-
Notifications
You must be signed in to change notification settings - Fork 0
61 lines (51 loc) · 1.68 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
name: Trigger Verifier on Commit
on:
push:
branches:
- main
jobs:
send-post-request:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Set up Python and Install pyotp
run: |
python3 -m venv venv
source venv/bin/activate
pip install pyotp
- name: Generate TOTP Code
id: generate_totp
run: |
echo "SECRET_KEY=${{ secrets.SECRET_KEY }}" >> $GITHUB_ENV
echo "import pyotp; print(pyotp.TOTP('${{ secrets.SECRET_KEY }}').now())" > totp.py
TOTP_CODE=$(venv/bin/python3 totp.py)
echo "code=$TOTP_CODE" >> $GITHUB_ENV
- name: Send deployment request to AuthRun
id: send_post
run: |
# Mask the code in the logs
echo "::add-mask::${{ env.code }}"
# Disable command echoing to avoid printing the curl command with the code
set +x
response=$(curl -X POST "${{ secrets.FLASK_VERIFIER_URL }}/verify" \
-d "code=${{ env.code }}" -s)
# Re-enable command echoing
set -x
echo "Response: $response"
echo "$response" > response.json
success=$(echo $response | jq -r '.success')
message=$(echo $response | jq -r '.message')
if [[ "$success" == "false" ]]; then
echo "Message: $message"
echo "Try manual deployment"
exit 1
else
echo "Verification succeeded."
fi
env:
code: ${{ env.code }}
FLASK_VERIFIER_URL: ${{ secrets.FLASK_VERIFIER_URL }}
- name: Handle Success
if: steps.send_post.outputs.success == 'true'
run: echo "Action completed successfully!"