From 060942051fac46e9b597e6b1f00ae8363f2947a5 Mon Sep 17 00:00:00 2001
From: Julien Dessaux <julien.dessaux@adyxax.org>
Date: Wed, 9 Apr 2025 18:20:24 +0200
Subject: [PATCH 1/2] chore(tooling): integrate forgejo workflow's deploy step
 into the makefile's

---
 .forgejo/workflows/main.yaml |  6 +-----
 GNUmakefile                  | 13 +++++++++++--
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/.forgejo/workflows/main.yaml b/.forgejo/workflows/main.yaml
index 9962c80..1c36362 100644
--- a/.forgejo/workflows/main.yaml
+++ b/.forgejo/workflows/main.yaml
@@ -50,11 +50,7 @@ jobs:
         with:
           name: 'ods'
       - run: |
-          umask 077
-          printf '%s' "$SSH_PRIVATE_KEY" | base64 -d > private_key
-          SSHOPTS="-i private_key -o StrictHostKeyChecking=accept-new"
-          rsync -e "ssh ${SSHOPTS}" ods ods@ods.adyxax.org:
-          ssh ${SSHOPTS} ods@ods.adyxax.org "chmod +x ods; systemctl --user restart ods"
+          make deploy
         env:
           SSH_PRIVATE_KEY: '${{ secrets.SSH_PRIVATE_KEY }}'
   publish:
diff --git a/GNUmakefile b/GNUmakefile
index 2e974e2..3695969 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -37,8 +37,17 @@ push: tidy no-dirty check ## push changes to git remote
 
 .PHONY: deploy
 deploy: build ## deploy changes to the production server
-	rsync ./ods ods@ods.adyxax.org:
-	ssh ods@ods.adyxax.org "systemctl --user restart ods"
+	umask 077
+	if [ -n "$${SSH_PRIVATE_KEY:-}" ]; then
+	    cleanup() {
+	        rm -f private_key
+	    }
+	    trap cleanup EXIT
+	    printf '%s' "$$SSH_PRIVATE_KEY" | base64 -d > private_key
+	    SSHOPTS="-i private_key -o StrictHostKeyChecking=accept-new"
+	fi
+	rsync -e "ssh $${SSHOPTS:-}" ./ods ods@ods.adyxax.org:
+	ssh $${SSHOPTS:-} ods@ods.adyxax.org "chmod +x ods; systemctl --user restart ods"
 
 ##### Utils ####################################################################
 .PHONY: confirm

From 5cacfdb574a8d92167e3f34071e39d05959637e8 Mon Sep 17 00:00:00 2001
From: Julien Dessaux <julien.dessaux@adyxax.org>
Date: Sat, 12 Apr 2025 14:06:28 +0200
Subject: [PATCH 2/2] chore(tooling): update workflow

---
 .forgejo/workflows/main.yaml | 23 +++++++++--------------
 1 file changed, 9 insertions(+), 14 deletions(-)

diff --git a/.forgejo/workflows/main.yaml b/.forgejo/workflows/main.yaml
index 1c36362..a4acf13 100644
--- a/.forgejo/workflows/main.yaml
+++ b/.forgejo/workflows/main.yaml
@@ -1,10 +1,12 @@
 ---
+name: 'main'
+
 on:
   push:
   workflow_dispatch:
 
 jobs:
-  test:
+  main:
     runs-on: 'self-hosted'
     steps:
       - uses: 'actions/checkout@v4'
@@ -17,16 +19,6 @@ jobs:
       - name: 'check'
         run: |
           make check no-dirty
-  build:
-    if: "${{ startsWith(github.ref, 'refs/tags/') }}"
-    needs:
-      - 'test'
-    runs-on: 'self-hosted'
-    steps:
-      - uses: 'actions/checkout@v4'
-      - uses: 'actions/setup-go@v5'
-        with:
-          go-version-file: 'go.mod'
       - name: 'build'
         run: |
           printf '%s' "$GIT_CRYPT_SECRET" | base64 -d > secret
@@ -36,13 +28,15 @@ jobs:
           GIT_CRYPT_SECRET: '${{ secrets.GIT_CRYPT }}'
       #- uses: 'actions/upload-artifact@v4'
       - uses: 'forgejo/upload-artifact@v4'
+        if: "${{ startsWith(github.ref, 'refs/tags/') }}"
         with:
           if-no-files-found: 'error'
           name: 'ods'
           path: 'ods'
   deploy:
+    if: "${{ startsWith(github.ref, 'refs/tags/') }}"
     needs:
-      - 'build'
+      - 'main'
     runs-on: 'self-hosted'
     steps:
       #- uses: 'actions/download-artifact@v4'
@@ -54,8 +48,9 @@ jobs:
         env:
           SSH_PRIVATE_KEY: '${{ secrets.SSH_PRIVATE_KEY }}'
   publish:
+    if: "${{ startsWith(github.ref, 'refs/tags/') }}"
     needs:
-      - 'build'
+      - 'main'
     runs-on: 'self-hosted'
     steps:
       #- uses: 'actions/download-artifact@v4'
@@ -70,4 +65,4 @@ jobs:
           release-dir: './'
           token: '${{ env.GITHUB_TOKEN }}'
           hide-archive-link: true
-          prerelease: true
+          prerelease: false