mirror of
https://github.com/renee-png/acmcc.git
synced 2026-06-21 01:40:01 +00:00
admin
220892203c
After the build check passes, SSH to the VPS with a forced-command key (can only run deploy.sh) which pulls main, builds, and rsyncs dist/ to public_html. Replaces the manual `ssh myvps ... deploy.sh` step. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
49 lines
1.4 KiB
YAML
49 lines
1.4 KiB
YAML
name: CI
|
|
|
|
on:
|
|
push:
|
|
branches: ["main"]
|
|
pull_request:
|
|
branches: ["main"]
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Setup Bun
|
|
uses: oven-sh/setup-bun@v2
|
|
with:
|
|
bun-version: latest
|
|
|
|
- name: Install dependencies
|
|
# --ignore-scripts skips native postinstall builds (e.g. canvas) that
|
|
# aren't needed for the Vite browser build and fail on CI runners.
|
|
run: bun install --frozen-lockfile --ignore-scripts
|
|
|
|
- name: Build
|
|
run: bun run build
|
|
|
|
deploy:
|
|
# Auto-deploy to the VPS (avria.cloud) on every push to main.
|
|
# The SSH key is restricted on the server (forced command): it can only
|
|
# run /home/avria/deploy.sh, which pulls main, builds, and rsyncs
|
|
# dist/ -> public_html. The command string below is therefore ignored
|
|
# by the server but kept descriptive.
|
|
needs: build
|
|
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Deploy to VPS
|
|
run: |
|
|
mkdir -p ~/.ssh
|
|
printf '%s\n' "$VPS_DEPLOY_KEY" > ~/.ssh/deploy_key
|
|
chmod 600 ~/.ssh/deploy_key
|
|
printf '%s\n' "$VPS_HOST_KEY" > ~/.ssh/known_hosts
|
|
ssh -i ~/.ssh/deploy_key -o IdentitiesOnly=yes avria@2.25.155.250 "deploy main"
|
|
env:
|
|
VPS_DEPLOY_KEY: ${{ secrets.VPS_DEPLOY_KEY }}
|
|
VPS_HOST_KEY: ${{ secrets.VPS_HOST_KEY }}
|