-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaction.yml
107 lines (99 loc) · 3.56 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
name: Issue SSL certificate using Lego
description: Issue SSL certificate with lego DNS API mode.
branding:
icon: lock
color: blue
inputs:
accounts-tar-base64:
description: Base64 encoded tar file content of your account files in `~/.lego` (i.e. output of `tar cz accounts | base64 -w0` in your `~/.lego` directory).
required: true
lego-envs:
description: 'Environment variables for lego (key=value pairs separated by commas)'
required: true
default: 'VAR1=value1,VAR2=value2'
version:
description: Version of lego cli tools
required: true
default: 'latest'
email:
description: Your Email to request certificate
required: true
lego-dns-provider:
description: ref https://go-acme.github.io/lego/dns/index.html
required: true
domains:
description: Separate with common
required: true
dns-resolvers:
description: For dns challenage pre-check
required: true
default: "1.1.1.1:53"
lego-server:
description: The server used for request certificate.
required: true
default: "https://acme-v02.api.letsencrypt.org/directory"
action:
description: lego action
required: true
default: "run"
runs:
using: "composite"
steps:
# - name: Get latest go version
# id: version
# shell: bash
# run: |
# echo ::set-output name=go_version::$(curl -s https://raw.githubusercontent.com/actions/go-versions/main/versions-manifest.json | grep -oE '"version": "[0-9]{1}.[0-9]{1,}(.[0-9]{1,})?"' | head -1 | cut -d':' -f2 | sed 's/ //g; s/"//g')
# - name: Setup Go
# uses: actions/setup-go@v2
# with:
# go-version: ${{ steps.version.outputs.go_version }}
# - name: Cache Go modules
# id: cache-go-modules
# uses: actions/cache@v3
# with:
# path: |
# ~/.cache/go-build
# ~/go/pkg/mod
# key: ${{ runner.os }}-go-${{ inputs.version }}
# restore-keys: |
# ${{ runner.os }}-go-
# - name: Install Lego Tools
# shell: bash
# run: |
# mkdir -p ./.lego/ && \
# go install github.com/go-acme/lego/v4/cmd/lego@${{ inputs.version }}
- name: Extract account files for lego
run: |
mkdir -p ./.lego/
if ! [[ -z "$LEGO_INPUT_ACCOUNT_TAR" ]]; then
echo "$LEGO_INPUT_ACCOUNT_TAR" | base64 -d | tar -C ./.lego/ -xz
fi
shell: bash
env:
LEGO_INPUT_ACCOUNT_TAR: ${{ inputs.accounts-tar-base64 }}
- name: Parse and set environment variables for lego
shell: bash
run: |
IFS=',' read -ra ENV_PAIRS <<< "${{ inputs.lego-envs }}"
for ENV_PAIR in "${ENV_PAIRS[@]}"; do
IFS='=' read -ra KV <<< "$ENV_PAIR"
echo "${KV[0]}=${KV[1]}" >> $GITHUB_ENV
done
# - name: Request SSL certificate with lego cli tools
# shell: bash
# run: |
# lego --server "${{ inputs.lego-server }}" --email "${{ inputs.email }}" --dns ${{ inputs.lego-dns-provider }} --domains "${{ inputs.domains }}" --dns.resolvers ${{ inputs.dns-resolvers }} --pem --pfx --accept-tos run
- name: Request SSL certificate with lego cli tools by docker
shell: bash
run: |
docker run --rm \
-v $(pwd)/.lego/:/.lego/ \
--env-file <(env) \
-u$UID:$GID goacme/lego \
--server "${{ inputs.lego-server }}" \
--email "${{ inputs.email }}" \
--dns ${{ inputs.lego-dns-provider }} \
--domains "${{ inputs.domains }}" \
--dns.resolvers ${{ inputs.dns-resolvers }} \
--pem --pfx --accept-tos ${{ inputs.action }}