flxbl-bot
44020ee09f
Run sfp CLI directly from inside the pulled server image via docker run, removing the need for a separate GITEA_TOKEN and CLI download step. Default TLS mode changed to letsencrypt. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
79 lines
2.4 KiB
YAML
79 lines
2.4 KiB
YAML
name: 'Setup SFP CLI and SSH'
|
|
description: 'Pulls the SFP server Docker image and configures SSH access. The CLI is used directly from inside the container.'
|
|
|
|
inputs:
|
|
docker-registry:
|
|
description: 'Docker registry hostname (e.g., ghcr.io, source.flxbl.io)'
|
|
required: true
|
|
docker-registry-token:
|
|
description: 'Token for authenticating with the Docker registry'
|
|
required: true
|
|
docker-registry-user:
|
|
description: 'Username for Docker registry authentication'
|
|
required: false
|
|
default: 'sfp'
|
|
image-fqdn:
|
|
description: 'Full Docker image path (e.g., ghcr.io/flxbl-io/sfp-server-rc)'
|
|
required: true
|
|
image-tag:
|
|
description: 'Docker image tag'
|
|
required: false
|
|
default: 'latest'
|
|
ssh-private-key:
|
|
description: 'SSH private key for connecting to the remote server'
|
|
required: true
|
|
ssh-host:
|
|
description: 'Hostname or IP of the target server'
|
|
required: true
|
|
|
|
outputs:
|
|
sfp-image:
|
|
description: 'Full Docker image reference that was pulled'
|
|
value: ${{ steps.pull.outputs.image }}
|
|
|
|
runs:
|
|
using: 'composite'
|
|
steps:
|
|
- name: Pull SFP server image
|
|
id: pull
|
|
shell: bash
|
|
env:
|
|
DOCKER_REGISTRY: ${{ inputs.docker-registry }}
|
|
DOCKER_REGISTRY_TOKEN: ${{ inputs.docker-registry-token }}
|
|
DOCKER_REGISTRY_USER: ${{ inputs.docker-registry-user }}
|
|
IMAGE_FQDN: ${{ inputs.image-fqdn }}
|
|
IMAGE_TAG: ${{ inputs.image-tag }}
|
|
run: |
|
|
echo "::group::Pull SFP server image"
|
|
|
|
echo "Logging in to $DOCKER_REGISTRY..."
|
|
echo "$DOCKER_REGISTRY_TOKEN" | docker login "$DOCKER_REGISTRY" -u "$DOCKER_REGISTRY_USER" --password-stdin
|
|
|
|
IMAGE="${IMAGE_FQDN}:${IMAGE_TAG}"
|
|
echo "Pulling $IMAGE..."
|
|
docker pull "$IMAGE"
|
|
|
|
echo "Verifying sfp CLI inside image..."
|
|
docker run --rm "$IMAGE" sfp --version
|
|
|
|
echo "image=$IMAGE" >> $GITHUB_OUTPUT
|
|
echo "::endgroup::"
|
|
|
|
- name: Setup SSH
|
|
shell: bash
|
|
env:
|
|
SSH_PRIVATE_KEY: ${{ inputs.ssh-private-key }}
|
|
SSH_HOST: ${{ inputs.ssh-host }}
|
|
run: |
|
|
echo "::group::Setup SSH"
|
|
|
|
mkdir -p ~/.ssh
|
|
echo "$SSH_PRIVATE_KEY" > ~/.ssh/deploy_key
|
|
chmod 600 ~/.ssh/deploy_key
|
|
|
|
echo "Adding $SSH_HOST to known hosts..."
|
|
ssh-keyscan -H "$SSH_HOST" >> ~/.ssh/known_hosts 2>/dev/null
|
|
|
|
echo "SSH configured for $SSH_HOST"
|
|
echo "::endgroup::"
|