115 lines
3.6 KiB
YAML
115 lines
3.6 KiB
YAML
name: Deploy Astro Frontend
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
workflow_dispatch:
|
|
|
|
concurrency:
|
|
group: deploy-davegilligan-new
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
deploy:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Check out repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: 22
|
|
cache: npm
|
|
cache-dependency-path: package-lock.json
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: Build Astro site
|
|
run: npm run build
|
|
|
|
- name: Load deployment SSH key
|
|
uses: webfactory/ssh-agent@v0.9.0
|
|
with:
|
|
ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
|
|
|
|
- name: Trust deployment host
|
|
env:
|
|
REMOTE_HOST: ${{ secrets.REMOTE_HOST }}
|
|
SSH_PORT: ${{ secrets.SSH_PORT }}
|
|
run: |
|
|
mkdir -p ~/.ssh
|
|
ssh-keyscan -p "${SSH_PORT:-22}" -H "${REMOTE_HOST}" >> ~/.ssh/known_hosts
|
|
|
|
- name: Package site
|
|
run: tar -czf "site-${GITHUB_SHA}.tar.gz" -C dist .
|
|
|
|
- name: Upload site package
|
|
env:
|
|
REMOTE_HOST: ${{ secrets.REMOTE_HOST }}
|
|
REMOTE_USER: ${{ secrets.REMOTE_USER }}
|
|
SSH_PORT: ${{ secrets.SSH_PORT }}
|
|
run: |
|
|
scp -P "${SSH_PORT:-22}" "site-${GITHUB_SHA}.tar.gz" \
|
|
"${REMOTE_USER}@${REMOTE_HOST}:/tmp/site-${GITHUB_SHA}.tar.gz"
|
|
|
|
- name: Back up current live site
|
|
env:
|
|
REMOTE_HOST: ${{ secrets.REMOTE_HOST }}
|
|
REMOTE_USER: ${{ secrets.REMOTE_USER }}
|
|
REMOTE_PATH: ${{ secrets.REMOTE_PATH }}
|
|
SSH_PORT: ${{ secrets.SSH_PORT }}
|
|
run: |
|
|
PUBLIC_HTML="${REMOTE_PATH:-/home/davegilligan/public_html}"
|
|
ssh -p "${SSH_PORT:-22}" "${REMOTE_USER}@${REMOTE_HOST}" \
|
|
"PUBLIC_HTML='${PUBLIC_HTML}' bash -s" <<'EOF'
|
|
set -e
|
|
HOME_DIR="$(dirname "$PUBLIC_HTML")"
|
|
BACKUP_DIR="$HOME_DIR/backups"
|
|
mkdir -p "$BACKUP_DIR"
|
|
STAMP="$(date +%Y%m%d_%H%M%S)"
|
|
tar -czf "$BACKUP_DIR/public_html-astro_${STAMP}.tar.gz" \
|
|
-C "$HOME_DIR" "$(basename "$PUBLIC_HTML")"
|
|
EOF
|
|
|
|
- name: Deploy static frontend safely
|
|
env:
|
|
REMOTE_HOST: ${{ secrets.REMOTE_HOST }}
|
|
REMOTE_USER: ${{ secrets.REMOTE_USER }}
|
|
REMOTE_PATH: ${{ secrets.REMOTE_PATH }}
|
|
SSH_PORT: ${{ secrets.SSH_PORT }}
|
|
run: |
|
|
PUBLIC_HTML="${REMOTE_PATH:-/home/davegilligan/public_html}"
|
|
DEPLOY_SHA="${GITHUB_SHA}"
|
|
ssh -p "${SSH_PORT:-22}" "${REMOTE_USER}@${REMOTE_HOST}" \
|
|
"PUBLIC_HTML='${PUBLIC_HTML}' DEPLOY_SHA='${DEPLOY_SHA}' bash -s" <<'EOF'
|
|
set -e
|
|
ARCHIVE="/tmp/site-${DEPLOY_SHA}.tar.gz"
|
|
STAGE_DIR="$(mktemp -d /tmp/dg-astro-XXXXXX)"
|
|
|
|
tar -xzf "$ARCHIVE" -C "$STAGE_DIR"
|
|
|
|
rsync -a --delete \
|
|
--filter='P /api/***' \
|
|
--filter='P /admin/***' \
|
|
--filter='P /uploads/***' \
|
|
--filter='P /matomo/***' \
|
|
--filter='P /live/***' \
|
|
--filter='P /frontend/***' \
|
|
--filter='P /db/***' \
|
|
--filter='P /vendor/***' \
|
|
--filter='P /.git/***' \
|
|
--filter='P /.claude/***' \
|
|
--filter='P /.well-known/***' \
|
|
--filter='P /config.php' \
|
|
--filter='P /composer.json' \
|
|
--filter='P /composer.lock' \
|
|
--filter='P /.cpanel.yml' \
|
|
"$STAGE_DIR"/ "$PUBLIC_HTML"/
|
|
|
|
rm -rf "$STAGE_DIR" "$ARCHIVE"
|
|
EOF
|