From 49fa59b277a44a0dda556df7de04b728fd58f553 Mon Sep 17 00:00:00 2001
From: Nick Clyde <nick@clyde.tech>
Date: Tue, 3 Sep 2024 16:33:49 -0700
Subject: [PATCH] Use scp to send binary

---
 .github/workflows/deployment.yaml | 39 +++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)

diff --git a/.github/workflows/deployment.yaml b/.github/workflows/deployment.yaml
index 687c303..a5c071e 100644
--- a/.github/workflows/deployment.yaml
+++ b/.github/workflows/deployment.yaml
@@ -30,3 +30,42 @@ jobs:
           azcliversion: latest
           inlineScript: |
             az account show
+
+      - name: Allow GitHub Runner IP
+        uses: azure/cli@v2
+        with:
+          inlineScript: |
+            set -eu
+            agentIP=$(curl -s https://api.ipify.org/)
+            az network nsg rule create \
+              --resource-group phinvads-go \
+              --nsg-name phinvads-go-nsg \
+              --name AllowSSHFromGitHubActions \
+              --priority 200 \
+              --direction Inbound \
+              --access Allow \
+              --protocol Tcp \
+              --destination-port-ranges 22 \
+              --source-address-prefixes $agentIP \
+              --destination-address-prefixes '*' \
+              --description "Allow SSH from GitHub Actions"
+            sleep 30
+
+      - name: Deploy phinvads-go to VM
+        env:
+          AZURE_VM_IP: ${{ secrets.AZURE_VM_IP }}
+          AZURE_VM_SSH_KEY: ${{ secrets.AZURE_VM_SSH_KEY }}
+        run: |
+          go build -o phinvads-go ./cmd/phinvads-go
+          scp -i <(echo "$AZURE_VM_SSH_KEY") ./phinvads-go azureuser@${AZURE_VM_IP}:/home/azureuser/phinvads-go
+
+      - name: Disallow GitHub Runner IP
+        uses: azure/cli@v2
+        with:
+          inlineScript: |
+            set -eu
+            agentIP=$(curl -s https://api.ipify.org/)
+            az network nsg rule remove \
+              --resource-group phinvads-go \
+              --nsg-name phinvads-go-nsg \
+              --name AllowSSHFromGitHubActions