-
Notifications
You must be signed in to change notification settings - Fork 0
108 lines (100 loc) · 4.16 KB
/
cpanel-reverse-git-deployment.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
name: cPanel Reverse Git Deployment
on:
workflow_call:
inputs:
branch:
type: string
description: "The Git branch in the source repository to synchronize with."
required: true
git-config-user-email:
type: string
description: "The email to use for any git commit operations (including rebasing) during this workflow."
required: true
git-config-user-name:
type: string
description: "The name to use for any git commit operations (including rebasing) during this workflow."
required: true
rsync-filter-file:
type: string
description: "File defining rsync filter rules (See: https://download.samba.org/pub/rsync/rsync.html#FILTER_RULES)."
required: false
rsync-filters:
type: string
description: |
Multiline rsync filter rules (See: https://download.samba.org/pub/rsync/rsync.html#FILTER_RULES).
Example:
```
+ /public-dir-to-sync
+ /private-dir-to-sync
- /*
```
It is good practice to keep the rul `- /*` at the end of your list.
There is also an option for `--exclude='.git/'` set by default in the `inputs.rsync-options`.
required: false
rsync-options:
type: string
description: Base rsync options. Defaults to `-avu --delete --exclude='.git/'`.
required: false
default: "-avu --delete --exclude='.git/'"
secrets:
remote-url:
description: "The Git+SSH URL of the remote repository (e.g. `git@hostname:user/repo.git`, `ssh://user@hostname:port/repo.git`)."
required: true
rsync-source-dir:
description: "Absolute path of the source directory on the remote host."
required: true
ssh-private-key:
description: "The SSH private key used to authenticate with the remote repository."
required: true
jobs:
pull-cpanel-host-deployment:
name: Pull cPanel host deployment
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Checkout source repository
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{ inputs.branch }}
- name: Git config user
run: |
git config --local user.email "${{ inputs.git-config-user-email }}"
git config --local user.name "${{ inputs.git-config-user-name }}"
- name: Parse Git+SSH URL
id: parse-url
uses: drkibitz/github/actions/parse-git-ssh-url@main
with:
url: ${{ secrets.remote-url }}
- name: Setup SSH agent
uses: drkibitz/github/actions/setup-ssh-agent@main
with:
port: ${{ steps.parse-url.outputs.port }}
username: ${{ steps.parse-url.outputs.username }}
hostname: ${{ steps.parse-url.outputs.hostname }}
ssh-private-key: ${{ secrets.ssh-private-key }}
- name: Run rsync remotely
run: |
rsync_filters="${{ inputs.rsync-filters }}"
rsync_filter_file="${{ inputs.rsync-filter-file }}"
if [ -f "$rsync_filter_file" ]; then
rsync_filters+=$'\n'$(cat "$rsync_filter_file")
fi
ssh -o BatchMode=yes -p ${{ steps.parse-url.outputs.port }} ${{ steps.parse-url.outputs.username }}@${{ steps.parse-url.outputs.hostname }} <<EOF
set -e
sync_dest="${{ steps.parse-url.outputs.pathname }}"
eval sync_src="${{ secrets.rsync-source-dir }}"
cd "\${sync_dest/#\/~/~}"
echo "$rsync_filters" | rsync ${{ inputs.rsync-options }} --filter='merge -' "\$sync_src/" .
git add --all
git diff --cached --quiet || git -c user.name="${{ inputs.git-config-user-name }}" -c user.email="${{ inputs.git-config-user-email }}" commit -m "Sync runtime changes from deployment. [skip ci]"
EOF
- name: Sync changes back to local repository
run: |
git pull ${{ secrets.remote-url }} ${{ inputs.branch }} --rebase
git push origin ${{ inputs.branch }}
shell: bash
- name: Teardown SSH agent
uses: drkibitz/github/actions/teardown-ssh-agent@main
if: always()