Fix certificate update by changing runner where it works #221
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update TLS certificates for selectel | |
| # on: | |
| # workflow_dispatch: | |
| # schedule: | |
| # - cron: '0 0 15 * *' | |
| on: pull_request | |
| jobs: | |
| update_certs: | |
| runs-on: selectel | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Configure secrets | |
| run: | | |
| echo "$S3_KEY"|base64 -d > aws-key.properties | |
| echo "$FIREBASE_CONFIG"|base64 -d > firebase_config.json | |
| mv docker-compose-run.yml docker-compose.yml | |
| sed -i -e "s/_YANDEX_AUTH_TOKEN_/\\$YANDEX_AUTH_TOKEN/" docker-compose.yml | |
| sed -i -e "s/_YANDEX_FOLDER_ID_/\\$YANDEX_FOLDER_ID/" docker-compose.yml | |
| sed -i -e "s/_POSTGRES_PASSWORD_/\\$POSTGRES_PASSWORD/" docker-compose.yml | |
| sed -i -e "s/_API_GITHUB_TOKEN_/\\$API_GITHUB_TOKEN/" docker-compose.yml | |
| env: | |
| S3_KEY: ${{ secrets.S3_KEY }} | |
| FIREBASE_CONFIG: ${{ secrets.FIREBASE_CONFIG }} | |
| YANDEX_AUTH_TOKEN: ${{ secrets.YANDEX_AUTH_TOKEN }} | |
| YANDEX_FOLDER_ID: ${{ secrets.YANDEX_FOLDER_ID }} | |
| POSTGRES_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }} | |
| API_GITHUB_TOKEN: ${{ secrets.API_GITHUB_TOKEN }} | |
| - name: Update certs | |
| run: | | |
| docker compose run --rm certbot renew --allow-subset-of-names | |
| docker compose restart brn_fe_with_tls |