Add initial project files (#2) #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy via ftp | |
| on: | |
| push: | |
| branches: [main] | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| deploy: | |
| name: Deploy to FTP | |
| runs-on: ubuntu-latest | |
| outputs: | |
| semVer: ${{ steps.gitversion.outputs.semVer }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: dorny/paths-filter@v3 | |
| id: changes | |
| with: | |
| filters: | | |
| src: | |
| - "Src/**" | |
| - name: Install GitVersion | |
| uses: gittools/actions/gitversion/setup@v0 | |
| with: | |
| versionSpec: "5.x" | |
| - name: Determine Version | |
| id: gitversion | |
| uses: gittools/actions/gitversion/execute@v0 | |
| with: | |
| useConfigFile: true | |
| - name: Cache Composer dependencies | |
| uses: actions/cache@v4 | |
| if: ${{ steps.changes.outputs.src == 'true' }} | |
| with: | |
| path: /tmp/composer-cache | |
| key: ${{ runner.os }}-${{ hashFiles('**/composer.lock') }} | |
| - name: Install dependencies | |
| uses: "php-actions/composer@v6" | |
| if: ${{ steps.changes.outputs.src == 'true' }} | |
| with: | |
| php_extensions: sockets | |
| dev: no | |
| progress: yes | |
| working_dir: "./Src/" | |
| - name: Create failed directory | |
| if: ${{ steps.changes.outputs.src == 'true' }} | |
| run: | | |
| mkdir -p Src/failed | |
| - name: Create .htaccess secrets file | |
| if: ${{ steps.changes.outputs.src == 'true' }} | |
| run: | | |
| cd Src | |
| mkdir -p secrets | |
| cd secrets | |
| echo "Deny from all" >> .htaccess | |
| - name: Create GitHub secrets file | |
| if: ${{ steps.changes.outputs.src == 'true' }} | |
| run: | | |
| cd Src | |
| mkdir -p secrets | |
| cd secrets | |
| echo "<?php" >> gitHub.secrets.php | |
| echo "\$gitHubWebhookSignature = \"${{ secrets.WEBHOOK_SIGNATURE }}\";" >> gitHub.secrets.php | |
| - name: Create HealthCheck secrets file | |
| if: ${{ steps.changes.outputs.src == 'true' }} | |
| run: | | |
| cd Src | |
| mkdir -p secrets | |
| cd secrets | |
| echo "<?php" >> healthChecksIo.secrets.php | |
| echo "\$healthChecksIoCleanup = \"${{ secrets.HEALTHCHECKSIO_CLEANUP }}\";" >> healthChecksIo.secrets.php | |
| echo "\$healthChecksIoConsumer = \"${{ secrets.HEALTHCHECKSIO_CONSUMER }}\";" >> healthChecksIo.secrets.php | |
| - name: Create MySQL secrets file | |
| if: ${{ steps.changes.outputs.src == 'true' }} | |
| run: | | |
| cd Src | |
| mkdir -p secrets | |
| cd secrets | |
| echo "<?php" >> mySql.secrets.php | |
| echo "\$mySqlHost = \"127.0.0.1\";" >> mySql.secrets.php | |
| echo "\$mySqlUser = \"${{ secrets.MYSQL_USER }}\";" >> mySql.secrets.php | |
| echo "\$mySqlPassword = \"${{ secrets.MYSQL_PASSWORD }}\";" >> mySql.secrets.php | |
| echo "\$mySqlDatabase = \"${{ secrets.MYSQL_DATABASE }}\";" >> mySql.secrets.php | |
| - name: Create One Signal secrets file | |
| if: ${{ steps.changes.outputs.src == 'true' }} | |
| run: | | |
| cd Src | |
| mkdir -p secrets | |
| cd secrets | |
| echo "<?php" >> oneSignal.secrets.php | |
| echo "\$oneSignalApiKey = \"${{ secrets.ONESIGNAL_APIKEY }}\";" >> oneSignal.secrets.php | |
| - name: Create RabbitMQ secrets file | |
| if: ${{ steps.changes.outputs.src == 'true' }} | |
| run: | | |
| cd Src | |
| mkdir -p secrets | |
| cd secrets | |
| echo "<?php" >> rabbitMq.secrets.php | |
| echo "\$rabbitMqConnectionStrings[] = \"${{ secrets.RABBITMQ_CS1 }}\";" >> rabbitMq.secrets.php | |
| echo "\$rabbitMqConnectionStrings[] = \"${{ secrets.RABBITMQ_CS2 }}\";" >> rabbitMq.secrets.php | |
| echo "\$rabbitMqConnectionStrings[] = \"${{ secrets.RABBITMQ_CS3 }}\";" >> rabbitMq.secrets.php | |
