#!/usr/bin/env bash set -eu log() { echo ">> [local]" $@ } cleanup() { set +e log "Killing ssh agent." ssh-agent -k log "Removing workspace archive." rm -f /tmp/workspace.tar.bz2 } trap cleanup EXIT unlock() { log "Unlocking encrypted git repository" echo "${GIT_CRYPT_KEY}" | base64 -d > ./git-crypt-key git-crypt unlock ./git-crypt-key rm ./git-crypt-key } compress_workdir() { log "Packing workspace into archive to transfer to remove machine." tar jcvf /tmp/workspace.tar.bz2 --exclude .git --exclude vendor . } start_ssh_agent() { log "Launching SSH agent" eval $(ssh-agent -s) ssh-add <(echo "$SSH_PRIVATE_KEY") } compose_run() { local remote_command="set -e ; log() { echo '>> [remote]' \$@ ; } ; cleanup() { log 'Removing workspace...'; rm -rf \"\$HOME/workspace\" ; } ; log 'Creating workspace directory...' ; mkdir -p \"\$HOME/workspace\" ; trap cleanup EXIT ; log 'Unpacking workspace...' ; tar -C \"\$HOME/workspace\" -xjv ; log 'Launching docker compose...' ; cd \"\$HOME/workspace\" ; docker compose -f \"$DOCKER_COMPOSE_FILENAME\" -p \"$DOCKER_COMPOSE_PROJECT\" pull ; docker compose -f \"$DOCKER_COMPOSE_FILENAME\" -p \"$DOCKER_COMPOSE_PROJECT\" up -d --remove-orphans --build" if "$DOCKER_COMPOSE_DOWN"; then remote_command="set -e ; log() { echo '>> [remote]' \$@ ; } ; cleanup() { log 'Removing workspace...'; rm -rf \"\$HOME/workspace\" ; } ; log 'Creating workspace directory...' ; mkdir -p \"\$HOME/workspace\" ; trap cleanup EXIT ; log 'Unpacking workspace...' ; tar -C \"\$HOME/workspace\" -xjv ; log 'Launching docker compose...' ; cd \"\$HOME/workspace\" ; docker compose -f \"$DOCKER_COMPOSE_FILENAME\" -p \"$DOCKER_COMPOSE_PROJECT\" down" fi ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \ "$SSH_USER@$SSH_HOST" -p "$SSH_PORT" \ "$remote_command" \ < /tmp/workspace.tar.bz2 } if [ -n "${RUN_DIR:-}" ]; then cd ${RUN_DIR} log "Running action from ${RUN_DIR}" fi log "Starting deployment main function." unlock compress_workdir start_ssh_agent compose_run