Skip to content
Build simple-container in branch

Add externalTrafficPolicy to CaddyConfig for client IP preservation #349

Sign in to view logs

Add externalTrafficPolicy to CaddyConfig for client IP preservation

Add externalTrafficPolicy to CaddyConfig for client IP preservation #349

Workflow file for this run

.github/workflows/branch.yaml at 5b2d369
name: Build simple-container in branch
on:
workflow_dispatch:
push:
branches-ignore:
- 'main'
- 'staging'
permissions:
contents: write
jobs:
build:
name: Build simple-container in branch
runs-on: blacksmith-8vcpu-ubuntu-2204
outputs:
cicd-bot-telegram-token: ${{ steps.prepare-secrets.outputs.cicd-bot-telegram-token }}
cicd-bot-telegram-chat-id: ${{ steps.prepare-secrets.outputs.cicd-bot-telegram-chat-id }}
steps:
- uses: actions/checkout@v4
- uses: fregante/setup-git-user@v2
- name: install sc tool (latest release)
shell: bash
run: |-
# Install latest SC release to get secrets for embeddings generation
curl -s "https://dist.simple-container.com/sc.sh" | bash
- name: prepare secrets for build
run: |
cat << EOF > ./.sc/cfg.default.yaml
${{ secrets.SC_CONFIG }}
EOF
cat << EOF > ./.sc/cfg.test.yaml
${{ secrets.SC_CONFIG }}
EOF
sc secrets reveal
- name: get openai key
id: get-openai-key
run: |
echo "openai-key=$(sc stack secret-get -s dist openai-api-key 2>/dev/null || echo '')" >> $GITHUB_OUTPUT
- name: prepare sc tool (rebuild)
shell: bash
env:
OPENAI_API_KEY: ${{ steps.get-openai-key.outputs.openai-key }}
run: |-
git remote set-url origin https://${{ secrets.GITHUB_TOKEN }}@github.com/simple-container-com/api.git
bash <(curl -Ls "https://welder.simple-container.com/welder.sh") run rebuild
- name: prepare additional secrets
id: prepare-secrets
run: |
echo "cicd-bot-telegram-token=$(${{ github.workspace }}/bin/sc stack secret-get -s dist cicd-bot-telegram-token)" >> $GITHUB_OUTPUT
echo "cicd-bot-telegram-chat-id=$(${{ github.workspace }}/bin/sc stack secret-get -s dist cicd-bot-telegram-chat-id)" >> $GITHUB_OUTPUT
- name: build sc tool
shell: bash
run: |-
bash <(curl -Ls "https://welder.simple-container.com/welder.sh") make --timestamps
finalize:
name: Finalize build in branch
runs-on: ubuntu-latest
if: ${{ always() }}
permissions:
contents: write
needs:
- build
steps:
- uses: actions/checkout@v4
if: ${{ always() }}
- name: Extract git reference
id: extract_git_ref
if: ${{ always() }}
shell: bash
run: |-
cat <<'EOF' > /tmp/commit_message.txt
${{ github.event.head_commit.message || github.event.workflow_run.head_commit.message }}
EOF
message="$(cat /tmp/commit_message.txt | tr -d '\n')"
echo "branch=$GITHUB_REF_NAME" >> $GITHUB_OUTPUT
echo "message=$message" >> $GITHUB_OUTPUT
echo "author=$GITHUB_ACTOR" >> $GITHUB_OUTPUT
echo "url=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" >> $GITHUB_OUTPUT
# Notify telegram
- uses: yanzay/notify-telegram@v0.1.0
if: ${{ success() && !contains(needs.*.result, 'failure') }}
continue-on-error: true
with:
chat: ${{ needs.build.outputs.cicd-bot-telegram-chat-id }}
token: ${{ needs.build.outputs.cicd-bot-telegram-token }}
status: ✅ success (${{ steps.extract_git_ref.outputs.branch }}) - ${{ steps.extract_git_ref.outputs.message }} by ${{ steps.extract_git_ref.outputs.author }}
- uses: yanzay/notify-telegram@v0.1.0
if: ${{ failure() || contains(needs.*.result, 'failure') }}
continue-on-error: true
with:
chat: ${{ needs.build.outputs.cicd-bot-telegram-chat-id }}
token: ${{ needs.build.outputs.cicd-bot-telegram-token }}
status: ❗ failure (${{ steps.extract_git_ref.outputs.branch }}) - ${{ steps.extract_git_ref.outputs.message }} by ${{ steps.extract_git_ref.outputs.author }}
- name: Build failed due to previously failed steps
id: fail_if_needed
if: ${{ failure() || contains(needs.*.result, 'failure') }}
shell: bash
run: |-
exit 1