ItinerisLtd · danlapteacru · May 9, 2024 · May 9, 2024 · May 9, 2024 · May 9, 2024
diff --git a/.github/workflows/ci-radicle.properties.json b/.github/workflows/ci-radicle.properties.json
@@ -0,0 +1,13 @@
+{
+  "name": "Build and test Radicle",
+  "description": "Build Webpack assets and run phpcs",
+  "categories": [
+    "php",
+    "js",
+    "scss"
+  ],
+  "filePatterns": [
+    "composer.json$",
+    "package.json$"
+  ]
+}
diff --git a/.github/workflows/ci-radicle.yml b/.github/workflows/ci-radicle.yml
@@ -0,0 +1,119 @@
+# yamllint disable-line rule:document-start
+name: ci-radicle
+
+# yamllint disable-line rule:truthy
+on:
+  workflow_call:
+    inputs:
+      NODE_VERSION:
+        type: number
+        default: 20
+        required: false
+      PHP_VERSION:
+        type: number
+        default: 8.1
+        required: false
+      NPM_BUILD_CMD:
+        type: string
+        default: yarn build:production
+        required: false
+    secrets:
+      FONTAWESOME_NPM_AUTH_TOKEN:
+        required: false
+      PRIVATE_PACKAGIST_TOKEN:
+        required: false
+
+jobs:
+  check-theme-changes:
+    # yamllint disable-line rule:line-length
+    runs-on: ubuntu-latest
+    outputs:
+      RADICLE_CHANGED: ${{ steps.diff.outputs.RADICLE_CHANGED }}
+    steps:
+      - uses: actions/checkout@v4
+
+      - id: diff
+        run: |
+          git fetch --no-tags --prune --depth=1 origin ${{ github.event.repository.default_branch }}
+          CHANGED_FILES=$(git diff origin/${{ github.event.repository.default_branch }} HEAD --name-only --diff-filter=ACMRT /
+          FILES_CHANGED=$([ -z ${CHANGED_FILES} ] && echo 'false' || echo 'true')
+          echo "RADICLE_CHANGED=${FILES_CHANGED}" >> "${GITHUB_OUTPUT}"
+
+  node:
+    name: build-production-assets
+    needs: check-theme-changes
+    if: ${{ needs.check-theme-changes.outputs.RADICLE_CHANGED == 'true' }}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node ${{ inputs.NODE_VERSION }}
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ inputs.NODE_VERSION }}
+          cache: yarn
+          # yamllint disable-line rule:line-length
+          cache-dependency-path: yarn.lock
+        env:
+          FONTAWESOME_NPM_AUTH_TOKEN: ${{ secrets.FONTAWESOME_NPM_AUTH_TOKEN }}
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Install dependencies with Yarn
+        run: yarn install --frozen-lockfile --prefer-offline --verbose
+        env:
+          FONTAWESOME_NPM_AUTH_TOKEN: ${{ secrets.FONTAWESOME_NPM_AUTH_TOKEN }}
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Generate Font Awesome Blade Icons
+        run: grep --quiet 'icons:prepare' package.json && yarn icons:prepare || echo 'No icons to prepare'
+        env:
+          FONTAWESOME_NPM_AUTH_TOKEN: ${{ secrets.FONTAWESOME_NPM_AUTH_TOKEN }}
+
+      - name: Build and compile assets
+        run: ${{ inputs.NPM_BUILD_CMD }}
+        env:
+          FONTAWESOME_NPM_AUTH_TOKEN: ${{ secrets.FONTAWESOME_NPM_AUTH_TOKEN }}
+
+  php:
+    name: php-style-check
+    needs: check-theme-changes
+    if: ${{ needs.check-theme-changes.outputs.RADICLE_CHANGED == 'true' }}
+    runs-on: ubuntu-latest
+    env:
+      PRIVATE_PACKAGIST_TOKEN: ${{ secrets.PRIVATE_PACKAGIST_TOKEN }}
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup PHP ${{ inputs.PHP_VERSION }}
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ inputs.PHP_VERSION }}
+        env:
+          COMPOSER_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Get composer cache directory
+        id: composer-cache
+        run: echo "dir=$(composer config cache-files-dir)" >> "${GITHUB_OUTPUT}"
+
+      - name: Cache dependencies
+        uses: actions/cache@v4
+        with:
+          path: ${{ steps.composer-cache.outputs.dir }}
+          # yamllint disable-line rule:line-length
+          key: ${{ runner.os }}-${{ inputs.PHP_VERSION }}-composer-${{ hashFiles('**/composer.lock') }}
+          restore-keys: ${{ runner.os }}-${{ inputs.PHP_VERSION }}-composer-
+
+      - if: ${{ env.PRIVATE_PACKAGIST_TOKEN != '' }}
+        name: Setup Composer Private Packagist authentication
+        # yamllint disable-line rule:line-length
+        run: composer config --global --auth http-basic.repo.packagist.com itineris ${{ env.PRIVATE_PACKAGIST_TOKEN }}
+
+      - name: Install Composer dependencies
+        run: composer install --no-progress --prefer-dist --optimize-autoloader
+
