diff --git a/action.yml b/action.yml index 27fcc9a..43b45c4 100644 --- a/action.yml +++ b/action.yml @@ -1,77 +1,46 @@ -name: 'Oasis Config Action' -description: 'Configure env for deploying apps using Oasis' +name: "S3 Backup Action" +description: "Backup to S3 Bucket" inputs: - kubeconfig: - description: 'A base64 encoded string of the kubeconfig to use. Required!' - required: true - forgejo-token: - description: 'Forgejo token for downloading repositories' - required: false - default: ${{ env.DEVOPS_FORGEJO_ELYSIUM_ORG_READ_TOKEN }} # Action can't read env, so we need to reset it later - garden-version: - description: 'Version of Garden to deploy' - required: false - default: 0.13.29 - oasis-branch: - description: 'Branch of Oasis to use' - required: false - default: master - oasis-workspace: - descipriont: 'Workspace to setup Oasis' - required: false - default: ${{ gitea.workspace }}/oasis + infisical-token: + description: Infisical token for backup envars + required: true + infisical-project: + description: Infisical Project + required: true + s3-backup-path: + description: "Workspace to setup Oasis" + required: false + default: backups/forgejo-repositories/${{ gitea.repository }} runs: using: "composite" steps: - # Set additional Envars - - name: Setting Short Commit Sha - run: echo SHORT_COMMIT_SHA=$(echo $GITHUB_SHA | cut -c 1-6) >> $GITHUB_ENV - - name: Setup Enviornment Variables - shell: bash - run: | - echo CI_NAMESPACE=ci-$SHORT_COMMIT_SHA >> $GITHUB_ENV - echo DEVOPS_FORGEJO_ELYSIUM_ORG_READ_TOKEN=${{ inputs.forgejo-token }} >> $GITHUB_ENV - echo "Checking out Oasis" - # Checkout Oasis - - name: Checkout Oasis + # Checkout Repository + - name: Checkout Repository uses: actions/checkout@v3 with: - repository: "elysium/oasis" - path: ${{ inputs.oasis-workspace }} - token: ${{ env.DEVOPS_FORGEJO_ELYSIUM_ORG_READ_TOKEN }} - ref: ${{ inputs.oasis-branch }} - - name: Download Garden - shell: bash + path: repo + # Load Backup Envars + - name: Setup Backup Envars + uses: https://forgejo.dunemask.dev/elysium/elysium-actions@infisical-env + with: + infisical-token: ${{ inputs.infisical-token }} + project-id: ${{ inputs.infisical-project }} + secret-envs: edge + secret-paths: /devops/forgejo-backups + # Fix Envar Format + - name: Fix Env Format + run: | + echo BACKUP_S3_ENDPOINT=${{ env.DEVOPS_FORGEJO_ELYSIUM_ORG_S3_ENDPOINT }} >> $GITHUB_ENV + echo BACKUP_S3_KEY_ID=${{ env.DEVOPS_FORGEJO_ELYSIUM_ORG_S3_KEY_ID }} >> $GITHUB_ENV + echo BACKUP_S3_KEY=${{ env.DEVOPS_FORGEJO_ELYSIUM_ORG_S3_KEY }} >> $GITHUB_ENV + # Backup Repository + - name: S3 Backup + uses: https://github.com/peter-evans/s3-backup@v1 env: - GARDEN_BIN_VERSION: ${{ inputs.garden-version }} - GARDEN_DIR: ${{ runner.temp }}/garden - run: | - # Install Garden - mkdir -p "$GARDEN_DIR" - cd "$GARDEN_DIR" - if ! [ -d "$GARDEN_BIN_VERSION" ]; then - echo "Downloading ${GARDEN_BIN_VERSION}..." - if [[ "$GARDEN_BIN_VERSION" = "latest" ]]; then - tag_param="" - else - tag_param="$GARDEN_BIN_VERSION" - fi - fi - curl -sL https://get.garden.io/install.sh | bash -s -- $tag_param - echo PATH=$PATH:$HOME/.garden/bin >> $GITHUB_ENV - git config --global --add safe.directory $HOME/.garden/bin/static - echo "Finished intalling Garden!" - # Configure K&S - - name: Configure K8S - run: | - echo "Setup kubeconfig" - mkdir -p ~/.kube && - echo ${{ inputs.kubeconfig }} | base64 -d > ~/.kube/config && - chmod 700 ~/.kube/config - echo "Finished setting up kubeconfig" - - name: Export Envars - shell: bash - run: | - # Export environment variables - echo OASIS_WORKSPACE=${{ inputs.oasis-workspace }} >> $GITHUB_ENV - + STORAGE_SERVICE_URL: ${{ env.BACKUP_S3_ENDPOINT }} + ACCESS_KEY_ID: ${{ env.BACKUP_S3_KEY_ID }} + SECRET_ACCESS_KEY: ${{ env.BACKUP_S3_KEY }} + MIRROR_TARGET: ${{ inputs.s3-backup-path }} + MIRROR_SOURCE: repo + with: + args: --overwrite --remove