key - SSH_PASSWORD: ${{ secrets.DOWNLOADS_HOSTGATOR_DOT_MIXXX_DOT_ORG_KEY_PASSWORD }} SSH_USER: mixxx # Workaround for https://github.com/actions/cache/issues/531 @@ -450,14 +463,27 @@ jobs: JOB_DATA: ${{ toJSON(needs.build) }} SSH_PASSWORD: ${{ secrets.DOWNLOADS_HOSTGATOR_DOT_MIXXX_DOT_ORG_KEY_PASSWORD }} + - name: "Set up SSH Agent" + if: github.event_name == 'push' && env.SSH_PRIVATE_KEY != null && env.MANIFEST_DIRTY != null && env.MANIFEST_DIRTY != '0' + shell: bash + env: + SSH_AUTH_SOCK: /tmp/ssh_agent.sock + SSH_PRIVATE_KEY: ${{ secrets.DOWNLOADS_HOSTGATOR_DOT_MIXXX_DOT_ORG_KEY }} + SSH_HOST: downloads-hostgator.mixxx.org + run: | + ssh-agent -a $SSH_AUTH_SOCK > /dev/null + ssh-add - <<< "${SSH_PRIVATE_KEY}" + mkdir -p "${HOME}/.ssh" + ssh-keyscan "${SSH_HOST}" >> "${HOME}/.ssh/known_hosts" + echo "SSH_AUTH_SOCK=${SSH_AUTH_SOCK}" >> "${GITHUB_ENV}" + - name: "Deploy Manifest" - if: github.event_name == 'push' && env.SSH_PASSWORD != null && env.MANIFEST_DIRTY != null && env.MANIFEST_DIRTY != '0' - run: bash tools/deploy.sh deploy/ + if: github.event_name == 'push' && env.SSH_AUTH_SOCK != null + shell: bash + run: rsync --verbose --recursive --checksum --times --delay-updates "deploy/" "${SSH_USER}@${SSH_HOST}:${DESTDIR}/" env: - DESTDIR: public_html/downloads/ + DESTDIR: public_html/downloads SSH_HOST: downloads-hostgator.mixxx.org - SSH_KEY: packaging/certificates/downloads-hostgator.mixxx.org.key - SSH_PASSWORD: ${{ secrets.DOWNLOADS_HOSTGATOR_DOT_MIXXX_DOT_ORG_KEY_PASSWORD }} SSH_USER: mixxx - name: "Trigger Netlify build" |