Skip to content

Commit 9135d97

Browse files
ralyodioralyodio
committed
fix: LNbits deploy workflow — resolve vars from direct secrets
ENV_FILE doesn't contain LNBITS_DROPLET_HOST/USER/SSH_KEY. Now resolves all required vars with fallback chain: 1. ENV_FILE (dotenv parsed) 2. Direct GitHub secrets (LNBITS_DROPLET_HOST, etc.) 3. Direct GitHub vars Also made ENV_FILE optional — workflow can run purely from direct secrets if ENV_FILE is empty.
1 parent 227fe90 commit 9135d97

File tree

1 file changed

+32
-6
lines changed

1 file changed

+32
-6
lines changed

.github/workflows/deploy-lnbits-droplet.yml

Lines changed: 32 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,11 @@ jobs:
1111
env:
1212
# Supports either secret or variable named ENV_FILE (dotenv format)
1313
ENV_FILE: ${{ secrets.ENV_FILE || vars.ENV_FILE }}
14+
# Direct secrets fallback (these may not be in ENV_FILE)
1415
DIRECT_SSH_KEY: ${{ secrets.LNBITS_DROPLET_SSH_KEY || secrets.LNBITS_DROP_SSH_KEY || vars.LNBITS_DROPLET_SSH_KEY || vars.LNBITS_DROP_SSH_KEY }}
16+
DIRECT_HOST: ${{ secrets.LNBITS_DROPLET_HOST || vars.LNBITS_DROPLET_HOST }}
17+
DIRECT_USER: ${{ secrets.LNBITS_DROPLET_USER || vars.LNBITS_DROPLET_USER }}
18+
DIRECT_ADMIN_KEY: ${{ secrets.LNBITS_ADMIN_KEY || vars.LNBITS_ADMIN_KEY }}
1519
steps:
1620
- name: Checkout
1721
uses: actions/checkout@v4
@@ -21,8 +25,8 @@ jobs:
2125
run: |
2226
set -euo pipefail
2327
if [ -z "${ENV_FILE:-}" ]; then
24-
echo "ENV_FILE is empty. Add secret/variable ENV_FILE with dotenv contents."
25-
exit 1
28+
echo "ENV_FILE is empty — relying on direct secrets only"
29+
exit 0
2630
fi
2731
2832
# Export KEY=VALUE lines into job env (ignore comments/blank lines)
@@ -39,11 +43,24 @@ jobs:
3943
} >> "$GITHUB_ENV"
4044
done <<< "$ENV_FILE"
4145
42-
- name: Validate required vars
46+
- name: Resolve required vars
4347
shell: bash
4448
run: |
4549
set -euo pipefail
46-
# Backward-compat aliases
50+
51+
# Resolve LNBITS_DROPLET_HOST — prefer ENV_FILE, fall back to direct secret
52+
if [ -z "${LNBITS_DROPLET_HOST:-}" ] && [ -n "${DIRECT_HOST:-}" ]; then
53+
echo "LNBITS_DROPLET_HOST=${DIRECT_HOST}" >> "$GITHUB_ENV"
54+
export LNBITS_DROPLET_HOST="${DIRECT_HOST}"
55+
fi
56+
57+
# Resolve LNBITS_DROPLET_USER — prefer ENV_FILE, fall back to direct secret
58+
if [ -z "${LNBITS_DROPLET_USER:-}" ] && [ -n "${DIRECT_USER:-}" ]; then
59+
echo "LNBITS_DROPLET_USER=${DIRECT_USER}" >> "$GITHUB_ENV"
60+
export LNBITS_DROPLET_USER="${DIRECT_USER}"
61+
fi
62+
63+
# Resolve SSH key — check ENV_FILE keys, then direct secret
4764
if [ -z "${LNBITS_DROPLET_SSH_KEY:-}" ] && [ -n "${LNBITS_DROP_SSH_KEY:-}" ]; then
4865
echo "LNBITS_DROPLET_SSH_KEY=${LNBITS_DROP_SSH_KEY}" >> "$GITHUB_ENV"
4966
export LNBITS_DROPLET_SSH_KEY="${LNBITS_DROP_SSH_KEY}"
@@ -55,14 +72,23 @@ jobs:
5572
export LNBITS_DROPLET_SSH_KEY="${DIRECT_SSH_KEY}"
5673
fi
5774
75+
# Resolve LNBITS_ADMIN_KEY
76+
if [ -z "${LNBITS_ADMIN_KEY:-}" ] && [ -n "${DIRECT_ADMIN_KEY:-}" ]; then
77+
echo "LNBITS_ADMIN_KEY=${DIRECT_ADMIN_KEY}" >> "$GITHUB_ENV"
78+
export LNBITS_ADMIN_KEY="${DIRECT_ADMIN_KEY}"
79+
fi
80+
81+
# Validate all required vars are set
5882
for k in LNBITS_DROPLET_HOST LNBITS_DROPLET_USER LNBITS_DROPLET_SSH_KEY LNBITS_ADMIN_KEY; do
5983
if [ -z "${!k:-}" ]; then
60-
echo "Missing required ENV_FILE key: $k"
84+
echo "❌ Missing required var: $k"
85+
echo " Set it as a GitHub secret/variable, or include it in ENV_FILE"
6186
exit 1
6287
fi
6388
done
89+
echo "✅ All required vars resolved"
6490
65-
- name: Run setup-droplet.sh on LNbits host
91+
- name: Deploy to LNbits host
6692
uses: appleboy/ssh-action@v1.0.3
6793
with:
6894
host: ${{ env.LNBITS_DROPLET_HOST }}

0 commit comments

Comments
 (0)