prepare release v0.1.7

.gitea/workflows/deploy.yml

@@ -0,0 +1,57 @@
+name: Create Release
+
+on:
+  push:
+    tags:
+      - '*'
+    tags-ignore:
+      - v0
+      - v1
+jobs:
+  build:
+    runs-on: ubuntu-go-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Import Secrets
+        id: import-secrets
+        uses: https://git.mthie.com/mthie/vault-action@v0
+        with:
+          url: ${{ env.VAULT_ADDR }}
+          method: ${{ env.VAULT_AUTH_TYPE}}
+          roleId: ${{ env.VAULT_APPROLE_ID }}
+          secretId: ${{ env.VAULT_APPROLE_SECRET }}
+          secrets: |
+            passwords/data/ssh id_ecdsa | DEPLOY_KEY;
+            passwords/data/ssh ssh_config | SSH_CONFIG;
+            passwords/data/git.mthie.com gitconfig | GITCONFIG;
+            passwords/data/git.mthie.com api_key | API_TOKEN
+
+      - uses: actions/checkout@v3
+
+      - name: init system
+        run: |
+          mkdir -p ~/.ssh && chmod 700 ~/.ssh
+          git config --global user.email "github@mthie.com"
+          git config --global user.name "Gitea Cron"
+          git config pull.rebase true
+          echo "${{ env.DEPLOY_KEY }}" > ~/.ssh/id_ecdsa
+          echo "${{ env.SSH_CONFIG }}" > ~/.ssh/config
+          echo '${{ env.GITCONFIG }}' > ~/.gitconfig
+          cat ~/.gitconfig
+          ssh-keyscan -t rsa git.mthie.com >> ~/.ssh/known_hosts
+          chmod 400 ~/.ssh/id_ecdsa ~/.ssh/config
+
+      - name: Build binary
+        run: |
+          go get ./...
+          go build -o bin/vault *.go
+
+      - name: Create Release
+        uses: https://gitea.com/actions/release-action@main
+        with:
+          files: |-
+            bin/**            
+          api_key: '${{ env.API_TOKEN }}'

History.md

@@ -1,3 +1,31 @@
+# 0.1.7 / 2023-10-06
+
+  * try the go image
+
+# 0.1.6 / 2023-10-05
+
+  * ignore specific tags
+
+# 0.1.5 / 2023-10-05
+
+  * fix vault path
+
+# 0.1.4 / 2023-10-05
+
+  * fix order of actions
+
+# 0.1.3 / 2023-10-05
+
+  * download binary
+
+# 0.1.2 / 2023-10-05
+
+  * test release
+
+# 0.1.1 / 2023-10-05
+
+  * add binary release
+
 # 0.1.0 / 2023-10-05
 
   * remove debugging

action.yml

@@ -22,4 +22,4 @@ inputs:
     required: false
 runs:
   using: 'go'
-  main: 'main.go'
+  main: 'cmd/main.go'

cmd/go.mod

@@ -0,0 +1,3 @@
+module git.mthie.com/mthie/vault-action/cmd
+
+go 1.21.1

cmd/main.go

@@ -0,0 +1,66 @@
+package main
+
+import (
+	"context"
+	"encoding/json"
+	"io"
+	"log"
+	"net/http"
+	"os"
+	"os/exec"
+)
+
+func main() {
+	req, err := http.NewRequestWithContext(context.Background(), http.MethodGet, "https://git.mthie.com/api/v1/repos/mthie/vault-action/releases", nil)
+	if err != nil {
+		log.Panicf("error creating download request: %s", err)
+	}
+
+	resp, err := http.DefaultClient.Do(req)
+	if err != nil {
+		log.Panicf("error getting download information: %s", err)
+	}
+
+	type releaseInfo []struct {
+		Assets []struct {
+			URL string `json:"browser_download_url"`
+		} `json:"assets"`
+	}
+
+	downloadData := releaseInfo{}
+	if err := json.NewDecoder(resp.Body).Decode(&downloadData); err != nil {
+		log.Panicf("error decoding release information: %s", err)
+	}
+
+	resp.Body.Close()
+
+	if len(downloadData) == 0 || len(downloadData[0].Assets) == 0 {
+		log.Panic("no binary found")
+	}
+
+	req, err = http.NewRequestWithContext(context.Background(), http.MethodGet, downloadData[0].Assets[0].URL, nil)
+	if err != nil {
+		log.Panicf("error creating download request: %s", err)
+	}
+
+	resp, err = http.DefaultClient.Do(req)
+	if err != nil {
+		log.Panicf("error downloading binary: %s", err)
+	}
+	out, err := os.OpenFile("vault", os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0755)
+	if err != nil {
+		log.Panicf("error creating file: %s", err)
+	}
+
+	if _, err = io.Copy(out, resp.Body); err != nil {
+		log.Panicf("error writing download data: %s", err)
+	}
+
+	out.Close()
+	resp.Body.Close()
+
+	cmd := exec.Command("./vault")
+	if err := cmd.Run(); err != nil {
+		log.Panicf("error executing: %s", err)
+	}
+}

cmd/tmp.txt

@@ -0,0 +1,8 @@
+DEPLOY_KEY<<_GitHubActionsFileCommandDelimeter_
+-----BEGIN EC PRIVATE KEY-----
+MIGkAgEBBDB7OBLldAAcXseFvIF4DOBfLdaiQtUUnGU8UddpoUeCCGe/lwsMQzns
+U0mOdkGAWwygBwYFK4EEACKhZANiAAQC8rWLLnxti4P4YpmAyb6xsD8Uv8ZKM7qJ
+N6Lh2JqttfFp03s5fSjWIibDjwCBGqSTBitFU1YcJvc9ewWUOxHrta782GChVgjl
+loezmUvX1oLCE0Koqd/U+fJnyC+LvJA=
+-----END EC PRIVATE KEY-----
+_GitHubActionsFileCommandDelimeter_