feat: initial composite action for package-updater /update
This commit is contained in:
Samuel Enocsson
@@ -0,0 +1,45 @@
|
||||
# package-updater-action
|
||||
|
||||
Reusable Gitea composite action that notifies a running `package-updater` service
|
||||
to `docker compose pull` + `up -d` for the matching service(s) on its host.
|
||||
|
||||
Companion to https://gitea.shcizo.se/shcizo/package-updater.
|
||||
|
||||
## Usage
|
||||
|
||||
In a consumer repo's `.gitea/workflows/deploy.yml`:
|
||||
|
||||
```yaml
|
||||
jobs:
|
||||
deploy:
|
||||
runs-on: ubuntu-latest
|
||||
needs: [build-and-push]
|
||||
steps:
|
||||
- uses: shcizo/package-updater-action@v1
|
||||
with:
|
||||
endpoint: https://updater.example.com/update
|
||||
image: gitea.shcizo.se/shcizo/${{ gitea.repository_owner }}/myapp
|
||||
tag: ${{ gitea.sha }}
|
||||
token: ${{ secrets.UPDATER_TOKEN }}
|
||||
```
|
||||
|
||||
`UPDATER_TOKEN` should be an organisation-level secret in Gitea so all repos share it.
|
||||
|
||||
## Inputs
|
||||
|
||||
| Name | Required | Default | Description |
|
||||
|---|---|---|---|
|
||||
| `endpoint` | yes | — | Full URL to `package-updater`'s `/update` |
|
||||
| `image` | yes | — | Image reference without tag |
|
||||
| `tag` | no | `""` | Tag that was just pushed (logged for audit) |
|
||||
| `token` | yes | — | Bearer token configured in `package-updater` |
|
||||
|
||||
## Failure modes
|
||||
|
||||
The step exits non-zero if `package-updater` returns HTTP 4xx or 5xx. This is
|
||||
intentional — the workflow surfaces the deploy failure to whoever pushed.
|
||||
|
||||
## Versioning
|
||||
|
||||
Pin to a major version: `shcizo/package-updater-action@v1`. Breaking changes will
|
||||
bump major; new inputs and bug fixes will reuse `v1`.
|
||||
+36
@@ -0,0 +1,36 @@
|
||||
name: "Deploy via package-updater"
|
||||
description: "Notifies package-updater to pull & restart a Docker Compose service"
|
||||
inputs:
|
||||
endpoint:
|
||||
description: "Full URL to /update (e.g. https://updater.example.com/update)"
|
||||
required: true
|
||||
image:
|
||||
description: "Image reference without tag (e.g. registry.example.com/myapp)"
|
||||
required: true
|
||||
tag:
|
||||
description: "Tag that was just pushed (for logging)"
|
||||
required: false
|
||||
default: ""
|
||||
token:
|
||||
description: "Bearer token for package-updater"
|
||||
required: true
|
||||
runs:
|
||||
using: "composite"
|
||||
steps:
|
||||
- name: Trigger update
|
||||
shell: bash
|
||||
env:
|
||||
TOKEN: ${{ inputs.token }}
|
||||
run: |
|
||||
response=$(curl -sS -w "\n%{http_code}" \
|
||||
-X POST "${{ inputs.endpoint }}" \
|
||||
-H "Authorization: Bearer $TOKEN" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "{\"image\":\"${{ inputs.image }}\",\"tag\":\"${{ inputs.tag }}\"}")
|
||||
body=$(echo "$response" | head -n -1)
|
||||
code=$(echo "$response" | tail -n 1)
|
||||
echo "HTTP $code"
|
||||
echo "$body" | jq .
|
||||
if [ "$code" -ge 400 ]; then
|
||||
exit 1
|
||||
fi
|
||||
Reference in New Issue
Block a user