blob: ecf0fa5873236bbdf9bfc8dba27fd8cee4a3435e (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
name: Maintenance
on:
- push
- workflow_dispatch
jobs:
infra:
runs-on: ubuntu-latest
env:
AWS_ACCESS_KEY_ID: '${{ secrets.AWS_ACCESS_KEY_ID }}'
AWS_SECRET_ACCESS_KEY: '${{ secrets.AWS_SECRET_ACCESS_KEY }}'
DIGITALOCEAN_TOKEN: '${{ secrets.DIGITALOCEAN_TOKEN }}'
YC_SERVICE_ACCOUNT_KEY_FILE: '${{ secrets.YC_SERVICE_ACCOUNT_KEY_FILE }}'
steps:
- name: Set up Terraform
uses: hashicorp/setup-terraform@v3
- name: Add SSH key
run: |
mkdir -p ~/.ssh
cat > ~/.ssh/config <<'EOF'
StrictHostKeyChecking no
EOF
cat > ~/.ssh/id_ed25519 <<'EOF'
${{ secrets.SSH_KEY }}
EOF
chmod 0600 ~/.ssh/id_ed25519
- name: Checkout
run: |
git clone -q ssh://git@bitbucket.org/egor-tensin/infra.git
- name: Configure git
run: |
git config --global user.name 'Egor Tensin'
git config --global user.email 'egor@tensin.name'
- name: Run maintenance
run: |
make -C infra maintenance
yandex-cloud-cli-bin:
runs-on: ubuntu-latest
container:
image: archlinux:base-devel
steps:
- name: Install dependencies
run: |
pacman -Sy --noconfirm git openssh
- name: Add SSH key
run: |
mkdir -p /root/.ssh/
cat > /root/.ssh/config <<'EOF'
StrictHostKeyChecking no
EOF
cat > /root/.ssh/id_ed25519 <<'EOF'
${{ secrets.SSH_KEY }}
EOF
chmod 0600 /root/.ssh/id_ed25519
- name: Checkout
run: |
git clone -q ssh://aur@aur.archlinux.org/yandex-cloud-cli-bin.git
chmod -R o+w yandex-cloud-cli-bin
- name: Run maintenance
run: |
git config --system --add safe.directory "$( pwd )/yandex-cloud-cli-bin"
# Stupid makepkg hard forbids running as root, which is stupid, which
# is why I'm doing all of that stupidity here and above.
runuser -u nobody -- make -C yandex-cloud-cli-bin maintenance
|
