name: Ansible Deploy to Hosts on: pull_request: types: [closed] jobs: deploy: if: github.event.pull_request.merged == true runs-on: docker container: image: node:22 steps: - name: Checkout repository uses: actions/checkout@v4 - name: Fetch all history for git diff run: git fetch --depth=2 - name: Detect modified folders id: detect-changes run: | if [ "$(git rev-parse --is-shallow-repository)" = "true" ]; then git fetch --unshallow fi folders=$(git diff --name-only HEAD~1 HEAD | grep '^docker/' | cut -d/ -f2 | sort | uniq) echo "Modified folders: $folders" echo "::set-output name=folders::$folders" - name: Deploy to hosts run: | IFS=' ' read -r -a folder_array <<< "${{ steps.detect-changes.outputs.folders }}" for folder in "${folder_array[@]}"; do case $folder in actual) target_host="ubu.lan" ;; arrs) target_host="arrs.lan" ;; arm) target_host="arm.lan" ;; AI) target_host="ai.lan" ;; authentik) target_host="auth.lan" ;; ag-main) target_host="dns.lan" ;; exporters) target_host="all" ;; grafana) target_host="ubu.lan" ;; jellyfin) target_host="jf.lan" ;; kasm) target_host="kasm.lan" ;; netboot) target_host="netboot.lan" ;; nexterm) target_host="ubu.lan" ;; npm) target_host="npm.lan" ;; paperless) target_host="ubu.lan" ;; portainer) target_host="port.lan" ;; runner) target_host="runner.lan" ;; # Add cases for other folders/hosts *) echo "Unknown folder: $folder" exit 1 ;; esac echo "Deploying to $target_host for folder $folder" echo "target_host=$target_host" >> $GITHUB_ENV echo "folder=$folder" >> $GITHUB_ENV done - name: Get Secrets from Bitwarden id: bitwarden-secrets uses: https://github.com/bitwarden/sm-action@v2 with: access_token: ${{ secrets.BW_ACCESS_TOKEN }} base_url: https://vault.bitwarden.com secrets: | 267abc49-f755-4c88-a2a8-b23d00503e31 > arrs_host e74d1f67-c909-4a2e-b6fc-b23e001dfa4a > ai_host 6f9cef86-eb39-4e05-8c5b-b23e001e6170 > arm_host 52512c15-b474-42c3-9835-b23e001edf35 > auth_host 903364d9-1b29-4b7f-aa66-b23e001f7327 > jf_host e4c5d8be-b91f-41ab-8071-b23e00203340 > kasm_host 566329f5-5af3-4bcd-b187-b23e00216134 > netboot_host fb62a8d1-6dd5-4fab-aff4-b23e0021e215 > npm_host 90a16954-45df-49ad-9f45-b23e002273c5 > runner_host a5b6fa4b-4643-4f85-988b-b23e00245e2f > ubu_host - name: Create hosts.ini file run: | cat < ansible/hosts.ini [iac] arrs.lan ansible_host=${{ steps.bitwarden-secrets.outputs.arrs_host }} ai.lan ansible_host=${{ steps.bitwarden-secrets.outputs.ai_host }} arm.lan ansible_host=${{ steps.bitwarden-secrets.outputs.arm_host }} ansible_user=ubuntu ansible_port=2424 auth.lan ansible_host=${{ steps.bitwarden-secrets.outputs.auth_host }} jf.lan ansible_host=${{ steps.bitwarden-secrets.outputs.jf_host }} kasm.lan ansible_host=${{ steps.bitwarden-secrets.outputs.kasm_host }} netboot.lan ansible_host=${{ steps.bitwarden-secrets.outputs.netboot_host }} npm.lan ansible_host=${{ steps.bitwarden-secrets.outputs.npm_host }} runner.lan ansible_host=${{ steps.bitwarden-secrets.outputs.runner_host }} ubu.lan ansible_host=${{ steps.bitwarden-secrets.outputs.ubu_host }} EOF - name: Run Ansible Playbook uses: docker://mafyuh/ansible-bws:v1.0.3 with: args: ansible-playbook -i ansible/hosts.ini ./ansible/playbooks/deploy-docker.yml --extra-vars "target_host=${{ env.target_host }} folder=${{ env.folder }}" env: BWS_ACCESS_TOKEN: ${{ secrets.BWS_ACCESS_TOKEN }} SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}