+      # todo: decide if we want to run the lint and use laravel pint
+      - name: Execute the Composer lint script
+        run: composer run-script lint
+
+      - name: Execute the Composer style check script
+        run: composer run-script style:check
diff --git a/.github/workflows/trellis-deploy-radicle.properties.json b/.github/workflows/trellis-deploy-radicle.properties.json
@@ -0,0 +1,12 @@
+{
+  "name": "Trellis deploy Radicle workflow",
+  "description": "Workflow to deploy Radicle using Trellis",
+  "iconName": "trellis-icon",
+  "categories": [
+    "php"
+  ],
+  "filePatterns": [
+    "composer.json$",
+    "wp-cli-(cognomen|trellis-alias).yml$"
+  ]
+}
diff --git a/.github/workflows/trellis-deploy-radicle.yml b/.github/workflows/trellis-deploy-radicle.yml
@@ -0,0 +1,114 @@
+# yamllint disable-line rule:document-start
+name: deploy-radicle
+
+# yamllint disable-line rule:truthy
+on:
+  workflow_call:
+    inputs:
+      RADICLE_DEPLOY_BRANCH:
+        type: string
+        default: "${{ github.ref_name }}"
+        required: false
+      NODE_VERSION:
+        type: number
+        default: 20
+        required: false
+      TRELLIS_ENVIRONMENT:
+        type: string
+        required: true
+      TRELLIS_REPOSITORY:
+        type: string
+        required: true
+      TRELLIS_CLI_AUTO_INIT:
+        type: boolean
+        default: true
+        required: false
+      TRELLIS_CLI_CACHE_VIRTUALENV:
+        type: boolean
+        default: true
+        required: false
+      TRELLIS_CLI_GALAXY_INSTALL:
+        type: boolean
+        default: true
+        required: false
+      TRELLIS_CLI_VERSION:
+        type: string
+        default: latest
+        required: false
+    secrets:
+      REPO_PAT:
+        required: true
+      TRELLIS_DEPLOY_SSH_PRIVATE_KEY:
+        required: true
+      TRELLIS_DEPLOY_SSH_KNOWN_HOSTS:
+        required: true
+      ANSIBLE_VAULT_PASSWORD:
+        required: true
+      FONTAWESOME_NPM_AUTH_TOKEN:
+        required: false
+
+jobs:
+  deploy:
+    name: "${{ inputs.TRELLIS_ENVIRONMENT }}"
+    runs-on: ubuntu-latest
+
+    concurrency:
+      group: "${{ github.workflow }}-${{ github.ref_name }}"
+      cancel-in-progress: false
+    if: github.sha != vars.LAST_DEPLOY && github.actor != 'kodiakhq[bot]' && github.actor != 'dependabot[bot]'
+    steps:
+      - name: Checkout Radicle
+        uses: actions/checkout@v4
+        with:
+          path: radicle
+
+      - name: Setup Node ${{ inputs.NODE_VERSION }}
+        uses: actions/setup-node@v4
+        with:
+          node-version: "${{ inputs.NODE_VERSION }}"
+          cache: yarn
+          # yamllint disable-line rule:line-length
+          cache-dependency-path: radicle/yarn.lock
+        env:
+          # yamllint disable-line rule:line-length
+          FONTAWESOME_NPM_AUTH_TOKEN: "${{ secrets.FONTAWESOME_NPM_AUTH_TOKEN }}"
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Checkout Trellis
+        uses: actions/checkout@v4
+        with:
+          repository: "${{ inputs.TRELLIS_REPOSITORY }}"
+          path: trellis
+          token: "${{ secrets.REPO_PAT }}"
+
+      - uses: shimataro/ssh-key-action@v2
+        with:
+          key: "${{ secrets.TRELLIS_DEPLOY_SSH_PRIVATE_KEY }}"
+          known_hosts: "${{ secrets.TRELLIS_DEPLOY_SSH_KNOWN_HOSTS }}"
+
+      - uses: webfactory/ssh-agent@v0.8.0
+        with:
+          ssh-private-key: "${{ secrets.TRELLIS_DEPLOY_SSH_PRIVATE_KEY }}"
+
+      - uses: roots/setup-trellis-cli@v1
+        with:
+          ansible-vault-password: "${{ secrets.ANSIBLE_VAULT_PASSWORD }}"
+          auto-init: "${{ inputs.TRELLIS_CLI_AUTO_INIT }}"
+          cache-virtualenv: "${{ inputs.TRELLIS_CLI_CACHE_VIRTUALENV }}"
+          galaxy-install: "${{ inputs.TRELLIS_CLI_GALAXY_INSTALL }}"
+          version: "${{ inputs.TRELLIS_CLI_VERSION }}"
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Deploy
+        working-directory: trellis
+        # yamllint disable-line rule:line-length
+        run: trellis deploy --verbose --branch="${{ inputs.RADICLE_DEPLOY_BRANCH }}" "${{ inputs.TRELLIS_ENVIRONMENT }}"
+        env:
+          # yamllint disable-line rule:line-length
+          FONTAWESOME_NPM_AUTH_TOKEN: "${{ secrets.FONTAWESOME_NPM_AUTH_TOKEN }}"
+
+      - name: Cache deployed commit hash
+        run: gh variable set LAST_DEPLOY --body='${{ github.sha }}'
+        working-directory: radicle
+        env:
+          GITHUB_TOKEN: ${{ secrets.REPO_PAT }}