diff options
Diffstat (limited to '.github')
| -rw-r--r-- | .github/workflows/codeql-analysis.yml | 39 | ||||
| -rw-r--r-- | .github/workflows/go.yml | 21 | ||||
| -rw-r--r-- | .github/workflows/kubernetes-cd.yml | 80 | ||||
| -rw-r--r-- | .github/workflows/nix.yml | 46 | ||||
| -rw-r--r-- | .github/workflows/rust.yml | 25 |
5 files changed, 61 insertions, 150 deletions
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml deleted file mode 100644 index 5e7db4c..0000000 --- a/.github/workflows/codeql-analysis.yml +++ /dev/null @@ -1,39 +0,0 @@ -name: "Code scanning - action" - -on: - push: - pull_request: - schedule: - - cron: '0 18 * * 6' - -jobs: - CodeQL-Build: - runs-on: ubuntu-latest - - steps: - - name: Checkout repository - uses: actions/checkout@v2 - with: - # We must fetch at least the immediate parents so that if this is - # a pull request then we can checkout the head. - fetch-depth: 2 - - # If this run was triggered by a pull request event, then checkout - # the head of the pull request instead of the merge commit. - - run: git checkout HEAD^2 - if: ${{ github.event_name == 'pull_request' }} - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v1 - # Override language selection by uncommenting this and choosing your languages - with: - languages: go - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v1 - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml deleted file mode 100644 index e1e986f..0000000 --- a/.github/workflows/go.yml +++ /dev/null @@ -1,21 +0,0 @@ -name: Go -on: - - push - - pull_request -jobs: - build: - name: Build - runs-on: ubuntu-latest - steps: - - name: Set up Go 1.14 - uses: actions/setup-go@v1 - with: - go-version: 1.14 - id: go - - name: Check out code into the Go module directory - uses: actions/checkout@v1 - - name: Test - run: go test -v ./... - env: - GO111MODULE: on - GOPROXY: https://cache.greedo.xeserv.us diff --git a/.github/workflows/kubernetes-cd.yml b/.github/workflows/kubernetes-cd.yml deleted file mode 100644 index 37f47b1..0000000 --- a/.github/workflows/kubernetes-cd.yml +++ /dev/null @@ -1,80 +0,0 @@ -name: "CI/CD" -on: - push: - branches: - - master -jobs: - deploy: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v1 - - name: Build container image - run: | - docker build -t xena/christinewebsite:$(echo $GITHUB_SHA | head -c7) . - echo $DOCKER_PASSWORD | docker login -u $DOCKER_USERNAME --password-stdin - docker push xena/christinewebsite - env: - DOCKER_USERNAME: "xena" - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - - name: Download secrets/Install/Configure/Use Dyson - run: | - mkdir ~/.ssh - echo $FILE_DATA | base64 -d > ~/.ssh/id_rsa - md5sum ~/.ssh/id_rsa - chmod 600 ~/.ssh/id_rsa - git clone git@ssh.tulpa.dev:cadey/within-terraform-secret - curl https://xena.greedo.xeserv.us/files/dyson-linux-amd64-0.1.0.tgz | tar xz - cp ./dyson-linux-amd64-0.1.1/dyson . - rm -rf dyson-linux-amd64-0.1.1 - mkdir -p ~/.config/dyson - - echo '[DigitalOcean] - Token = "" - - [Cloudflare] - Email = "" - Token = "" - - [Secrets] - GitCheckout = "./within-terraform-secret"' > ~/.config/dyson/dyson.ini - - ./dyson manifest \ - --name=christinewebsite \ - --domain=christine.website \ - --dockerImage=xena/christinewebsite:$(echo $GITHUB_SHA | head -c7) \ - --containerPort=5000 \ - --replicas=2 \ - --useProdLE=true > $GITHUB_WORKSPACE/deploy.yml - env: - FILE_DATA: ${{ secrets.SSH_PRIVATE_KEY }} - GIT_SSH_COMMAND: "ssh -i ~/.ssh/id_rsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" - - name: Save DigitalOcean