pez-infra/.github/workflows/deploy-on-merge.yml
dependabot[bot] 352bfbe3bc
chore(deps): bump the github-actions group with 2 updates
Bumps the github-actions group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [actions/cache](https://github.com/actions/cache).


Updates `actions/checkout` from 6 to 7
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v6...v7)

Updates `actions/cache` from 5 to 6
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/cache
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-24 16:04:43 +00:00

47 lines
1.1 KiB
YAML

name: Deploy (on merge)
on:
push:
branches:
- main
paths-ignore:
- "terraform/**"
- "docs/**"
- "**/*.md"
- ".github/**"
# Serialize fleet deploys so two quick merges can't run Ansible against the
# same hosts at once. Don't cancel an in-flight deploy mid-run — queue it.
concurrency:
group: deploy-on-merge
cancel-in-progress: false
jobs:
discover:
name: Discover hosts
runs-on: ubuntu-latest
outputs:
hosts: ${{ steps.discover.outputs.hosts }}
steps:
- uses: actions/checkout@v7
- name: Read hosts from inventory
id: discover
run: |
HOSTS=$(grep 'ansible_host=' ansible/inventory/hosts.ini | awk '{print $1}' | jq -R . | jq -cs .)
echo "hosts=$HOSTS" >> "$GITHUB_OUTPUT"
deploy:
needs: discover
strategy:
matrix:
host: ${{ fromJson(needs.discover.outputs.hosts) }}
fail-fast: false
permissions:
id-token: write
uses: ./.github/workflows/_deploy-core.yml
with:
host: ${{ matrix.host }}
playbook: deploy.yml
dry_run: false
secrets: inherit