From 2964949230890df23eb5cc7337bbfe9e8fa65072 Mon Sep 17 00:00:00 2001 From: "tan.nguyen" Date: Sun, 28 Jan 2024 09:20:26 +0700 Subject: [PATCH 1/3] Setup CI. --- .circleci/config.yml | 1 + .devtools/add-ssh-key.sh | 39 +++++++++++ .devtools/deploy.sh | 16 ----- .github/workflows/ci.yml | 138 +++++++++++++++++++++++++++++++++++++++ 4 files changed, 178 insertions(+), 16 deletions(-) create mode 100755 .devtools/add-ssh-key.sh create mode 100644 .github/workflows/ci.yml diff --git a/.circleci/config.yml b/.circleci/config.yml index 65e2bcc..dacdae5 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -120,6 +120,7 @@ jobs: - add_ssh_keys: fingerprints: - *deploy_ssh_fingerprint + - run: .devtools/add-ssh-key.sh - run: DEPLOY_BRANCH=${DEPLOY_BRANCH:-${CIRCLE_BRANCH}} .devtools/deploy.sh workflows: diff --git a/.devtools/add-ssh-key.sh b/.devtools/add-ssh-key.sh new file mode 100755 index 0000000..5bca419 --- /dev/null +++ b/.devtools/add-ssh-key.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +## +# Add ssh key. +# +# - adds deployment SSH key to SSH agent +# +# It is a good practice to create a separate Deployer user with own SSH key for +# every project. + +set -eu +[ -n "${DEBUG:-}" ] && set -x + +# The fingerprint of the SSH key of the user on behalf of which the deployment +# is performed. +DEPLOY_SSH_FINGERPRINT="${DEPLOY_SSH_FINGERPRINT:-}" + +[ -z "${DEPLOY_SSH_FINGERPRINT}" ] && echo "ERROR: Missing required value for DEPLOY_SSH_FINGERPRINT" && exit 1 + +# echo "> Configure SSH to connect to remote servers for deployment." +ls -al "${HOME}/.ssh/" +mkdir -p "${HOME}/.ssh/" +echo -e "Host *\n\tStrictHostKeyChecking no\n" >"${HOME}/.ssh/config" +DEPLOY_SSH_FILE="${DEPLOY_SSH_FINGERPRINT//:/}" +DEPLOY_SSH_FILE="${HOME}/.ssh/id_rsa" +[ ! -f "${DEPLOY_SSH_FILE:-}" ] && echo "ERROR: Unable to find Deploy SSH key file ${DEPLOY_SSH_FILE}." && exit 1 +if [ -z "${SSH_AGENT_PID:-}" ]; then eval "$(ssh-agent)"; fi +ssh-add -D >/dev/null +ssh-add "${DEPLOY_SSH_FILE}" + +echo "-------------------------------" +echo " Configure SSH " +echo "-------------------------------" +echo +echo "DEPLOY SSH FILE : ${DEPLOY_SSH_FILE}" +echo "DEPLOY SSH FINGERPRINT : ${DEPLOY_SSH_FINGERPRINT}" +echo +echo "> Next steps:" +echo " .devtools/deploy.sh # Deploy to remote" +echo diff --git a/.devtools/deploy.sh b/.devtools/deploy.sh index cf72afb..7f66cc2 100755 --- a/.devtools/deploy.sh +++ b/.devtools/deploy.sh @@ -3,7 +3,6 @@ # Deploy code to a remote repository. # # - configures local git -# - adds deployment SSH key to SSH agent # - force-pushes code to a remote code repository branch # # It is a good practice to create a separate Deployer user with own SSH key for @@ -34,10 +33,6 @@ DEPLOY_REMOTE="${DEPLOY_REMOTE:-}" # Git branch to deploy. If not provided - current branch will be used. DEPLOY_BRANCH="${DEPLOY_BRANCH:-}" -# The fingerprint of the SSH key of the user on behalf of which the deployment -# is performed. -DEPLOY_SSH_FINGERPRINT="${DEPLOY_SSH_FINGERPRINT:-}" - # Set to 1 if the deployment should proceed. Useful for testing CI configuration # before an actual code push. DEPLOY_PROCEED="${DEPLOY_PROCEED:-0}" @@ -51,20 +46,9 @@ echo "-------------------------------" [ -z "${DEPLOY_USER_NAME}" ] && echo "ERROR: Missing required value for DEPLOY_USER_NAME" && exit 1 [ -z "${DEPLOY_USER_EMAIL}" ] && echo "ERROR: Missing required value for DEPLOY_USER_EMAIL" && exit 1 [ -z "${DEPLOY_REMOTE}" ] && echo "ERROR: Missing required value for DEPLOY_REMOTE" && exit 1 -[ -z "${DEPLOY_SSH_FINGERPRINT}" ] && echo "ERROR: Missing required value for