From 8af6aeceb60fc2f27e6411081800e7ae70b07df1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tobi=20Sch=C3=A4fer?= <interface@p3k.org>
Date: Sat, 1 Jun 2024 15:17:34 +0200
Subject: [PATCH] Add reusable workflow for setting up SSH agent

---
 .github/workflows/ssh.yml   | 27 +++++++++++++++++++++++++++
 .github/workflows/stage.yml | 19 ++++++++-----------
 2 files changed, 35 insertions(+), 11 deletions(-)
 create mode 100644 .github/workflows/ssh.yml

diff --git a/.github/workflows/ssh.yml b/.github/workflows/ssh.yml
new file mode 100644
index 00000000..36023fdd
--- /dev/null
+++ b/.github/workflows/ssh.yml
@@ -0,0 +1,27 @@
+name: Set up SSH agent
+
+on:
+  workflow_call:
+    inputs:
+      config:
+        required: true
+        type: string
+      known-hosts:
+        required: true
+        type: string
+
+env:
+  SSH_AUTH_SOCK: /tmp/ssh-agent.sock
+
+jobs:
+  ssh-agent:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Set up SSH agent
+        run: |
+          ssh-agent -a $SSH_AUTH_SOCK > /dev/null
+          ssh-add - <<< '${{ secrets.SSH_PRIVATE_KEY }}'
+          mkdir -p ~/.ssh
+          echo '${{ inputs.config }}' > ~/.ssh/config
+          echo '${{ inputs.known-hosts }}' > ~/.ssh/known_hosts
diff --git a/.github/workflows/stage.yml b/.github/workflows/stage.yml
index af3e3b17..88e2f3b7 100644
--- a/.github/workflows/stage.yml
+++ b/.github/workflows/stage.yml
@@ -3,9 +3,6 @@ name: Deploy (Staging)
 on:
   workflow_dispatch
 
-env:
-  SSH_AUTH_SOCK: /tmp/ssh-agent.sock
-
 jobs:
   stage:
     runs-on: ubuntu-latest
@@ -29,17 +26,17 @@ jobs:
       - name: Build with Gradle
         run: ./gradlew installDist
 
-      - name: Set up SSH agent
-        run: |
-          ssh-agent -a $SSH_AUTH_SOCK > /dev/null
-          ssh-add - <<< "${{ secrets.SSH_PRIVATE_KEY }}"
-          mkdir -p ~/.ssh
-          echo '${{ vars.SSH_CONFIG }}' > ~/.ssh/config
-          echo '${{ vars.KNOWN_HOSTS }}' > ~/.ssh/known_hosts
+      - uses: ./.github/workflows/ssh.yml
+        with:
+          config: ${{ vars.SSH_CONFIG }}
+          known-hosts: ${{ vars.SSH_KNOWN_HOSTS }}
+        secrets: inherit
 
       - name: Publish to staging server
+        # The rsync command applies the same filters as the one in tools/extras/deploy.sh
         run: |
-          rsync build/install/helma/ antville.dev:/ \
+          ssh antville.dev ping
+          echo rsync ./build/install/helma/ antville.dev:./ \
             --verbose --archive --delete --compress \
             --filter 'protect /lib/ext' \
             --filter '+ /launcher.jar' \