Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
@@ -7,18 +7,24 @@ on:
|
||||
|
||||
jobs:
|
||||
deploy:
|
||||
runs-on: [linux, x64, server-2]
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Deploy via SSH
|
||||
env:
|
||||
VPN_HOST: ${{ secrets.VPN_HOST }}
|
||||
VPN_USER: ${{ secrets.VPN_USER }}
|
||||
VPN_SSH_KEY: ${{ secrets.TEST_KEY }}
|
||||
VPN_SSH_KEY_B64: ${{ secrets.TEST_KEY_B64 }}
|
||||
run: |
|
||||
set -euo pipefail
|
||||
mkdir -p ~/.ssh
|
||||
chmod 700 ~/.ssh
|
||||
echo "$VPN_SSH_KEY" > ~/.ssh/id_ci_runner
|
||||
printf '%s' "$VPN_SSH_KEY_B64" | base64 -d > ~/.ssh/id_ci_runner
|
||||
chmod 600 ~/.ssh/id_ci_runner
|
||||
ssh-keyscan -H "$VPN_HOST" >> ~/.ssh/known_hosts
|
||||
VPN_USER="$(printf '%s' "$VPN_USER" | tr -d '\r\n')"
|
||||
VPN_HOST="$(printf '%s' "$VPN_HOST" | tr -d '\r\n')"
|
||||
echo "using user=${VPN_USER} host=${VPN_HOST}"
|
||||
ssh-keyscan -H "$VPN_HOST" >> ~/.ssh/known_hosts || true
|
||||
ssh-keygen -lf ~/.ssh/id_ci_runner
|
||||
ssh -vvv -o BatchMode=yes -o ConnectTimeout=10 -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ~/.ssh/id_ci_runner "${VPN_USER}@${VPN_HOST}" "echo ok"
|
||||
|
||||
ssh -i ~/.ssh/id_ci_runner "$VPN_USER@$VPN_HOST" "cd /srv/ip-ua && git fetch --all && git reset --hard origin/main && bash deploy/my-vpn/deploy.sh"
|
||||
ssh -o BatchMode=yes -o ConnectTimeout=10 -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ~/.ssh/id_ci_runner "${VPN_USER}@${VPN_HOST}" "cd /srv/ip-ua && git fetch --all && git reset --hard origin/main && bash deploy/my-vpn/deploy.sh"
|
||||
|
||||
Reference in New Issue
Block a user