Merge pull request #46 from heywoodlh/renovate/ghcr.io-coder-coder-2.x #15

	name: kubernetes cd

	on:
	workflow_dispatch:
	schedule:
	- cron: '0 0 * * Mon'
	push:
	branches:
	- main
	paths:
	- 'kube/**'

	jobs:
	deploy-services:
	name: Check and apply all deployments
	runs-on: ubuntu-latest
	strategy:
	max-parallel: 8
	fail-fast: false
	matrix:
	deployment:
	- "actions-runner-controller"
	- "actions-runner-flakes"
	- "cloudflared"
	- "cloudtube"
	- "coder"
	- "drawio"
	- "grafana"
	- "home-assistant"
	- "miniflux"
	- "motioneye"
	- "ntfy"
	- "open-webui"
	- "prometheus"
	- "protonmail-bridge"
	- "redlib"
	- "regexr"
	- "retroarcher"
	- "rsshub"
	- "rustdesk"
	- "second"
	- "squid"
	- "syncthing"
	- "tailscale-operator"
	- "uptime"
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Connect to Tailnet
	uses: tailscale/github-action@v2
	with:
	oauth-client-id: ${{ secrets.TS_OAUTH_CLIENT_ID }}
	oauth-secret: ${{ secrets.TS_OAUTH_SECRET }}
	tags: tag:ci

	- name: Install Nix
	uses: cachix/install-nix-action@v25
	with:
	nix_path: nixpkgs=channel:nixos-unstable

	- name: Setup Nix Magic Cache
	uses: DeterminateSystems/magic-nix-cache-action@main

	- name: Configure kubectl
	uses: tale/kubectl-action@v1
	with:
	base64-kube-config: ${{ secrets.KUBECONFIG }}

	- name: Check Kubernetes deployment diff
	id: check
	run: \|
	cd kube
	nix build -o ./result .#"${{ matrix.deployment }}"
	kubectl diff -f ./result \| grep -vE 'generation\|LIVE\|MERGED' \| grep -E '^-\|^\+' && echo changed="true" >> $GITHUB_ENV \|\| true

	- name: Apply Kubernetes deployment if changed
	if: ${{ env.changed == 'true' }}
	run: \|
	cd kube
	nix build -o ./result .#"${{ matrix.deployment }}"
	kubectl apply -f ./result

Provide feedback