Skip to content
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,29 @@ jobs:
grep -q '^POST https://console.example.com/api/action/deployments/from-config-package$' "$tmp/argv"
grep -q '^console-url=https://console.example.com$' "$tmp/github-output"

- name: Validate dry-run console install
env:
APPALOFT_DEPLOY_ACTION_DRY_RUN: "true"
INPUT_COMMAND: install-console
INPUT_VERSION: v0.9.1
INPUT_SSH_HOST: 203.0.113.10
INPUT_CONSOLE_DOMAIN: console.example.com
INPUT_CONSOLE_DATABASE: pglite
INPUT_CONSOLE_SKIP_DOCKER_INSTALL: "true"
run: |
tmp="$(mktemp -d)"
trap 'rm -rf "$tmp"' EXIT
export RUNNER_TEMP="$tmp"
export GITHUB_OUTPUT="$tmp/github-output"
export APPALOFT_DEPLOY_ACTION_ARGV_PATH="$tmp/argv"

bash scripts/run-deploy.sh

grep -q '^SSH root@203.0.113.10:22$' "$tmp/argv"
grep -q '^INSTALLER https://github.com/appaloft/appaloft/releases/download/v0.9.1/install.sh$' "$tmp/argv"
grep -q '^HEALTH https://console.example.com/api/health$' "$tmp/argv"
grep -q '^console-url=https://console.example.com$' "$tmp/github-output"

- name: Opt-in exact-version install smoke
if: ${{ vars.APPALOFT_INSTALL_SMOKE_VERSION != '' }}
env:
Expand Down
54 changes: 51 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,45 @@ secrets:
from: ci-env:DATABASE_URL
```

## Install Self-Hosted Console

Use `command: install-console` when a workflow should install or upgrade an Appaloft console on an
SSH host before other repositories deploy through `control-plane-mode: self-hosted`.

```yaml
name: Install Appaloft Console

on:
workflow_dispatch:

