-
Notifications
You must be signed in to change notification settings - Fork 1
52 lines (46 loc) · 1.92 KB
/
branch-deploy.yml
File metadata and controls
52 lines (46 loc) · 1.92 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
name: branch-deploy
on:
issue_comment:
types: [created]
# Permissions needed for reacting and adding comments for IssueOps commands
permissions:
pull-requests: write
deployments: write
contents: write
checks: read
statuses: read
jobs:
deploy:
environment: production-secrets
if: # only run on pull request comments and very specific comment body string as defined in our branch-deploy settings
${{ github.event.issue.pull_request &&
(contains(github.event.comment.body, '.deploy') ||
contains(github.event.comment.body, '.lock') ||
contains(github.event.comment.body, '.noop') ||
contains(github.event.comment.body, '.help') ||
contains(github.event.comment.body, '.wcid') ||
contains(github.event.comment.body, '.unlock')) }}
runs-on: ubuntu-latest
steps:
- uses: github/branch-deploy@v9
id: branch-deploy
with:
admins: the-hideout/core-contributors
admins_pat: ${{ secrets.BRANCH_DEPLOY_ADMINS_PAT }}
environment_targets: production
sticky_locks: "true"
- name: checkout
if: ${{ steps.branch-deploy.outputs.continue == 'true' }}
uses: actions/checkout@v4
with:
ref: ${{ steps.branch-deploy.outputs.sha }}
- name: SSH Remote Deploy
if: ${{ steps.branch-deploy.outputs.continue == 'true' && steps.branch-deploy.outputs.noop != 'true' }}
uses: appleboy/ssh-action@7eaf76671a0d7eec5d98ee897acda4f968735a17 # pin@v1.2.0
with:
host: ${{ secrets.SSH_HOST }}
username: ${{ secrets.SSH_USERNAME }}
key: ${{ secrets.SSH_KEY }}
port: ${{ secrets.SSH_PORT }}
script_stop: true
script: ~/cache/script/deploy -r "${{ steps.branch-deploy.outputs.sha }}" -f "${{ steps.branch-deploy.outputs.fork_checkout }}" -d "/home/${{ secrets.SSH_USERNAME }}/cache" -n "${{ steps.branch-deploy.outputs.fork_full_name }}"