Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .github/scripts/allowed_fqdns.txt
Original file line number Diff line number Diff line change
Expand Up @@ -54,12 +54,14 @@ hearamerica.dev.chnm.gmu.edu
hurricane.dev.chnm.gmu.edu
iowmaterial.dev.chnm.gmu.edu
islampers.dev.chnm.gmu.edu
jdh.dev.chnm.gmu.edu
mallhistory.dev.chnm.gmu.edu
occupyarchive.dev.chnm.gmu.edu
resounding.dev.chnm.gmu.edu
thanksroy.dev.chnm.gmu.edu
transatlaenc.dev.chnm.gmu.edu
valostat.dev.chnm.gmu.edu
whc.dev.chnm.gmu.edu
games.dev.chnm.gmu.edu
1665plague.dev.chnm.gmu.edu
1812shipping.dev.chnm.gmu.edu
Expand All @@ -82,6 +84,7 @@ eagleeyecitizen.org
earlymodernviolence.org
dev.earlymodernviolence.org
forustheliving.org
journalofdigitalhumanities.org
legalmodernism.org
chambers.legalmodernism.org
maritime-asia.org
Expand All @@ -97,4 +100,5 @@ dev.database.religiousecologies.org
sustainabledh.org
dev.teachinghistory.org
wardepartmentpapers.org
worldhistorycommons.org
hugo.wardepartmentpapers.org
34 changes: 29 additions & 5 deletions .github/workflows/docker--deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ jobs:
echo "ref_type: ${{ github.ref_type }}"
echo "ref: ${{ github.ref }}"
echo "sha: ${{ github.sha }}"

- name: Validate website FQDN
id: validate
uses: chnm/.github/.github/actions/validate-fqdn@main
Expand All @@ -52,7 +52,7 @@ jobs:
website-prod-fqdn: ${{ inputs.website-prod-fqdn }}

outputs:
website_fqdn: ${{ steps.validate.outputs.website_fqdn }}
website_fqdn: ${{ steps.validate.outputs.website_fqdn }}

deploy-ansible-playbook:
runs-on: ${{ fromJSON(inputs.runner_labels) }}
Expand All @@ -61,13 +61,37 @@ jobs:
always() && !cancelled() &&
needs.setup.result == 'success'
steps:
# Serialize the github context for the ansible playbook's Slack
# notification step. Pure-bash wrap (no python3 dep — IncusOS runners are
# minimal and may lack it; toJSON already produces valid JSON, we just
# nest it under a `github_context` key so ansible loads it as `-e "@..."`
# into that variable).
- env:
GITHUB_CONTEXT: ${{ toJSON(github) }}
run: |
python3 -c 'import json,os,sys; json.dump({"github_context": json.loads(os.environ["GITHUB_CONTEXT"])}, sys.stdout)' > github-context.json
printf '{"github_context": %s}\n' "$GITHUB_CONTEXT" > github-context.json
cat github-context.json

- env:
# IncusOS path (levi): deploy-docker-compose.yaml resolves which docker
# host runs the stack from each host's docker_compose_stacks keyed off
# target_fqdn (no host arg needed). github-context.json IS passed so the
# playbook's Slack notification can attribute the deploy to a commit /
# branch / actor. GITHUB_CONTEXT_PATH tells run-ansible-playbook.sh to
# bind-mount the host file in as /github-context.json inside the inner
# ansible container. No tag_borg skip — the IncusOS docker_stack role
# backs up via restic, not borg.
- if: ${{ contains(inputs.runner_labels, 'IncusOS') }}
env:
GITHUB_CONTEXT_PATH: "${{ github.workspace }}/github-context.json"
run: |
run-ansible-playbook.sh playbooks/deploy-docker-compose.yaml \
-e "target_fqdn=${{ needs.setup.outputs.website_fqdn }}" \
-e "@/github-context.json"

# Legacy XCP-ng path: the legacy runner's deploy-docker-compose.yaml is
# keyed off input_website_fqdn and still uses borg (skipped here).
- if: ${{ !contains(inputs.runner_labels, 'IncusOS') }}
env:
GITHUB_CONTEXT_PATH: "${{ github.workspace }}/github-context.json"
run: |
run-ansible-playbook.sh playbooks/deploy-docker-compose.yaml \
Expand All @@ -94,6 +118,6 @@ jobs:
commit (${{ github.sha }}): ${{ github.event.commits[0].message }}
```
View details at ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
SLACK_TITLE: 'Deployment Failed - `${{ github.repository }}` Release ${{ needs.release-create.outputs.release_name }}'
SLACK_TITLE: 'Deployment Failed - `${{ github.repository }}`'
SLACK_USERNAME: rrchnm-systems
SLACK_WEBHOOK: "${{ secrets.SLACK_WEBHOOK_SYSTEMS }}"
3 changes: 0 additions & 3 deletions .github/workflows/mirror-to-zot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -43,9 +43,6 @@ jobs:
runs-on: [self-hosted, IncusOS] # levi — adjust label if you scope runners
timeout-minutes: 7
steps:
- name: Install crane
continue-on-error: true
uses: imjasonh/setup-crane@v0.4 # or drop this once crane is baked into the runner image

- name: Log crane in to the source registry (read)
continue-on-error: true
Expand Down