Last active
April 10, 2024 23:02
-
-
Save xt0rted/a0ef1d3739cc333f8e3461532697d2ba to your computer and use it in GitHub Desktop.
My GitHub Actions workflow with OctoDNS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Check comments for /commands | |
on: | |
issue_comment: | |
types: [created] | |
jobs: | |
deploy: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
pull-requests: write | |
deployments: write | |
steps: | |
- name: Check for /deploy command | |
uses: xt0rted/slash-command-action@v1.1.0 | |
id: command | |
continue-on-error: true | |
with: | |
repo-token: ${{ secrets.GITHUB_TOKEN }} | |
command: deploy | |
reaction: true | |
reaction-type: rocket | |
allow-edits: false | |
permission-level: admin | |
- name: Get pull request branch | |
uses: xt0rted/pull-request-comment-branch@v1.3.0 | |
if: steps.command.outputs.command-name == 'deploy' | |
id: comment-branch | |
- name: Start deployment | |
uses: bobheadxi/deployments@v0.6.0 | |
if: steps.command.outputs.command-name == 'deploy' | |
with: | |
step: start | |
token: ${{ secrets.DEPLOYMENT_TOKEN }} # a PAT is required for the `deployment` workflow to be triggered | |
env: production | |
no_override: false | |
ref: ${{ steps.comment-branch.outputs.head_ref }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy | |
on: | |
deployment | |
env: | |
AZURE_APPLICATION_ID: ${{ secrets.AZURE_APPLICATION_ID }} | |
AZURE_AUTHENTICATION_KEY: ${{ secrets.AZURE_AUTHENTICATION_KEY }} | |
AZURE_DIRECTORY_ID: ${{ secrets.AZURE_DIRECTORY_ID }} | |
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
AZURE_SUBSCRIPTION_ID_LETSPLANTIT: ${{ secrets.AZURE_SUBSCRIPTION_ID_LETSPLANTIT }} | |
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }} | |
jobs: | |
publish: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
deployments: write | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2.3.4 | |
- name: Starting deployment | |
uses: bobheadxi/deployments@v0.6.0 | |
with: | |
step: start | |
token: ${{ secrets.GITHUB_TOKEN }} | |
deployment_id: ${{ github.event.deployment.id }} | |
env: ${{ github.event.deployment.environment }} | |
- name: Run octodns-sync --doit | |
uses: solvaholic/octodns-sync@v2.2.0 | |
with: | |
config_path: ${{ github.event.deployment.environment }}.yaml | |
doit: --doit | |
- name: Finished deployment | |
uses: bobheadxi/deployments@v0.6.0 | |
if: always() | |
with: | |
step: finish | |
token: ${{ secrets.GITHUB_TOKEN }} | |
env_url: ${{ github.server_url }}/${{ github.repository }}/tree/${{ github.sha }} | |
deployment_id: ${{ github.event.deployment.id }} | |
status: ${{ job.status }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Validate | |
on: | |
pull_request_target: | |
push: | |
branches: [main] | |
env: | |
AZURE_APPLICATION_ID: ${{ secrets.AZURE_APPLICATION_ID }} | |
AZURE_AUTHENTICATION_KEY: ${{ secrets.AZURE_AUTHENTICATION_KEY }} | |
AZURE_DIRECTORY_ID: ${{ secrets.AZURE_DIRECTORY_ID }} | |
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
AZURE_SUBSCRIPTION_ID_LETSPLANTIT: ${{ secrets.AZURE_SUBSCRIPTION_ID_LETSPLANTIT }} | |
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }} | |
jobs: | |
linting: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2.3.4 | |
with: | |
ref: ${{ github.event.pull_request.head.sha || github.sha }} | |
- name: Run yamllint | |
run: yamllint . | |
validate: | |
needs: linting | |
if: github.event_name == 'pull_request_target' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
deployments: write | |
pull-requests: write | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2.3.4 | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
- name: Run octodns-sync | |
uses: solvaholic/octodns-sync@v2.2.0 | |
with: | |
config_path: production.yaml | |
- name: Get plan output | |
id: meta | |
run: | | |
# Parse plan output into $_plan | |
_plan="$(cat ${GITHUB_WORKSPACE}/octodns-sync.plan)" | |
_plan="${_plan//'%'/'%25'}" | |
_plan="${_plan//$'\n'/'%0A'}" | |
_plan="${_plan//$'\r'/'%0D'}" | |
# Set output 'plan' to $_plan | |
echo "::set-output name=plan::${_plan}" | |
# Set $_sha to the first 7 char of PR head SHA | |
_sha="$(echo "${{ github.event.pull_request.head.sha }}" | cut -c 1-7)" | |
# Set output 'sha' to $_sha | |
echo "::set-output name=sha::${_sha}" | |
- name: Find comment | |
uses: peter-evans/find-comment@v1.2.0 | |
id: fc | |
with: | |
issue-number: ${{ github.event.pull_request.number }} | |
comment-author: github-actions[bot] | |
body-includes: Automatically generated by octodns-sync | |
- name: Add or update PR comment | |
uses: peter-evans/create-or-update-comment@v1.4.5 | |
with: | |
issue-number: ${{ github.event.pull_request.number }} | |
comment-id: ${{ steps.fc.outputs.comment-id }} | |
body: | | |
## OctoDNS Plan for `${{ steps.meta.outputs.sha }}` | |
${{ steps.meta.outputs.plan }} | |
Automatically generated by octodns-sync | |
edit-mode: replace |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Labels | |
on: | |
pull_request_target | |
permissions: | |
contents: read | |
pull-requests: write | |
jobs: | |
label: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/labeler@v3.0.2 | |
with: | |
repo-token: ${{ secrets.GITHUB_TOKEN }} | |
# My labeler.yml | |
# | |
# zones: | |
# - zones/** | |
# - production.yaml |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment