1 files changed, 34 insertions, 5 deletions

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 63a320b..ecf0fa5 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -5,6 +5,37 @@ on:
   - workflow_dispatch
 
 jobs:
+  infra:
+    runs-on: ubuntu-latest
+    env:
+      AWS_ACCESS_KEY_ID: '${{ secrets.AWS_ACCESS_KEY_ID }}'
+      AWS_SECRET_ACCESS_KEY: '${{ secrets.AWS_SECRET_ACCESS_KEY }}'
+      DIGITALOCEAN_TOKEN: '${{ secrets.DIGITALOCEAN_TOKEN }}'
+      YC_SERVICE_ACCOUNT_KEY_FILE: '${{ secrets.YC_SERVICE_ACCOUNT_KEY_FILE }}'
+    steps:
+      - name: Set up Terraform
+        uses: hashicorp/setup-terraform@v3
+      - name: Add SSH key
+        run: |
+          mkdir -p ~/.ssh
+          cat > ~/.ssh/config <<'EOF'
+          StrictHostKeyChecking no
+          EOF
+          cat > ~/.ssh/id_ed25519 <<'EOF'
+          ${{ secrets.SSH_KEY }}
+          EOF
+          chmod 0600 ~/.ssh/id_ed25519
+      - name: Checkout
+        run: |
+          git clone -q ssh://git@bitbucket.org/egor-tensin/infra.git
+      - name: Configure git
+        run: |
+          git config --global user.name 'Egor Tensin'
+          git config --global user.email 'egor@tensin.name'
+      - name: Run maintenance
+        run: |
+          make -C infra maintenance
+
   yandex-cloud-cli-bin:
     runs-on: ubuntu-latest
     container:
@@ -13,14 +44,12 @@ jobs:
       - name: Install dependencies
         run: |
           pacman -Sy --noconfirm git openssh
-
-          mkdir -p /root/.ssh
-          cat > /root/.ssh/config <<'EOF'
-          StrictHostKeyChecking no
-          EOF
       - name: Add SSH key
         run: |
           mkdir -p /root/.ssh/
+          cat > /root/.ssh/config <<'EOF'
+          StrictHostKeyChecking no
+          EOF
           cat > /root/.ssh/id_ed25519 <<'EOF'
           ${{ secrets.SSH_KEY }}
           EOF