DEPLOY_SSH_FINGERPRINT" && exit 1 [ "${DEPLOY_PROCEED}" != "1" ] && echo "> Skip deployment because $DEPLOY_PROCEED is not set to 1" && exit 0 -echo "> Configure git and SSH to connect to remote servers for deployment." -mkdir -p "${HOME}/.ssh/" -echo -e "Host *\n\tStrictHostKeyChecking no\n" >"${HOME}/.ssh/config" -DEPLOY_SSH_FILE="${DEPLOY_SSH_FINGERPRINT//:/}" -DEPLOY_SSH_FILE="${HOME}/.ssh/id_rsa_${DEPLOY_SSH_FILE//\"/}" -[ ! -f "${DEPLOY_SSH_FILE:-}" ] && echo "ERROR: Unable to find Deploy SSH key file ${DEPLOY_SSH_FILE}." && exit 1 -if [ -z "${SSH_AGENT_PID:-}" ]; then eval "$(ssh-agent)"; fi -ssh-add -D >/dev/null -ssh-add "${DEPLOY_SSH_FILE}" - echo "> Configure git user name and email, but only if not already set." [ "$(git config --global user.name)" == "" ] && echo "> Configure global git user name ${DEPLOY_USER_NAME}." && git config --global user.name "${DEPLOY_USER_NAME}" [ "$(git config --global user.email)" == "" ] && echo "> Configure global git user email ${DEPLOY_USER_EMAIL}." && git config --global user.email "${DEPLOY_USER_EMAIL}" diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..fcd3e2b --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,138 @@ +name: CI-CD + +on: + push: + branches: + - main + - ci-test + - 9.x + - 10.x + tags: + - '*' + pull_request: + branches: + - main + +jobs: + build-and-test: + runs-on: 'ubuntu-20.04' + + strategy: + fail-fast: false + matrix: + include: + - php-versions: '8.1' + drupal-versions: 'stable' + + - php-versions: '8.2' + drupal-versions: 'stable' + + - php-versions: '8.1' + drupal-versions: '9.5' + drupal-project-hash: '9.x' + + - php-versions: '8.2' + drupal-versions: '9.5' + drupal-project-hash: '9.x' + + - php-versions: '8.2' + drupal-version: '10@beta' + + env: + DRUPAL_VERSION: ${{ matrix.drupal-versions }} + DRUPAL_PROJECT_SHA: ${{ matrix.drupal-project-hash }} + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Cache Composer dependencies + uses: actions/cache@v4 + with: + path: /tmp/composer-cache + key: ${{ runner.os }}-${{ hashFiles('**/composer.lock') }} + + - name: Setup PHP + uses: shivammathur/setup-php@v2 + with: + php-version: ${{ matrix.php-versions }} + + - name: Test + run: echo "$DRUPAL_PROJECT_SHA $DRUPAL_VERSION. Today is $DAY_OF_WEEK!" + + - name: Build the codebase + run: .devtools/build-codebase.sh + + - name: Start built-in PHP server + run: .devtools/start-server.sh + + - name: Provision site + run: .devtools/provision.sh + + - name: Lint code with PHPCS + working-directory: build + run: vendor/bin/phpcs || [ "${CI_PHPCS_IGNORE_FAILURE:-0}" -eq 1 ] + + - name: Lint code with PHPStan + working-directory: build + run: vendor/bin/phpstan || [ "${CI_PHPSTAN_IGNORE_FAILURE:-0}" -eq 1 ] + + - name: Lint code with Rector + working-directory: build + run: vendor/bin/rector --clear-cache --dry-run || [ "${CI_RECTOR_IGNORE_FAILURE:-0}" -eq 1 ] + + - name: Lint code with PHPMD + working-directory: build + run: vendor/bin/phpmd . text phpmd.xml || [ "${CI_PHPMD_IGNORE_FAILURE:-0}" -eq 1 ] + + - name: Lint code with Twigcs + working-directory: build + run: vendor/bin/twigcs || [ "${CI_TWIGCS_IGNORE_FAILURE:-0}" -eq 1 ] + + - name: Run tests + run: .devtools/test.sh || [ "${CI_TEST_IGNORE_FAILURE:-0}" -eq 1 ] + + - name: Process artifacts + uses: actions/upload-artifact@v4 + with: + name: Artifacts (${{ join(matrix.