Skip to content

Instantly share code, notes, and snippets.

@TownLake
Last active June 21, 2020 14:09
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save TownLake/1ea70c0399e3215525a8f5782b454eef to your computer and use it in GitHub Desktop.
name: Deploy Cloudflare
on:
push:
branches:
- main
env:
HUGO_VERSION: 0.71.0
ZONE_NAME: dev-test.rhea.group
ZONE_TAG: f6df47d4a434b3cb3da375579914e6dd
CURL_AUTH: '-H "Authorization: Bearer ${{ secrets.CF_API_TOKEN }}"'
CURL_CONTENT: '-H "Content-Type: application/json"'
jobs:
clean:
name: clean records
runs-on: ubuntu-latest
steps:
- name: get dns id
run: |
echo ::set-env name=DNS_ID::$(curl ${{ env.GET_DNS }} ${{ env.CURL_AUTH }} ${{ env.CURL_CONTENT }} | jq -r '.result[] | .id')
env:
GET_DNS: '-X GET "https://api.cloudflare.com/client/v4/zones/${{ env.ZONE_TAG }}/dns_records?name=${{ env.ZONE_NAME }}"'
- name: echo dns log
run: echo ${{ env. DNS_ID }}
- name: delete dns
run: |
curl ${{ env.DEL_DNS }} ${{ env.CURL_AUTH }} ${{ env.CURL_CONTENT }}
env:
DEL_DNS: '-X DELETE "https://api.cloudflare.com/client/v4/zones/${{ env.ZONE_TAG }}/dns_records/${{ env.DNS_ID }}"'
build:
name: cloudflare dns and access
runs-on: ubuntu-latest
needs: clean
steps:
- name: create dns
run: |
curl ${{ env.POST }} ${{ env.CURL_AUTH }} ${{ env.CURL_CONTENT }} ${{ env.CURL_DATA }}
env:
POST: '-X POST "https://api.cloudflare.com/client/v4/zones/${{ env.ZONE_TAG }}/dns_records"'
CURL_DATA: --data '{"type":"A","name":"${{ env.ZONE_NAME }}","content":"1.1.1.1","ttl":120,"priority":10,"proxied":true}'
- name: create app
run: |
echo ::set-env name=APP_STATE::$(curl ${{ env.POST_APP }} ${{ env.CURL_AUTH }} ${{ env.CURL_CONTENT }} ${{ env.CURL_DATA_APP }} | jq -r '.errors[].code')
env:
POST_APP: '-X POST "https://api.cloudflare.com/client/v4/zones/${{ env.ZONE_TAG }}/access/apps"'
CURL_DATA_APP: --data '{"name":"Test Deploy","domain":"${{ env.ZONE_NAME }}","session_duration":"24h"}'
- name: get app id
run: |
echo ::set-env name=APP_UID::$(curl ${{ env.GET_APP }} ${{ env.CURL_AUTH }} ${{ env.CURL_CONTENT }} | jq -r '.result[] | select(.domain == "${{ env.ZONE_NAME }}") | .id')
env:
GET_APP: '-X GET "https://api.cloudflare.com/client/v4/zones/${{ env.ZONE_TAG }}/access/apps"'
- name: create policy
run: |
curl ${{ env.POST_POL }} ${{ env.CURL_AUTH }} ${{ env.CURL_CONTENT }} ${{ env.CURL_DATA_CPOL }}
env:
POST_POL: '-X POST "https://api.cloudflare.com/client/v4/zones/${{ env.ZONE_TAG }}/access/apps/${{ env.APP_UID }}/policies"'
CURL_DATA_CPOL: --data '{"precedence":1,"decision":"allow","name":"Allow team","include":[{"email":{"email":"create@example.com"}},{"email":{"email":"srhea@cloudflare.com"}}]}'
if: env.APP_STATE == ''
- name: get policy id
run: |
echo ::set-env name=POL_UID::$(curl ${{ env.GET_POL }} ${{ env.CURL_AUTH }} ${{ env.CURL_CONTENT }} | jq -r '.result[].id')
env:
GET_POL: '-X GET "https://api.cloudflare.com/client/v4/zones/${{ env.ZONE_TAG }}/access/apps/${{ env.APP_UID }}/policies"'
- name: echo log
run: echo ${{ env.APP_UID}}
- name: update policy
run: |
curl ${{ env.PUT_POL }} ${{ env.CURL_AUTH }} ${{ env.CURL_CONTENT }} ${{ env.CURL_DATA_UPOL }}
env:
PUT_POL: '-X PUT "https://api.cloudflare.com/client/v4/zones/${{ env.ZONE_TAG }}/access/apps/${{ env.APP_UID }}/policies/${{ env.POL_UID }}"'
CURL_DATA_UPOL: --data '{"precedence":1,"decision":"allow","name":"Allow team","include":[{"email":{"email":"update@example.com"}},{"email":{"email":"srhea@cloudflare.com"}}]}'
if: env.APP_STATE == '11010'
publish:
name: workers site
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@master
with:
submodules: true
- name: Download Hugo
run: sudo wget https://github.com/gohugoio/hugo/releases/download/v${{ env.HUGO_VERSION }}/hugo_${{ env.HUGO_VERSION }}_Linux-64bit.deb
- name: Install Hugo
run: sudo dpkg -i hugo_${{ env.HUGO_VERSION }}_Linux-64bit.deb
- name: Install Wrangler
run: sudo npm i @cloudflare/wrangler -g
- name: Build
run: hugo
- name: config wrangler
run: CF_API_TOKEN=${{ secrets.CF_API_TOKEN }} wrangler publish
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment