33 lines
1.3 KiB
YAML
33 lines
1.3 KiB
YAML
# inspired by https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
|
|
name: Deploy SwaggerEditor@next to Rancher🚢
|
|
|
|
on:
|
|
workflow_run:
|
|
workflows: ["Build & Push SwaggerEditor@next Docker image"]
|
|
types:
|
|
- completed
|
|
|
|
jobs:
|
|
|
|
deploy:
|
|
if: github.event.workflow_run.conclusion == 'success'
|
|
name: Deploy SwaggerEditor@next to Rancher
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Deploy Rancher🚢
|
|
run: |
|
|
ts="$(date +'%Y-%m-%dT%H:%M:%SZ' --utc)"
|
|
curl -s -D /dev/stderr -X PATCH \
|
|
-H "Authorization: Bearer ${RANCHER_BEARER_TOKEN}" \
|
|
-H 'Content-Type: application/strategic-merge-patch+json' \
|
|
"${RANCHER_URL}/k8s/clusters/${RANCHER_CLUSTER_ID}/apis/apps/v1/namespaces/${RANCHER_NAMESPACE}/${RANCHER_K8S_OBJECT_TYPE}/${RANCHER_K8S_OBJECT_NAME}" \
|
|
-d "{\"spec\": {\"template\": {\"metadata\": {\"annotations\": {\"cattle.io/timestamp\": \"${ts}\"}}}}}"
|
|
env:
|
|
RANCHER_BEARER_TOKEN: ${{ secrets.RANCHER_BEARER_TOKEN }}
|
|
RANCHER_CLUSTER_ID: 'c-n8zp2'
|
|
RANCHER_NAMESPACE: 'swagger-oss'
|
|
RANCHER_K8S_OBJECT_TYPE: 'daemonsets'
|
|
RANCHER_URL: ${{ secrets.RANCHER_URL }}
|
|
RANCHER_K8S_OBJECT_NAME: 'swagger-editor-next'
|