when: branch: main event: push steps: - name: debug-secrets image: alpine environment: MY_HOST: from_secret: PROD_SSH_HOST MY_USER: from_secret: PROD_SSH_USER commands: - echo "HOST = $MY_HOST" - echo "USER = $MY_USER" - name: build-assets image: node:20-alpine commands: - cd wp-content/themes/xkater - if [ -f package.json ]; then npm ci && npm run build; fi - name: deploy-production image: alpine environment: SSH_KEY: from_secret: PROD_SSH_KEY SSH_HOST: from_secret: PROD_SSH_HOST SSH_USER: from_secret: PROD_SSH_USER REMOTE_PATH: from_secret: REMOTE_PATH commands: - apk add --no-cache rsync openssh-client - mkdir -p ~/.ssh - echo "$SSH_KEY" > ~/.ssh/id_rsa - chmod 600 ~/.ssh/id_rsa - ssh-keyscan -H $SSH_HOST >> ~/.ssh/known_hosts - | rsync -avz \ --exclude='uploads/' \ --exclude='plugins/akismet/' \ --exclude='plugins/index.php' \ --exclude='.git/' \ --exclude='node_modules/' \ --exclude='.DS_Store' \ --exclude='mu-plugins/local-dev-performance.php' \ -e "ssh -i ~/.ssh/id_rsa -p 22 -o StrictHostKeyChecking=no" \ ./wp-content/ \ $SSH_USER@$SSH_HOST:$REMOTE_PATH/wp-content/ - name: flush-cache image: alpine environment: SSH_KEY: from_secret: PROD_SSH_KEY SSH_HOST: from_secret: PROD_SSH_HOST SSH_USER: from_secret: PROD_SSH_USER REMOTE_PATH: from_secret: REMOTE_PATH commands: - apk add --no-cache openssh-client - mkdir -p ~/.ssh - echo "$SSH_KEY" > ~/.ssh/id_rsa - chmod 600 ~/.ssh/id_rsa - ssh-keyscan -H $SSH_HOST >> ~/.ssh/known_hosts - | ssh -i ~/.ssh/id_rsa -o StrictHostKeyChecking=no $SSH_USER@$SSH_HOST " cd $REMOTE_PATH if command -v wp > /dev/null 2>&1; then wp cache flush; fi touch wp-config.php "