adding steps to authenticate with Github to pipeline
This commit is contained in:
+32
-25
@@ -9,46 +9,52 @@ on:
|
|||||||
jobs:
|
jobs:
|
||||||
test-and-lint:
|
test-and-lint:
|
||||||
name: Test and Lint Code
|
name: Test and Lint Code
|
||||||
runs-on: ubuntu-latest # CORRECTED: This key was missing.
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
|
# This container definition is more specific and includes all tools from the start.
|
||||||
|
container:
|
||||||
|
image: alpine:latest # A clean, basic image
|
||||||
|
# Pass the GitHub PAT to the container so it can clone actions
|
||||||
|
options: --env GITEA_PAT=${{ secrets.GH_PAT }}
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: 1. Authenticate to Docker Hub
|
- name: 1. Install System Dependencies
|
||||||
|
run: |
|
||||||
|
echo "Sanctifying container with all necessary tools..."
|
||||||
|
# Install everything needed for the entire job at the beginning
|
||||||
|
apk add --no-cache git curl nodejs-current lua5.1-dev build-base luacheck luarocks
|
||||||
|
|
||||||
|
- name: 2. Install Lua Dependencies
|
||||||
|
run: |
|
||||||
|
echo "Installing Lua scripture..."
|
||||||
|
luarocks-5.1 install busted
|
||||||
|
# Note: The checkout step will happen after this, so file copying must happen later.
|
||||||
|
|
||||||
|
- name: 3. Authenticate to Docker Hub
|
||||||
uses: docker/login-action@v3
|
uses: docker/login-action@v3
|
||||||
with:
|
with:
|
||||||
username: ${{ secrets.DOCKER_USERNAME }}
|
username: ${{ secrets.DOCKER_USERNAME }}
|
||||||
password: ${{ secrets.DOCKER_PASSWORD }}
|
password: ${{ secrets.DOCKER_PASSWORD }}
|
||||||
|
|
||||||
- name: 2. Checkout Repository Code
|
- name: 4. Checkout Repository Code
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
- name: 3. Install Lua Dependencies in Alpine
|
|
||||||
# We must run this step inside the target container
|
|
||||||
uses: add-and-commit/docker-run-action@v3
|
|
||||||
with:
|
with:
|
||||||
image: node:lts-alpine
|
# Use the PAT for checking out the repository code itself
|
||||||
# The shell command is now run within the node:lts-alpine container
|
token: ${{ secrets.GH_PAT }}
|
||||||
run: |
|
|
||||||
echo "Sanctifying container with Lua tools..."
|
|
||||||
apk add --no-cache luacheck lua5.1-dev build-base git luarocks
|
|
||||||
luarocks-5.1 install busted
|
|
||||||
cp lib/json.lua skyweave/
|
|
||||||
|
|
||||||
- name: 4. Run Luacheck Scrutiny in Alpine
|
- name: 5. Run Luacheck Scrutiny
|
||||||
uses: add-and-commit/docker-run-action@v3
|
|
||||||
with:
|
|
||||||
image: node:lts-alpine
|
|
||||||
run: |
|
run: |
|
||||||
echo "Scanning Lua scripture..."
|
echo "Scanning Lua scripture..."
|
||||||
luacheck --std lua51 .
|
luacheck --std lua51 .
|
||||||
|
|
||||||
- name: 5. Perform Unit Inquisition (Busted) in Alpine
|
- name: 6. Perform Unit Inquisition (Busted)
|
||||||
uses: add-and-commit/docker-run-action@v3
|
|
||||||
with:
|
|
||||||
image: node:lts-alpine
|
|
||||||
run: |
|
run: |
|
||||||
echo "Initiating unit tests..."
|
echo "Initiating unit tests..."
|
||||||
|
# Copy the library needed for testing right before the test runs
|
||||||
|
cp lib/json.lua skyweave/
|
||||||
busted --lua=lua5.1 --verbose spec/
|
busted --lua=lua5.1 --verbose spec/
|
||||||
|
|
||||||
|
# The deploy job remains the same, but also benefits from authentication
|
||||||
deploy-to-device:
|
deploy-to-device:
|
||||||
name: Deploy to Roof Unit
|
name: Deploy to Roof Unit
|
||||||
needs: test-and-lint
|
needs: test-and-lint
|
||||||
@@ -64,22 +70,23 @@ jobs:
|
|||||||
|
|
||||||
- name: 2. Checkout Repository Code
|
- name: 2. Checkout Repository Code
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
|
with:
|
||||||
|
token: ${{ secrets.GH_PAT }}
|
||||||
|
|
||||||
- name: 3. Prepare SSH Environment
|
- name: 3. Prepare SSH Environment
|
||||||
|
# ... this part remains exactly the same as the previous version ...
|
||||||
run: |
|
run: |
|
||||||
echo "Preparing the sacred keys and crypto-litany for SSH communion..."
|
echo "Preparing the sacred keys and crypto-litany for SSH communion..."
|
||||||
mkdir -p ~/.ssh/
|
mkdir -p ~/.ssh/
|
||||||
echo "${{ secrets.ROOF_UNIT_SSH_KEY }}" > ~/.ssh/id_rsa
|
echo "${{ secrets.ROOF_UNIT_SSH_KEY }}" > ~/.ssh/id_rsa
|
||||||
chmod 600 ~/.ssh/id_rsa
|
chmod 600 ~/.ssh/id_rsa
|
||||||
|
|
||||||
ssh-keyscan -H "${{ secrets.ROOF_UNIT_HOSTNAME }}" >> ~/.ssh/known_hosts
|
ssh-keyscan -H "${{ secrets.ROOF_UNIT_HOSTNAME }}" >> ~/.ssh/known_hosts
|
||||||
|
|
||||||
echo "Host roof-unit" > ~/.ssh/config
|
echo "Host roof-unit" > ~/.ssh/config
|
||||||
echo " HostName ${{ secrets.ROOF_UNIT_HOSTNAME }}" >> ~/.ssh/config
|
echo " HostName ${{ secrets.ROOF_UNIT_HOSTNAME }}" >> ~/.ssh/config
|
||||||
echo " User ${{ secrets.ROOF_UNIT_USER }}" >> ~/.ssh/config
|
echo " User ${{ secrets.ROOF_UNIT_USER }}" >> ~/.ssh/config
|
||||||
echo " IdentityFile ~/.ssh/id_rsa" >> ~/.ssh/config
|
echo " IdentityFile ~/.ssh/id_rsa" >> ~/.ssh/config
|
||||||
echo " KexAlgorithms +diffie-hellman-group1-sha1" >> ~/.ssh/config
|
echo " KexAlgorithms +diffie-hellman-group1-sha1" >> ~/.ssh/config
|
||||||
echo " HostKeyAlgorithms +ssh-rsa" >> ~/.ssh/config
|
echo " HostKeyAlgorithms +ssh-rsa" >> ~/.ssh/gitea/runners/gitea-runner-1/config
|
||||||
echo " MACs +hmac-sha1" >> ~/.ssh/config
|
echo " MACs +hmac-sha1" >> ~/.ssh/config
|
||||||
echo " PubkeyAcceptedAlgorithms +ssh-rsa" >> ~/.ssh/config
|
echo " PubkeyAcceptedAlgorithms +ssh-rsa" >> ~/.ssh/config
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user