kubeconfig - uses: digitalocean/action-doctl@master - env: - DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }} - with: - args: kubernetes cluster kubeconfig show kubermemes > $GITHUB_WORKSPACE/.kubeconfig - - name: Deploy to DigitalOcean Kubernetes - uses: docker://lachlanevenson/k8s-kubectl - with: - args: --kubeconfig=/github/workspace/.kubeconfig apply -n apps -f /github/workspace/deploy.yml - - name: Verify deployment - uses: docker://lachlanevenson/k8s-kubectl - with: - args: --kubeconfig=/github/workspace/.kubeconfig rollout status -n apps deployment/christinewebsite - - name: Ping Google - uses: docker://lachlanevenson/k8s-kubectl - with: - args: --kubeconfig=/github/workspace/.kubeconfig apply -f /github/workspace/k8s/job.yml - - name: Sleep - run: | - sleep 5 - - name: Don't Ping Google - uses: docker://lachlanevenson/k8s-kubectl - with: - args: --kubeconfig=/github/workspace/.kubeconfig delete -f /github/workspace/k8s/job.yml - - name: POSSE - env: - MI_TOKEN: ${{ secrets.MI_TOKEN }} - run: | - curl -H "Authorization: $MI_TOKEN" --data "https://christine.website/blog.json" https://mi.within.website/blog/refresh diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml index 1c09d87..a2e3a4a 100644 --- a/.github/workflows/nix.yml +++ b/.github/workflows/nix.yml @@ -1,16 +1,42 @@ name: "Nix" on: push: + branches: + - master + pull_request: + branches: + - master jobs: - tests: + docker-build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v1 - - uses: cachix/install-nix-action@v6 - - uses: cachix/cachix-action@v3 - with: - name: xe - - run: | - nix-build docker.nix - docker load -i result - docker tag xena/christinewebsite:latest xena/christinewebsite:$(echo $GITHUB_SHA | head -c7) + - uses: actions/checkout@v1 + - uses: cachix/install-nix-action@v6 + - uses: cachix/cachix-action@v3 + with: + name: xe + signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}' + authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' + - run: | + docker load -i result + docker tag xena/christinewebsite:latest xena/christinewebsite:$GITHUB_SHA + echo $DOCKER_PASSWORD | docker login -u $DOCKER_USERNAME --password-stdin + docker push xena/christinewebsite + env: + DOCKER_USERNAME: "xena" + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + release: + runs-on: ubuntu-latest + needs: docker-build + if: github.ref == 'refs/heads/master' + steps: + - uses: cachix/install-nix-action@v6 + - name: deploy + run: ./scripts/release.sh + env: + DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }} + MI_TOKEN: ${{ secrets.MI_TOKEN }} + PATREON_ACCESS_TOKEN: ${{ secrets.PATREON_ACCESS_TOKEN }} + PATREON_CLIENT_ID: ${{ secrets.PATREON_CLIENT_ID }} + PATREON_CLIENT_SECRET: ${{ secrets.PATREON_CLIENT_SECRET }} + PATREON_REFRESH_TOKEN: ${{ secrets.PATREON_REFRESH_TOKEN }} diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml new file mode 100644 index 0000000..1e18d23 --- /dev/null +++ b/.github/workflows/rust.yml @@ -0,0 +1,25 @@ +name: Rust +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] +env: + CARGO_TERM_COLOR: always +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Build + run: cargo build --all + - name: Run tests + run: | + cargo test + (cd lib/jsonfeed && cargo test) + (cd lib/patreon && cargo test) + env: + PATREON_ACCESS_TOKEN: ${{ secrets.PATREON_ACCESS_TOKEN }} + PATREON_CLIENT_ID: ${{ secrets.PATREON_CLIENT_ID }} + PATREON_CLIENT_SECRET: ${{ secrets.PATREON_CLIENT_SECRET }} + PATREON_REFRESH_TOKEN: ${{ secrets.PATREON_REFRESH_TOKEN }} |