Reoclo in CI
Reoclo’s CI integrations let your pipeline drive your servers — clone a repo onto a server, run
commands, authenticate to a private registry, and sync proxy routes after a deploy — with every
operation audited. The same four operations are available on every CI system, because each
integration is a thin wrapper around one engine: the reoclo CLI.
Choose your CI
Section titled “Choose your CI”| CI system | How you use it | Guide |
|---|---|---|
| GitHub Actions | uses: reoclo/checkout@v2 (+ run, docker-auth) | GitHub Actions |
| Gitea Actions | uses: https://github.com/reoclo/checkout@v2 | below |
| Woodpecker | image: reoclo/ci with settings.command | below |
| Anything else | curl -sSL https://get.reoclo.com | sh then reoclo … | CLI in CI |
All of them authenticate with a Reoclo automation API key (rca_*) — create one under
API Keys → Automation Keys (reference) and store it as a CI secret. The CI
run context (repository, workflow, actor, commit) is detected automatically and recorded in your
audit trail.
The operations
Section titled “The operations”| Operation | What it does | GitHub/Gitea action | Woodpecker command | CLI |
|---|---|---|---|---|
| checkout | Clone/update a repo on the server | reoclo/checkout | checkout | reoclo checkout |
| run | Execute a command on the server | reoclo/run | exec | reoclo exec |
| docker-auth | Log in/out of a registry on the server | reoclo/docker-auth | registry-login / registry-logout | reoclo registry login/logout |
| deploy-sync | Sync proxy routes after a deploy | reoclo/deploy-sync | deploy-sync | reoclo deploy sync |
GitHub Actions
Section titled “GitHub Actions”The primary, fully-documented surface. Actions are published at reoclo/{checkout,run,docker-auth,deploy-sync}
with a moving v2 tag:
- uses: reoclo/checkout@v2 with: api_key: ${{ secrets.REOCLO_API_KEY }} server_id: ${{ secrets.REOCLO_SERVER_ID }} path: /srv/reoclo/myapp- uses: reoclo/run@v2 with: api_key: ${{ secrets.REOCLO_API_KEY }} server_id: ${{ secrets.REOCLO_SERVER_ID }} working_directory: /srv/reoclo/myapp command: docker compose -f docker-compose.prod.yml up -dSee the GitHub Actions guide for the full input/output reference and recipes (multi-environment, sparse checkout, GHES, registry auth, blue/green).
Gitea Actions
Section titled “Gitea Actions”The same actions run on a self-hosted Gitea act_runner. The integrations are pure shell (no Node
runtime), so they behave identically to GitHub. Reference them by their full GitHub URL — this
works on any runner that can reach github.com:
- uses: https://github.com/reoclo/checkout@v2 with: api_key: ${{ secrets.REOCLO_API_KEY }} server_id: ${{ secrets.REOCLO_SERVER_ID }}- uses: https://github.com/reoclo/run@v2 with: api_key: ${{ secrets.REOCLO_API_KEY }} server_id: ${{ secrets.REOCLO_SERVER_ID }} command: docker compose up -dAll GitHub Actions inputs/outputs are identical on Gitea — the GitHub Actions guide applies verbatim.
Woodpecker
Section titled “Woodpecker”Woodpecker has no action runtime, so the integration ships as a single plugin image, reoclo/ci
(also ghcr.io/reoclo/ci), with the CLI baked in. settings.command selects the operation and the
other settings.* map to flags:
steps: deploy: image: reoclo/ci:1 settings: command: exec api_key: { from_secret: reoclo_key } server_id: 00000000-0000-0000-0000-000000000000 command_line: docker compose -f docker-compose.prod.yml up -d timeout: 600Notes specific to Woodpecker:
settings.commandis the operation (exec | checkout | registry-login | registry-logout | deploy-sync); forexecthe shell command issettings.command_line(becausecommandis taken).- There are no step outputs — set
settings.output_file(e.g..reoclo/out.env) to writeKEY=valuelines for a later step tosource. - There’s no post hook, so
docker-authcleanup is a separateregistry-logoutstep withwhen: { status: [success, failure] }.
Any other CI / shell
Section titled “Any other CI / shell”Every wrapper is just the CLI. On any runner with a shell, install it and call it directly:
curl -sSL https://get.reoclo.com | shexport REOCLO_AUTOMATION_KEY="$REOCLO_API_KEY" # rca_* automation keyreoclo checkout "$SERVER_ID" --repository owner/repo --ref "$COMMIT" --path /srv/reoclo/myapp --output jsonreoclo exec "$SERVER_ID" --cwd /srv/reoclo/myapp -- docker compose up -dSee Using the CLI in CI for the full command surface and output contracts.