diff --git a/.gitea/workflows/build.yml b/.gitea/workflows/build.yml index b8cf112..d2cdb7e 100644 --- a/.gitea/workflows/build.yml +++ b/.gitea/workflows/build.yml @@ -66,15 +66,11 @@ jobs: steps: - name: Bump image tag in sova-deploy env: - DEPLOY_KEY: ${{ secrets.SOVA_DEPLOY_KEY }} - HOST_IP: ${{ secrets.HOST_IP }} + DEPLOY_TOKEN: ${{ secrets.DEPLOY_TOKEN }} + DEPLOY_USER: ${{ secrets.REGISTRY_USER }} run: | - echo "${HOST_IP} git.sova.local" | tee -a /etc/hosts - eval "$(ssh-agent -s)" - echo "$DEPLOY_KEY" | ssh-add - - mkdir -p ~/.ssh - ssh-keyscan -H git.sova.local >> ~/.ssh/known_hosts 2>/dev/null || true - git clone git@git.sova.local:sova/sova-deploy.git + REPO_URL="http://${DEPLOY_USER}:${DEPLOY_TOKEN}@gitea-http.gitea.svc.cluster.local:3000/sova/sova-deploy.git" + git clone "${REPO_URL}" cd sova-deploy ENV="${{ needs.parse-tag.outputs.env }}" TAG="${{ needs.parse-tag.outputs.full_tag }}" @@ -84,14 +80,14 @@ jobs: curl -sSL -o /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/v4.44.3/yq_linux_amd64 chmod +x /usr/local/bin/yq for attempt in $(seq 1 $MAX_RETRIES); do - git pull --rebase origin main + git pull --rebase "${REPO_URL}" main yq -i ".image.repository = \"${IMAGE}\"" "apps/adminpanel/values-${ENV}.yaml" yq -i ".image.tag = \"${TAG}\"" "apps/adminpanel/values-${ENV}.yaml" yq -i ".image.pullPolicy = \"IfNotPresent\"" "apps/adminpanel/values-${ENV}.yaml" git add "apps/adminpanel/values-${ENV}.yaml" git diff --cached --quiet && { echo "No changes"; exit 0; } git commit -m "chore(adminpanel): bump ${ENV} to ${TAG}" - if git push origin main; then + if git push "${REPO_URL}" main; then echo "Push OK on attempt ${attempt}" exit 0 fi