mmintel/klz-cables.com
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

fix(ci): use SCP credentials file for docker auth on remote server

Browse Source
This commit is contained in:
Marc Mintel
2026-03-04 16:10:24 +01:00
parent 3496720e22
commit 68380a3af9
1 changed files with 6 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
.gitea/workflows/deploy.yml
View File

@@ -438,15 +438,12 @@ jobs:
scp docker-compose.yml root@alpha.mintel.me:$SITE_DIR/docker-compose.yml
# Execute remote commands
TOKEN_VALUE="$REGISTRY_PASS"
USER_VALUE="$REGISTRY_USER"
ssh root@alpha.mintel.me bash <<DEPLOYEOF
set -e
cd ${SITE_DIR}
printf '%s' "${TOKEN_VALUE}" | docker login git.infra.mintel.me -u "${USER_VALUE}" --password-stdin
docker compose -p '${{ needs.prepare.outputs.project_name }}' --env-file '${ENV_FILE}' pull
docker compose -p '${{ needs.prepare.outputs.project_name }}' --env-file '${ENV_FILE}' up -d --remove-orphans
DEPLOYEOF
# Write docker credentials to a temp file on local, scp it, then use it on remote
B64_AUTH=$(printf '%s:%s' "$REGISTRY_USER" "$REGISTRY_PASS" | base64 -w 0)
printf '{"auths":{"git.infra.mintel.me":{"auth":"%s"}}}' "$B64_AUTH" > /tmp/docker_creds.json
scp /tmp/docker_creds.json root@alpha.mintel.me:/tmp/docker_creds.json
rm /tmp/docker_creds.json
ssh root@alpha.mintel.me "mkdir -p ~/.docker && cp /tmp/docker_creds.json ~/.docker/config.json && rm /tmp/docker_creds.json && cd $SITE_DIR && docker compose -p '${{ needs.prepare.outputs.project_name }}' --env-file '$ENV_FILE' pull && docker compose -p '${{ needs.prepare.outputs.project_name }}' --env-file '$ENV_FILE' up -d --remove-orphans"
# Sanitize Payload Migrations: Replace 'dev' push entries with proper migration names.
# Without this, Payload prompts interactively for confirmation and blocks forever in Docker.