aylac.top
1jobs:
2 acls:
3 runs-on: ubuntu-latest
4 steps:
5 - uses: actions/checkout@main
6 with:
7 fetch-depth: 1
8 - uses: DeterminateSystems/nix-installer-action@main
9 - name: Convert .#tailscaleACLs to tailscale.json
10 run: nix eval --json .#tailscaleACLs > tailscale.json
11 - if: |-
12 github.event_name == 'push' ||
13 (github.event_name == 'workflow_dispatch' &&
14 github.event.inputs.action == 'deploy')
15 name: Deploy ACL
16 uses: tailscale/gitops-acl-action@v1
17 with:
18 action: apply
19 api-key: ${{ secrets.TS_API_KEY }}
20 policy-file: tailscale.json
21 tailnet: ayla6.github
22 - if: |-
23 github.event_name == 'pull_request' ||
24 (github.event_name == 'workflow_dispatch' &&
25 github.event.inputs.action == 'test')
26 name: Test ACL
27 uses: tailscale/gitops-acl-action@v1
28 with:
29 action: test
30 api-key: ${{ secrets.TS_API_KEY }}
31 policy-file: tailscale.json
32 tailnet: ayla6.github
33name: deploy-tailscale-acls
34'on':
35 pull_request:
36 branches:
37 - master
38 paths:
39 - .github/workflows/deploy-tailscale-acls.yml
40 - flake/tailscale.nix
41 push:
42 branches:
43 - master
44 paths:
45 - .github/workflows/deploy-tailscale-acls.yml
46 - flake/tailscale.nix
47 workflow_dispatch:
48 inputs:
49 action:
50 default: deploy
51 description: Which action to run
52 options:
53 - deploy
54 - test
55 required: true
56 type: choice