workflows: split things into different workflows

author: Egor Tensin <egor@tensin.name> 2025-09-09 14:38:04 +0200
committer: Egor Tensin <egor@tensin.name> 2025-09-09 14:44:12 +0200
commit: 34b109bd747c7b9d30c9f78e8f0bf70ce9de10b9 (patch)
tree: eada6d237e3c4881b0cc1dd5c6d04a35c45b916f /.github/workflows/main.yml
parent: workflows: add infra job (diff)
download: maintenance-34b109bd747c7b9d30c9f78e8f0bf70ce9de10b9.tar.gz
maintenance-34b109bd747c7b9d30c9f78e8f0bf70ce9de10b9.zip
1 files changed, 5 insertions, 56 deletions
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index ecf0fa5..c53bb8f 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -5,62 +5,11 @@ on:
   - workflow_dispatch
 
 jobs:
+
   infra:
-    runs-on: ubuntu-latest
-    env:
-      AWS_ACCESS_KEY_ID: '${{ secrets.AWS_ACCESS_KEY_ID }}'
-      AWS_SECRET_ACCESS_KEY: '${{ secrets.AWS_SECRET_ACCESS_KEY }}'
-      DIGITALOCEAN_TOKEN: '${{ secrets.DIGITALOCEAN_TOKEN }}'
-      YC_SERVICE_ACCOUNT_KEY_FILE: '${{ secrets.YC_SERVICE_ACCOUNT_KEY_FILE }}'
-    steps:
-      - name: Set up Terraform
-        uses: hashicorp/setup-terraform@v3
-      - name: Add SSH key
-        run: |
-          mkdir -p ~/.ssh
-          cat > ~/.ssh/config <<'EOF'
-          StrictHostKeyChecking no
-          EOF
-          cat > ~/.ssh/id_ed25519 <<'EOF'
-          ${{ secrets.SSH_KEY }}
-          EOF
-          chmod 0600 ~/.ssh/id_ed25519
-      - name: Checkout
-        run: |
-          git clone -q ssh://git@bitbucket.org/egor-tensin/infra.git
-      - name: Configure git
-        run: |
-          git config --global user.name 'Egor Tensin'
-          git config --global user.email 'egor@tensin.name'
-      - name: Run maintenance
-        run: |
-          make -C infra maintenance
+    secrets: inherit
+    uses: ./.github/workflows/infra.yml
 
   yandex-cloud-cli-bin:
-    runs-on: ubuntu-latest
-    container:
-      image: archlinux:base-devel
-    steps:
-      - name: Install dependencies
-        run: |
-          pacman -Sy --noconfirm git openssh
-      - name: Add SSH key
-        run: |
-          mkdir -p /root/.ssh/
-          cat > /root/.ssh/config <<'EOF'
-          StrictHostKeyChecking no
-          EOF
-          cat > /root/.ssh/id_ed25519 <<'EOF'
-          ${{ secrets.SSH_KEY }}
-          EOF
-          chmod 0600 /root/.ssh/id_ed25519
-      - name: Checkout
-        run: |
-          git clone -q ssh://aur@aur.archlinux.org/yandex-cloud-cli-bin.git
-          chmod -R o+w yandex-cloud-cli-bin
-      - name: Run maintenance
-        run: |
-          git config --system --add safe.directory "$( pwd )/yandex-cloud-cli-bin"
-          # Stupid makepkg hard forbids running as root, which is stupid, which
-          # is why I'm doing all of that stupidity here and above.
-          runuser -u nobody -- make -C yandex-cloud-cli-bin maintenance
+    secrets: inherit
+    uses: ./.github/workflows/yandex-cloud-cli-bin.yml
author	Egor Tensin <egor@tensin.name>	2025-09-09 14:38:04 +0200
committer	Egor Tensin <egor@tensin.name>	2025-09-09 14:44:12 +0200
commit	34b109bd747c7b9d30c9f78e8f0bf70ce9de10b9 (patch)
tree	eada6d237e3c4881b0cc1dd5c6d04a35c45b916f /.github/workflows/main.yml
parent	workflows: add infra job (diff)
download	maintenance-34b109bd747c7b9d30c9f78e8f0bf70ce9de10b9.tar.gz maintenance-34b109bd747c7b9d30c9f78e8f0bf70ce9de10b9.zip