Update deploy workflow for private repo with deploy keys
Deploy to LXC / deploy (push) Successful in 19s
Deploy to LXC / deploy (push) Successful in 19s
Two SSH keys needed: - DEPLOY_KEY: CI runner → LXC server (SSH access) - REPO_DEPLOY_KEY: LXC server → Gitea repo (git pull access) Workflow writes the repo deploy key to ~/.ssh on the server and configures SSH to use it for git.b4l.co.th. Handles first deploy (clone) and subsequent deploys (pull) automatically. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -18,10 +18,34 @@ jobs:
|
||||
script: |
|
||||
set -e
|
||||
|
||||
cd ${{ secrets.DEPLOY_PATH || '/home/bflr/buildfor_life_repair' }}
|
||||
APP_DIR="${{ secrets.DEPLOY_PATH || '/home/bflr/buildfor_life_repair' }}"
|
||||
|
||||
echo "==> Pulling latest code..."
|
||||
git pull origin main
|
||||
# Set up deploy key for private repo access
|
||||
mkdir -p ~/.ssh
|
||||
echo "${{ secrets.REPO_DEPLOY_KEY }}" > ~/.ssh/repo_deploy_key
|
||||
chmod 600 ~/.ssh/repo_deploy_key
|
||||
|
||||
# Configure SSH to use deploy key for git.b4l.co.th
|
||||
if ! grep -q "git.b4l.co.th" ~/.ssh/config 2>/dev/null; then
|
||||
cat >> ~/.ssh/config <<EOF
|
||||
Host git.b4l.co.th
|
||||
HostName git.b4l.co.th
|
||||
IdentityFile ~/.ssh/repo_deploy_key
|
||||
StrictHostKeyChecking accept-new
|
||||
EOF
|
||||
chmod 600 ~/.ssh/config
|
||||
fi
|
||||
|
||||
# Clone if first deploy, otherwise pull
|
||||
if [ ! -d "$APP_DIR" ]; then
|
||||
echo "==> First deploy, cloning..."
|
||||
git clone git@git.b4l.co.th:B4L/buildfor_life_repair.git "$APP_DIR"
|
||||
cd "$APP_DIR"
|
||||
else
|
||||
cd "$APP_DIR"
|
||||
echo "==> Pulling latest code..."
|
||||
git pull origin main
|
||||
fi
|
||||
|
||||
echo "==> Installing dependencies..."
|
||||
npm ci --production=false
|
||||
|
||||
Reference in New Issue
Block a user