| - name: Zip files | |
| if: ${{ steps.changes.outputs.src == 'true' }} | |
| run: | | |
| cd Src | |
| zip -r deploy.zip . -x install.php | |
| cd .. | |
| mkdir Deploy | |
| mv Src/deploy.zip Deploy | |
| cp "Src/install.php" Deploy | |
| - name: Upload service | |
| if: ${{ steps.changes.outputs.src == 'true' }} | |
| uses: sebastianpopp/ftp-action@releases/v2 | |
| with: | |
| host: ${{ secrets.FTP_SERVER }} | |
| user: ${{ secrets.FTP_USERNAME }} | |
| password: ${{ secrets.FTP_PASSWORD }} | |
| localDir: "Deploy/" | |
| remoteDir: "/webhooks/deploy" | |
| - name: Call install endpoint | |
| if: ${{ steps.changes.outputs.src == 'true' }} | |
| run: | | |
| curl "${{ secrets.WEBHOOK_ENDPOINT }}deploy/install.php" | |
| database_migrations: | |
| name: Database migrations | |
| runs-on: ubuntu-latest | |
| needs: [deploy] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Check changes in Sql folder | |
| uses: dorny/paths-filter@v3 | |
| id: changes | |
| with: | |
| filters: | | |
| sql: | |
| - "Sql/**" | |
| - "Tools/**" | |
| - name: Attach WireGuard connection | |
| shell: bash | |
| run: | | |
| sudo apt install resolvconf | |
| sudo apt install wireguard | |
| echo "${{ secrets.WIREGUARD_CONFIG }}" > wg0.conf | |
| sudo chmod 600 wg0.conf | |
| sudo wg-quick up ./wg0.conf | |
| - name: Check if schema version table exists | |
| id: new_installation | |
| if: ${{ steps.changes.outputs.sql != 'true' }} | |
| env: | |
| MYSQL_PWD: ${{ secrets.MYSQL_PASSWORD_MIGRATION }} | |
| run: | | |
| chmod +x Tools/db-check.sh | |
| Tools/db-check.sh "${{ secrets.MYSQL_SERVER }}" "${{ secrets.MYSQL_USER_MIGRATION }}" "${{ secrets.MYSQL_DATABASE }}" | |
| - name: Run database migrations | |
| if: ${{ steps.changes.outputs.sql == 'true' || steps.new_installation.outputs.not_found == 'true' }} | |
| env: | |
| MYSQL_PWD: ${{ secrets.MYSQL_PASSWORD_MIGRATION }} | |
| run: | | |
| chmod +x Tools/db-migration.sh | |
| Tools/db-migration.sh Sql "${{ secrets.MYSQL_SERVER }}" "${{ secrets.MYSQL_USER_MIGRATION }}" "${{ secrets.MYSQL_DATABASE }}" | |
| - name: Detach WireGuard connection | |
| shell: bash | |
| run: sudo wg-quick down ./wg0.conf | |
| automated-api-tests: | |
| name: Automated API tests (Postman) | |
| runs-on: ubuntu-latest | |
| needs: [deploy, database_migrations] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Check changes | |
| uses: dorny/paths-filter@v3 | |
| id: changes | |
| with: | |
| filters: | | |
| any: | |
| - "Sql/**" | |
| - "Src/**" | |
| - "Tools/**" | |
| - name: Install Postman CLI | |
| if: ${{ steps.changes.outputs.any == 'true' }} | |
| run: | | |
| curl -o- "https://dl-cli.pstmn.io/install/linux64.sh" | sh | |
| - name: Login to Postman CLI | |
| if: ${{ steps.changes.outputs.any == 'true' }} | |
| run: postman login --with-api-key ${{ secrets.POSTMAN_API_KEY }} | |
| - name: Run API tests | |
| if: ${{ steps.changes.outputs.any == 'true' }} | |
| run: | | |
| postman collection run 23511-e64f4d39-3587-48d5-a005-b466b5aca424 -e 23511-95105c79-d4eb-4388-9ff9-eb5dee83fdcf | |
| create_release: | |
| name: Create release | |
| needs: [deploy, database_migrations, automated-api-tests] | |
| env: | |
| SEMVER: ${{ needs.deploy.outputs.semVer }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Create Release | |
| uses: ncipollo/[email protected] | |
| with: | |
| skipIfReleaseExists: true | |
| allowUpdates: false | |
| draft: false | |
| makeLatest: true | |
| tag: v${{ env.SEMVER }} | |
| name: Release v${{ env.SEMVER }} | |
| generateReleaseNotes: true | |
| body: Release ${{ env.SEMVER }} of ${{ github.repository }} |