ci: use gitea secrets for ssh keys

2024-10-19 07:02:58 -04:00 · 2024-10-19 07:02:58 -04:00 · 1efad5114a
commit 1efad5114a
parent defd6072e1
2 changed files with 25 additions and 9 deletions
--- a/.gitea/workflows/build.yaml
+++ b/.gitea/workflows/build.yaml
@ -6,8 +6,6 @@ jobs:
  build:
    container:
      image: focs.ji.sjtu.edu.cn:5000/gitea/runner-images:golang-ubuntu-latest
      volumes:
        - /home/actions/.ssh:/root/.ssh
    steps:
      - name: Check out repository code
        uses: https://gitea.com/BoYanZh/checkout@focs
@ -17,7 +15,13 @@ jobs:
        run: |
          go env -w GO111MODULE=on
          go env -w GOPROXY=https://goproxy.io,direct
-          chown -R root:root /root/.ssh
+          mkdir -p ~/.ssh
          echo "${{ secrets.DEPLOY_PRIVATE_KEY }}" > ~/.ssh/id_ed25519
          echo "${{ secrets.DEPLOY_KEY }}" > ~/.ssh/id_ed25519.pub
          chmod 600 ~/.ssh/id_ed25519
          chmod 600 ~/.ssh/id_ed25519.pub
          ssh-keyscan -p 2222 focs.ji.sjtu.edu.cn >> ~/.ssh/known_hosts
          ssh -T git@focs.ji.sjtu.edu.cn -p 2222
      # - name: Setup Joint-Teapot
      #   run: |
      #       pip install git+https://ghp.ci/https://github.com/BoYanZh/Joint-Teapot
@ -34,16 +38,22 @@ jobs:
  trigger-build-image:
    container:
      image: focs.ji.sjtu.edu.cn:5000/gitea/runner-images:ubuntu-latest
      volumes:
        - /home/actions/.ssh:/root/.ssh
    needs: build
    if: github.ref == 'refs/heads/master'
    steps:
      - name: Set up SSH
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.DEPLOY_PRIVATE_KEY }}" > ~/.ssh/id_ed25519
          echo "${{ secrets.DEPLOY_KEY }}" > ~/.ssh/id_ed25519.pub
          chmod 600 ~/.ssh/id_ed25519
          chmod 600 ~/.ssh/id_ed25519.pub
          ssh-keyscan -p 2222 focs.ji.sjtu.edu.cn >> ~/.ssh/known_hosts
          ssh -T git@focs.ji.sjtu.edu.cn -p 2222
      - name: Set up Git
        run: |
          git config --global user.name "gitea-actions[bot]"
          git config --global user.email "gitea-actions[bot]@users.noreply.gitea.com"
          chown -R root:root /root/.ssh
      - name: Clone, Commit and Push
        shell: bash
        run: |
--- a/.gitea/workflows/submodule.yaml
+++ b/.gitea/workflows/submodule.yaml
@ -7,18 +7,24 @@ jobs:
  sync:
    container:
      image: focs.ji.sjtu.edu.cn:5000/gitea/runner-images:ubuntu-latest
      volumes:
        - /home/actions/.ssh:/root/.ssh
    steps:
      - name: Check out repository code
        uses: https://gitea.com/BoYanZh/checkout@focs
        with:
          fetch-depth: 0
      - name: Set up SSH
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.DEPLOY_PRIVATE_KEY }}" > ~/.ssh/id_ed25519
          echo "${{ secrets.DEPLOY_KEY }}" > ~/.ssh/id_ed25519.pub
          chmod 600 ~/.ssh/id_ed25519
          chmod 600 ~/.ssh/id_ed25519.pub
          ssh-keyscan -p 2222 focs.ji.sjtu.edu.cn >> ~/.ssh/known_hosts
          ssh -T git@focs.ji.sjtu.edu.cn -p 2222
      - name: Set up Git
        run: |
          git config --global user.name "gitea-actions[bot]"
          git config --global user.email "gitea-actions[bot]@users.noreply.gitea.com"
          chown -R root:root /root/.ssh
          git remote set-url origin ssh://git@focs.ji.sjtu.edu.cn:2222/JOJ/JOJ3.git
      - name: Check Git status
        run: |