*, ', ') }}) + path: build/web/sites/simpletest/browser_output + + deploy: + needs: [ build-and-test ] + if: | + + github.event_name == 'push' && (github.event.ref_type == 'tag' + || github.event.ref == 'refs/heads/10.x' + || github.event.ref == 'refs/heads/9.x' + || github.event.ref == 'refs/heads/main' + || github.event.ref == 'refs/heads/ci-test') + + runs-on: 'ubuntu-20.04' + + env: + DEPLOY_USER_NAME: ${{ secrets.DEPLOY_USER_NAME }} + DEPLOY_USER_EMAIL: ${{ secrets.DEPLOY_USER_NAME }} + DEPLOY_REMOTE: ${{ secrets.DEPLOY_REMOTE }} + DEPLOY_PROCEED: ${{ secrets.DEPLOY_PROCEED }} + + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Install SSH key + uses: shimataro/ssh-key-action@v2 + with: + key: ${{ secrets.SSH_KEY }} + name: id_rsa + known_hosts: unnecessary + config: | + Host * + StrictHostKeyChecking no + + - name: Deploy to Remote + run: DEPLOY_BRANCH=${DEPLOY_BRANCH:-${GITHUB_REF_NAME}} .devtools/deploy.sh + + From fce5ee2a3370dd8b82984f43858015d5e8c080ec Mon Sep 17 00:00:00 2001 From: "tan.nguyen" Date: Tue, 30 Jan 2024 15:55:37 +0700 Subject: [PATCH 2/3] - Use singular form php-version and drupal-version. - Remove empty lines. - Remove test code. - Rename GHA. --- .github/workflows/ci.yml | 30 ++++++++++++------------------ 1 file changed, 12 insertions(+), 18 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index fcd3e2b..d2c6245 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,4 +1,4 @@ -name: CI-CD +name: CI on: push: @@ -18,24 +18,23 @@ jobs: runs-on: 'ubuntu-20.04' strategy: - fail-fast: false matrix: include: - - php-versions: '8.1' - drupal-versions: 'stable' + - php-version: '8.1' + drupal-version: 'stable' - - php-versions: '8.2' - drupal-versions: 'stable' + - php-version: '8.2' + drupal-version: 'stable' - - php-versions: '8.1' - drupal-versions: '9.5' + - php-version: '8.1' + drupal-version: '9.5' drupal-project-hash: '9.x' - - php-versions: '8.2' - drupal-versions: '9.5' + - php-version: '8.2' + drupal-version: '9.5' drupal-project-hash: '9.x' - - php-versions: '8.2' + - php-version: '8.2' drupal-version: '10@beta' env: @@ -57,9 +56,6 @@ jobs: with: php-version: ${{ matrix.php-versions }} - - name: Test - run: echo "$DRUPAL_PROJECT_SHA $DRUPAL_VERSION. Today is $DAY_OF_WEEK!" - - name: Build the codebase run: .devtools/build-codebase.sh @@ -99,9 +95,9 @@ jobs: path: build/web/sites/simpletest/browser_output deploy: - needs: [ build-and-test ] + needs: + - build-and-test if: | - github.event_name == 'push' && (github.event.ref_type == 'tag' || github.event.ref == 'refs/heads/10.x' || github.event.ref == 'refs/heads/9.x' @@ -134,5 +130,3 @@ jobs: - name: Deploy to Remote run: DEPLOY_BRANCH=${DEPLOY_BRANCH:-${GITHUB_REF_NAME}} .devtools/deploy.sh - - From 457ddefe50cf1c46639b48a38c36124a63dddcbb Mon Sep 17 00:00:00 2001 From: "tan.nguyen" Date: Tue, 30 Jan 2024 16:51:49 +0700 Subject: [PATCH 3/3] Update filter branch for push event. --- .github/workflows/ci.yml | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d2c6245..d3a2a60 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -5,8 +5,11 @@ on: branches: - main - ci-test - - 9.x - - 10.x + - '[0-9]+.[0-9]+.x' + - '[0-9]+.x' + - '[0-9]+.x-[0-9]+.x' + - 'ci' + - 'ci-*' tags: - '*' pull_request: @@ -98,11 +101,12 @@ jobs: needs: - build-and-test if: | - github.event_name == 'push' && (github.event.ref_type == 'tag' - || github.event.ref == 'refs/heads/10.x' - || github.event.ref == 'refs/heads/9.x' - || github.event.ref == 'refs/heads/main' - || github.event.ref == 'refs/heads/ci-test') + github.event_name == 'push' && (github.event.ref_type == 'tag' + || github.event.ref == 'refs/heads/10.x' + || github.event.ref == 'refs/heads/9.x' + || github.event.ref == 'refs/heads/main' + || github.event.ref == 'refs/heads/ci-test' + || github.event.ref == 'refs/heads/ci') runs-on: 'ubuntu-20.04'