Skip to content

Commit 82df60c

Browse files
authored
Update deploy.yml
1 parent fe17d1d commit 82df60c

1 file changed

Lines changed: 20 additions & 5 deletions

File tree

.github/workflows/deploy.yml

Lines changed: 20 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,16 @@ jobs:
1313
- name: Checkout
1414
uses: actions/checkout@v4
1515

16+
# ── Open port 22 for all IPs ───────────────────────────────
17+
- name: Open port 22 for all IPs
18+
run: |
19+
curl -s -X POST \
20+
-H "Authorization: Bearer ${{ secrets.DO_API_TOKEN }}" \
21+
-H "Content-Type: application/json" \
22+
-d '{"inbound_rules":[{"protocol":"tcp","ports":"22","sources":{"addresses":["0.0.0.0/0"]}}]}' \
23+
"https://api.digitalocean.com/v2/firewalls/${{ secrets.DO_FIREWALL_ID }}/rules"
24+
sleep 10
25+
1626
- name: Configure AWS credentials
1727
uses: aws-actions/configure-aws-credentials@v4
1828
with:
@@ -33,7 +43,6 @@ jobs:
3343
--build-arg AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} \
3444
--build-arg AWS_DEFAULT_REGION=us-east-1 \
3545
-t ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com/${{ secrets.AWS_REPO }}:latest .
36-
3746
docker push \
3847
${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com/${{ secrets.AWS_REPO }}:latest
3948
@@ -47,18 +56,24 @@ jobs:
4756
aws ecr get-login-password --region ${{ secrets.AWS_DEFAULT_REGION }} | \
4857
docker login --username AWS --password-stdin \
4958
${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com
50-
5159
docker pull \
5260
${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com/${{ secrets.AWS_REPO }}:latest
53-
5461
docker stop atv-sdk1 || true
5562
docker rm atv-sdk1 || true
56-
5763
docker run -d \
5864
-p 3000:3000 \
5965
--name atv-sdk1 \
6066
-e NODE_TLS_REJECT_UNAUTHORIZED=0 \
6167
--restart unless-stopped \
6268
${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com/${{ secrets.AWS_REPO }}:latest
69+
docker image prune -f
6370
64-
docker image prune -f
71+
# ── Remove open port 22 rule ───────────────────────────────
72+
- name: Close port 22 for all IPs
73+
if: always()
74+
run: |
75+
curl -s -X DELETE \
76+
-H "Authorization: Bearer ${{ secrets.DO_API_TOKEN }}" \
77+
-H "Content-Type: application/json" \
78+
-d '{"inbound_rules":[{"protocol":"tcp","ports":"22","sources":{"addresses":["0.0.0.0/0"]}}]}' \
79+
"https://api.digitalocean.com/v2/firewalls/${{ secrets.DO_FIREWALL_ID }}/rules"

0 commit comments

Comments
 (0)