CI: don't reset staging.testrun.org VPS on every CI run

2026-05-10 16:04:37 +00:00 · 2024-01-18 17:00:39 +01:00
parent bfaedb5cf1
commit ef95627138
1 changed files with 21 additions and 21 deletions
--- a/.github/workflows/test-and-deploy.yaml
+++ b/.github/workflows/test-and-deploy.yaml
@@ -13,22 +13,22 @@ jobs:
    steps:
      - uses: actions/checkout@v3

-      - name: stash TLS cert before rebuilding
+      - name: prepare SSH
        run: |
          mkdir ~/.ssh
          echo "${{ secrets.STAGING_SSH_KEY }}" >> ~/.ssh/id_ed25519
          chmod 600 ~/.ssh/id_ed25519
          ssh-keyscan staging.testrun.org > ~/.ssh/known_hosts
-          rsync -avz root@staging.testrun.org:/var/lib/acme . || true
-          rsync -avz root@staging.testrun.org:/var/lib/rspamd/dkim . || true
+     #    rsync -avz root@staging.testrun.org:/var/lib/acme . || true
+     #    rsync -avz root@staging.testrun.org:/var/lib/rspamd/dkim . || true

-      - name: rebuild staging.testrun.org to have a clean VPS
-        run: |
-            curl -X POST \
-            -H "Authorization: Bearer ${{ secrets.HETZNER_API_TOKEN }}" \
-            -H "Content-Type: application/json" \
-            -d '{"image":"debian-12"}' \
-            "https://api.hetzner.cloud/v1/servers/${{ secrets.STAGING_SERVER_ID }}/actions/rebuild"
+     #- name: rebuild staging.testrun.org to have a clean VPS
+     #  run: |
+     #      curl -X POST \
+     #      -H "Authorization: Bearer ${{ secrets.HETZNER_API_TOKEN }}" \
+     #      -H "Content-Type: application/json" \
+     #      -d '{"image":"debian-12"}' \
+     #      "https://api.hetzner.cloud/v1/servers/${{ secrets.STAGING_SERVER_ID }}/actions/rebuild"

      - name: initenv 
        run: scripts/initenv.sh
@@ -42,14 +42,14 @@ jobs:
      - name: run deploy-chatmail offline tests 
        run: pytest --pyargs cmdeploy 

-      - name: upload TLS cert after rebuilding
-        run: |
-          echo " --- wait until staging.testrun.org VPS is rebuilt --- "
-          rm ~/.ssh/known_hosts
-          while ! ssh -o ConnectTimeout=180 -o StrictHostKeyChecking=accept-new -v root@staging.testrun.org id -u ; do sleep 1 ; done
-          ssh -o StrictHostKeyChecking=accept-new -v root@staging.testrun.org id -u
-          rsync -avz acme root@staging.testrun.org:/var/lib/ || true
-          rsync -avz dkim root@staging.testrun.org:/var/lib/rspamd/ || true
+     #- name: upload TLS cert after rebuilding
+     #  run: |
+     #    echo " --- wait until staging.testrun.org VPS is rebuilt --- "
+     #    rm ~/.ssh/known_hosts
+     #    while ! ssh -o ConnectTimeout=180 -o StrictHostKeyChecking=accept-new -v root@staging.testrun.org id -u ; do sleep 1 ; done
+     #    ssh -o StrictHostKeyChecking=accept-new -v root@staging.testrun.org id -u
+     #    rsync -avz acme root@staging.testrun.org:/var/lib/ || true
+     #    rsync -avz dkim root@staging.testrun.org:/var/lib/rspamd/ || true

      - name: cmdeploy init staging.testrun.org
        run: cmdeploy init staging.testrun.org
@@ -59,10 +59,10 @@ jobs:

      - name: set DNS entries
        run: |
-          ssh -o StrictHostKeyChecking=accept-new -v root@staging.testrun.org chown _rspamd:_rspamd -R /var/lib/rspamd/dkim
+          #ssh -o StrictHostKeyChecking=accept-new -v root@staging.testrun.org chown _rspamd:_rspamd -R /var/lib/rspamd/dkim
          echo "${{ secrets.DEFAULT_DNS_ZONE }}" > staging.testrun.org.zone
-          cmdeploy dns --zonefile staging-additional.zone
-          cat staging-additional.zone >> staging.testrun.org.zone
+          cmdeploy dns --zonefile staging-generated.zone
+          cat staging-generated.zone >> staging.testrun.org.zone
          scp -o StrictHostKeyChecking=accept-new staging.testrun.org.zone root@ns.testrun.org:/etc/nsd/staging.testrun.org.zone
          ssh root@ns.testrun.org nsd-checkzone staging.testrun.org /etc/nsd/staging.testrun.org.zone
          ssh root@ns.testrun.org systemctl reload nsd