name: Deploy to Hosts
on:
pull_request:
types: [closed]
jobs:
deploy:
if: github.event.pull_request.merged == true
runs-on: docker
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Fetch all history for git diff
run: git fetch --depth=2
- name: Install jq
run: |
apt-get update && apt-get install -y jq
- name: Detect modified folders
id: detect-changes
run: |
if [ "$(git rev-parse --is-shallow-repository)" = "true" ]; then
git fetch --unshallow
fi
folders=$(git diff --name-only HEAD~1 HEAD | grep '^docker/' | cut -d/ -f2 | sort | uniq)
echo "Modified folders: $folders"
echo "::set-output name=folders::$folders"
- name: Deploy to hosts
run: |
IFS=' ' read -r -a folder_array <<< "${{ steps.detect-changes.outputs.folders }}"
for folder in "${folder_array[@]}"; do
case $folder in
actual)
target_host="ubu.lan"
;;
arrs)
target_host="arrs.lan"
;;
arm)
target_host="arm.lan"
;;
AI)
target_host="ai.lan"
;;
authentik)
target_host="auth.lan"
;;
ag-main)
target_host="dns.lan"
;;
exporters)
target_host="all"
;;
grafana)
target_host="ubu.lan"
;;
jellyfin)
target_host="jf.lan"
;;
kasm)
target_host="kasm.lan"
;;
netboot)
target_host="netboot.lan"
;;
nexterm)
target_host="ubu.lan"
;;
npm)
target_host="npm.lan"
;;
paperless)
target_host="ubu.lan"
;;
portainer)
target_host="port.lan"
;;
runner)
target_host="runner.lan"
;;
# Add cases for other folders/hosts
*)
echo "Unknown folder: $folder"
exit 1
;;
esac
echo "Triggering AWX Job with target host: $target_host and folder: $folder"
curl -X POST -k -H "Content-Type: application/json" \
-H "Authorization: Bearer ${{ secrets.AWX_API_TOKEN }}" \
-d "{\"extra_vars\": {\"target_host\": \"$target_host\", \"folder\": \"$folder\"}}" \
"https://awx.mafyuh.xyz/api/v2/job_templates/13/launch/" > /dev/null 2>&1
echo "AWX Job Triggered, waiting for logs..."
# Wait for job completion and check logs
while true; do
# Fetch the most recent job ID
job_id=$(curl -s -H "Authorization: Bearer ${{ secrets.AWX_API_TOKEN }}" \
https://awx.mafyuh.xyz/api/v2/job_templates/13/jobs/?order_by=-id | jq -r '.results[0].id')
# Fetch the logs for the current job
logs=$(curl -s -H "Authorization: Bearer ${{ secrets.AWX_API_TOKEN }}" \
https://awx.mafyuh.xyz/api/v2/jobs/$job_id/stdout/?format=txt)
# Check if the logs contain the play recap
if echo "$logs" | grep -q "ok=.* changed=.* unreachable=.* failed=.* skipped=.* rescued=.* ignored=.*"; then
echo "AWX job completed. Displaying logs:"
echo "$logs"
# Check for failed tasks in the play recap
if echo "$logs" | grep -q "failed=[1-9]"; then
echo "Detected failed steps in AWX job. Failing Actions run."
exit 1
else
echo "No failures detected in AWX job."
fi
# Exit loop as the job is complete
break
else
echo "AWX job still running. Waiting before checking again..."
sleep 15
fi
done
done