jobs:
install:
runs-on: ubuntu-latest
permissions:
contents: read
environment:
name: appaloft-console
url: ${{ steps.console.outputs.console-url }}
steps:
- uses: appaloft/deploy-action@v1
id: console
with:
command: install-console
version: latest
ssh-host: ${{ secrets.APPALOFT_CONSOLE_SSH_HOST }}
ssh-user: ${{ secrets.APPALOFT_CONSOLE_SSH_USER }}
ssh-private-key: ${{ secrets.APPALOFT_CONSOLE_SSH_PRIVATE_KEY }}
console-domain: console.example.com
console-database: pglite
console-skip-docker-install: true
```

The action connects to the SSH host, downloads the matching Appaloft release `install.sh`, runs the
self-hosted Docker installer with the selected public console origin, and verifies
`/api/health`. `console-url` may be supplied directly when the public origin is not
`https://<console-domain>`. This command is separate from `deploy`, so the original pure SSH CLI
deployment path remains available.

## Pull Request Preview

Action-only pull request previews require a workflow file. The action does not install a webhook or
Expand Down Expand Up @@ -270,8 +309,8 @@ source-link state, or the Appaloft server, not from committed config.

| Input | Default | Purpose |
| --- | --- | --- |
| `command` | `deploy` | `deploy` or `preview-cleanup`. |
| `version` | `latest` | Appaloft CLI release tag such as `v0.9.0`. |
| `command` | `deploy` | `deploy`, `preview-cleanup`, or `install-console`. |
| `version` | `latest` | Appaloft release tag such as `v0.9.0`. Used for CLI install and self-hosted console install. |
| `config` | empty | Optional Appaloft config path. If omitted, `appaloft.yml` is used only when present. |
| `source` | `.` | Source path or locator passed to the CLI. |
| `runtime-name` | empty | Trusted runtime name override for deploy. |
Expand All @@ -280,6 +319,15 @@ source-link state, or the Appaloft server, not from committed config.
| `ssh-port` | empty | SSH port. |
| `ssh-private-key` | empty | SSH private key value, written to a temp file before invoking Appaloft. |
| `ssh-private-key-file` | empty | Existing runner-local private key path. Mutually exclusive with `ssh-private-key`. |
| `console-url` | empty | Public console origin for `command: install-console`. Defaults to `https://<console-domain>` or `http://<ssh-host>:<console-http-port>`. |
| `console-domain` | empty | Public console domain used to derive `console-url` when `console-url` is empty. |
| `console-database` | `pglite` | Self-hosted console database backend for `command: install-console`; `pglite` or `postgres`. |
| `console-http-host` | `0.0.0.0` | Host bind address passed to the self-hosted console installer. |
| `console-http-port` | `3001` | Host HTTP port passed to the self-hosted console installer. |
| `console-install-dir` | empty | Remote install directory passed to the self-hosted console installer. Empty uses the installer default. |
| `console-image` | `ghcr.io/appaloft/appaloft` | Appaloft console image repository or full image reference passed to the self-hosted console installer. |
| `console-installer-url` | empty | Override URL for the self-hosted `install.sh` used by `command: install-console`. |
| `console-skip-docker-install` | `false` | Require Docker Engine to already exist on the SSH host during `command: install-console`. |
| `server-provider` | `generic-ssh` | Server provider key. |
| `server-proxy-kind` | empty | Server proxy kind such as `traefik` or `caddy`. |
| `state-backend` | empty | Explicit state backend. SSH targets default to `ssh-pglite`. |
Expand Down Expand Up @@ -313,7 +361,7 @@ source-link state, or the Appaloft server, not from committed config.
| `preview-url` | Public preview URL when Appaloft resolves one during deploy. |
| `deployment-id` | Deployment id accepted by Appaloft. |
| `deployment-url` | Self-hosted Appaloft console deployment detail URL when available. |
| `console-url` | Self-hosted Appaloft console URL used by server API mode. |
| `console-url` | Self-hosted Appaloft console URL installed by `install-console` or used by server API mode. |
| `preview-cleanup-status` | Cleanup status returned by server API mode for `command: preview-cleanup`. |

## Security Notes
Expand Down
52 changes: 49 additions & 3 deletions action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,11 @@ description: Run an Appaloft deployment from GitHub Actions through pure SSH CLI

inputs:
command:
description: Wrapper command to run. Use deploy for deployments or preview-cleanup for pull request cleanup.
description: Wrapper command to run. Use deploy for deployments, preview-cleanup for pull request cleanup, or install-console to install or upgrade a self-hosted console over SSH.
required: false
default: deploy
version:
description: Appaloft CLI release tag, for example v0.9.0. Use latest for the latest stable release.
description: Appaloft release tag, for example v0.9.0. Use latest for the latest stable release.
required: false
default: latest
config:
Expand Down Expand Up @@ -42,6 +42,42 @@ inputs:
description: Existing runner-local SSH private key file.
required: false
default: ""
console-url:
description: Public self-hosted console origin configured during command=install-console. Defaults to https://<console-domain> or http://<ssh-host>:<console-http-port>.
required: false
default: ""
console-domain:
description: Public self-hosted console domain used to derive https://<domain> when console-url is empty.
required: false
default: ""
console-database:
description: Self-hosted console database backend for command=install-console.
required: false
default: "pglite"
console-http-host:
description: Host bind address passed to the self-hosted console installer.
required: false
default: "0.0.0.0"
console-http-port:
description: Host HTTP port passed to the self-hosted console installer.
required: false
default: "3001"
console-install-dir:
description: Remote install directory passed to the self-hosted console installer. Defaults to the installer default.
required: false
default: ""
console-image:
description: Appaloft console image repository or full image reference passed to the self-hosted console installer.
required: false
default: "ghcr.io/appaloft/appaloft"
console-installer-url:
description: Override URL for the self-hosted install.sh script used by command=install-console.
required: false
default: ""
console-skip-docker-install:
description: Require Docker Engine to already exist on the SSH host when command=install-console.
required: false
default: "false"
server-provider:
description: Server provider key.
required: false
Expand Down Expand Up @@ -169,7 +205,7 @@ runs:
run: bash "$GITHUB_ACTION_PATH/scripts/resolve-control-plane.sh"

- id: install
if: ${{ steps.resolve.outputs.control-plane-mode == 'none' }}
if: ${{ steps.resolve.outputs.control-plane-mode == 'none' && inputs.command != 'install-console' }}
shell: bash
env:
INPUT_VERSION: ${{ inputs.version }}
Expand All @@ -181,6 +217,7 @@ runs:
env:
APPALOFT_BIN: ${{ steps.install.outputs.appaloft-bin }}
INPUT_COMMAND: ${{ inputs.command }}
INPUT_VERSION: ${{ inputs.version }}
INPUT_CONFIG: ${{ inputs.config }}
INPUT_SOURCE: ${{ inputs.source }}
INPUT_RUNTIME_NAME: ${{ inputs.runtime-name }}
Expand All @@ -189,6 +226,15 @@ runs:
INPUT_SSH_PORT: ${{ inputs.ssh-port }}
INPUT_SSH_PRIVATE_KEY: ${{ inputs.ssh-private-key }}
INPUT_SSH_PRIVATE_KEY_FILE: ${{ inputs.ssh-private-key-file }}
INPUT_CONSOLE_URL: ${{ inputs.console-url }}
INPUT_CONSOLE_DOMAIN: ${{ inputs.console-domain }}
INPUT_CONSOLE_DATABASE: ${{ inputs.console-database }}
INPUT_CONSOLE_HTTP_HOST: ${{ inputs.console-http-host }}
INPUT_CONSOLE_HTTP_PORT: ${{ inputs.console-http-port }}
INPUT_CONSOLE_INSTALL_DIR: ${{ inputs.console-install-dir }}
INPUT_CONSOLE_IMAGE: ${{ inputs.console-image }}
INPUT_CONSOLE_INSTALLER_URL: ${{ inputs.console-installer-url }}
INPUT_CONSOLE_SKIP_DOCKER_INSTALL: ${{ inputs.console-skip-docker-install }}
INPUT_SERVER_PROVIDER: ${{ inputs.server-provider }}
INPUT_SERVER_PROXY_KIND: ${{ inputs.server-proxy-kind }}
INPUT_STATE_BACKEND: ${{ inputs.state-backend }}
Expand Down
Loading
Loading