9962ee99d9
ssh-keyscan fails when the runner can't reach the host on port 22 during that step. Using accept-new on the ssh command itself is equivalent for an ephemeral CI runner. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
51 lines
1.7 KiB
YAML
51 lines
1.7 KiB
YAML
name: Sync Images to Server
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
sync:
|
|
runs-on: ubuntu-latest
|
|
container:
|
|
image: gitea.siegeln.net/cameleer/cameleer-docker-builder:1
|
|
credentials:
|
|
username: cameleer
|
|
password: ${{ secrets.REGISTRY_TOKEN }}
|
|
steps:
|
|
- name: Install SSH client
|
|
run: |
|
|
if command -v apk >/dev/null 2>&1; then
|
|
apk add --no-cache openssh-client
|
|
elif command -v apt-get >/dev/null 2>&1; then
|
|
apt-get update && apt-get install -y openssh-client
|
|
fi
|
|
|
|
- name: Login to Gitea registry
|
|
run: echo "${{ secrets.REGISTRY_TOKEN }}" | docker login gitea.siegeln.net -u cameleer --password-stdin
|
|
|
|
- name: Set up SSH key
|
|
run: |
|
|
mkdir -p ~/.ssh
|
|
printf '%s\n' "${{ secrets.PRIVATE_SSH_KEY }}" > ~/.ssh/deploy_key
|
|
chmod 600 ~/.ssh/deploy_key
|
|
|
|
- name: Sync images to server
|
|
run: |
|
|
SSH_CMD="ssh -i ~/.ssh/deploy_key -o StrictHostKeyChecking=accept-new -p 22 root@${{ secrets.APP_HOST }}"
|
|
|
|
IMAGES=(
|
|
gitea.siegeln.net/cameleer/cameleer-saas:latest
|
|
gitea.siegeln.net/cameleer/cameleer-logto:latest
|
|
gitea.siegeln.net/cameleer/cameleer-traefik:latest
|
|
gitea.siegeln.net/cameleer/cameleer-postgres:latest
|
|
gitea.siegeln.net/cameleer/cameleer-clickhouse:latest
|
|
gitea.siegeln.net/cameleer/cameleer-runtime-base:latest
|
|
)
|
|
|
|
for IMAGE in "${IMAGES[@]}"; do
|
|
echo "::group::Syncing $IMAGE"
|
|
docker pull "$IMAGE"
|
|
docker save "$IMAGE" | $SSH_CMD "docker load"
|
|
echo "::endgroup::"
|
|
done
|