diff --git a/.github/workflows/release_pipeline.yml b/.github/workflows/release_pipeline.yml index 5a9d37a..3c9041b 100644 --- a/.github/workflows/release_pipeline.yml +++ b/.github/workflows/release_pipeline.yml @@ -483,7 +483,7 @@ else: - name: Validate required secrets and variables env: - FTP_HOST: ${{ secrets.FTP_HOST }} + FTP_SERVER: ${{ secrets.FTP_SERVER }} FTP_USER: ${{ secrets.FTP_USER }} FTP_KEY: ${{ secrets.FTP_KEY }} FTP_PASSWORD: ${{ secrets.FTP_PASSWORD }} @@ -498,7 +498,7 @@ else: missing=() - [ -n "${FTP_HOST:-}" ] || missing+=("FTP_HOST") + [ -n "${FTP_SERVER:-}" ] || missing+=("FTP_SERVER") [ -n "${FTP_USER:-}" ] || missing+=("FTP_USER") [ -n "${FTP_PATH:-}" ] || missing+=("FTP_PATH") @@ -643,7 +643,7 @@ else: echo "```" } >> "${GITHUB_STEP_SUMMARY}" - - name: Build Joomla/Dolibarr ZIP (platform-aware, src-only archive) + - name: Build Joomla/Dolibarr ZIP (src-only archive) id: build run: | set -euo pipefail @@ -657,51 +657,46 @@ else: DIST_DIR="${GITHUB_WORKSPACE}/dist" mkdir -p "${DIST_DIR}" - # Detect platform and extension type using dedicated script - if ! PLATFORM_INFO=$(python3 "${GITHUB_WORKSPACE}/scripts/release/detect_platform.py" "${GITHUB_WORKSPACE}/src"); then - echo "ERROR: Could not detect extension platform and type" >> "${GITHUB_STEP_SUMMARY}" - exit 1 + # Determine suffix based on channel + if [ "${CHANNEL}" = "rc" ]; then + SUFFIX="rc" + else + SUFFIX="stable" fi - - if [ -z "${PLATFORM_INFO}" ]; then - echo "ERROR: Platform detection returned empty result" >> "${GITHUB_STEP_SUMMARY}" - exit 1 - fi - - PLATFORM="${PLATFORM_INFO%%|*}" - EXT_TYPE="${PLATFORM_INFO##*|}" - ZIP="${REPO_NAME}-${VERSION}-${CHANNEL}-${PLATFORM}-${EXT_TYPE}.zip" + ZIP="${REPO_NAME}-${VERSION}-${SUFFIX}.zip" # Create ZIP with development artifact exclusions - zip -r -X "${DIST_DIR}/${ZIP}" src \ - -x "src/**/.git/**" \ - -x "src/**/.github/**" \ - -x "src/**/.DS_Store" \ - -x "src/**/__MACOSX/**" \ - -x "src/**/node_modules/**" \ - -x "src/**/vendor/**" \ - -x "src/**/tests/**" \ - -x "src/**/Tests/**" \ - -x "src/**/.phpstan.cache/**" \ - -x "src/**/.psalm/**" \ - -x "src/**/.rector/**" \ - -x "src/**/phpmd-cache/**" \ - -x "src/**/.php-cs-fixer.cache" \ - -x "src/**/.phplint-cache" \ - -x "src/**/*.log" + # Zip only the contents of the src folder (not the src/ folder itself) + # This creates a ZIP with extension files at the root level for direct installation + cd src + zip -r -X "${DIST_DIR}/${ZIP}" . \ + -x ".git/**" \ + -x ".github/**" \ + -x ".DS_Store" \ + -x "__MACOSX/**" \ + -x "node_modules/**" \ + -x "vendor/**" \ + -x "tests/**" \ + -x "Tests/**" \ + -x ".phpstan.cache/**" \ + -x ".psalm/**" \ + -x ".rector/**" \ + -x "phpmd-cache/**" \ + -x ".php-cs-fixer.cache" \ + -x ".phplint-cache" \ + -x "*.log" + cd .. echo "zip_name=${ZIP}" >> "${GITHUB_OUTPUT}" echo "dist_dir=${DIST_DIR}" >> "${GITHUB_OUTPUT}" - echo "platform=${PLATFORM}" >> "${GITHUB_OUTPUT}" - echo "ext_type=${EXT_TYPE}" >> "${GITHUB_OUTPUT}" ZIP_BYTES="$(stat -c%s "${DIST_DIR}/${ZIP}")" { echo "### Build report" echo "```json" - echo "{\"repository\":\"${GITHUB_REPOSITORY}\",\"workflow\":\"${GITHUB_WORKFLOW}\",\"job\":\"${GITHUB_JOB}\",\"run/id\":${GITHUB_RUN_ID},\"run/number\":${GITHUB_RUN_NUMBER},\"run/attempt\":${GITHUB_RUN_ATTEMPT},\"run/url\":\"${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}\",\"actor\":\"${GITHUB_ACTOR}\",\"sha\":\"${GITHUB_SHA}\",\"archive_policy\":\"src_only\",\"platform\":\"${PLATFORM}\",\"extension_type\":\"${EXT_TYPE}\",\"zip\":\"${DIST_DIR}/${ZIP}\",\"zip_bytes\":${ZIP_BYTES}}" + echo "{\"repository\":\"${GITHUB_REPOSITORY}\",\"workflow\":\"${GITHUB_WORKFLOW}\",\"job\":\"${GITHUB_JOB}\",\"run/id\":${GITHUB_RUN_ID},\"run/number\":${GITHUB_RUN_NUMBER},\"run/attempt\":${GITHUB_RUN_ATTEMPT},\"run/url\":\"${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}\",\"actor\":\"${GITHUB_ACTOR}\",\"sha\":\"${GITHUB_SHA}\",\"archive_policy\":\"src_only\",\"suffix\":\"${SUFFIX}\",\"zip\":\"${DIST_DIR}/${ZIP}\",\"zip_bytes\":${ZIP_BYTES}}" echo "```" } >> "${GITHUB_STEP_SUMMARY}" @@ -725,7 +720,7 @@ else: - name: Upload ZIP to SFTP (key-preferred, password-fallback, overwrite, verified) id: sftp env: - FTP_HOST: ${{ secrets.FTP_HOST }} + FTP_SERVER: ${{ secrets.FTP_SERVER }} FTP_USER: ${{ secrets.FTP_USER }} FTP_KEY: ${{ secrets.FTP_KEY }} FTP_PASSWORD: ${{ secrets.FTP_PASSWORD }} @@ -741,7 +736,7 @@ else: ZIP="${{ steps.build.outputs.zip_name }}" DIST_DIR="${{ steps.build.outputs.dist_dir }}" - : "${FTP_HOST:?Missing secret FTP_HOST}" + : "${FTP_SERVER:?Missing secret FTP_SERVER}" : "${FTP_USER:?Missing secret FTP_USER}" : "${FTP_PATH:?Missing secret FTP_PATH}" @@ -753,9 +748,9 @@ else: PORT="${FTP_PORT:-}" if [ -n "${PORT}" ]; then - HOSTPORT="${FTP_HOST}:${PORT}" + HOSTPORT="${FTP_SERVER}:${PORT}" else - HOSTPORT="${FTP_HOST}" + HOSTPORT="${FTP_SERVER}" fi SUFFIX="${FTP_PATH_SUFFIX:-}" @@ -786,7 +781,7 @@ else: printf '{' printf '"protocol":"sftp",' printf '"auth_mode":"%s",' "${AUTH_MODE}" - printf '"host":"%s",' "${FTP_HOST}" + printf '"host":"%s",' "${FTP_SERVER}" printf '"port":"%s",' "${PORT:-default}" printf '"remote_path":"%s",' "${REMOTE_PATH}" printf '"overwrite":true,' @@ -826,7 +821,7 @@ else: fi fi - ssh-keyscan -H "${FTP_HOST}" >> ~/.ssh/known_hosts + ssh-keyscan -H "${FTP_SERVER}" >> ~/.ssh/known_hosts if [ "${AUTH_MODE}" = "key" ]; then CONNECT="set sftp:connect-program 'ssh -a -x -i ~/.ssh/id_rsa -o PubkeyAuthentication=yes -o PasswordAuthentication=no'" @@ -840,7 +835,7 @@ else: echo "Dry run enabled. Upload skipped." >> "${GITHUB_STEP_SUMMARY}" echo "auth_mode=${AUTH_MODE}" >> "${GITHUB_OUTPUT}" echo "remote_path=${REMOTE_PATH}" >> "${GITHUB_OUTPUT}" - echo "host=${FTP_HOST}" >> "${GITHUB_OUTPUT}" + echo "host=${FTP_SERVER}" >> "${GITHUB_OUTPUT}" echo "port=${PORT:-default}" >> "${GITHUB_OUTPUT}" exit 0 fi @@ -877,13 +872,13 @@ else: { echo "### SFTP upload report" echo "```json" - echo "{\"status\":\"ok\",\"protocol\":\"sftp\",\"auth_mode\":\"${AUTH_MODE}\",\"host\":\"${FTP_HOST}\",\"port\":\"${PORT:-default}\",\"remote_path\":\"${REMOTE_PATH}\",\"zip\":\"${ZIP}\",\"zip_bytes_local\":${ZIP_BYTES_LOCAL},\"overwrite\":true}" + echo "{\"status\":\"ok\",\"protocol\":\"sftp\",\"auth_mode\":\"${AUTH_MODE}\",\"host\":\"${FTP_SERVER}\",\"port\":\"${PORT:-default}\",\"remote_path\":\"${REMOTE_PATH}\",\"zip\":\"${ZIP}\",\"zip_bytes_local\":${ZIP_BYTES_LOCAL},\"overwrite\":true}" echo "```" } >> "${GITHUB_STEP_SUMMARY}" echo "auth_mode=${AUTH_MODE}" >> "${GITHUB_OUTPUT}" echo "remote_path=${REMOTE_PATH}" >> "${GITHUB_OUTPUT}" - echo "host=${FTP_HOST}" >> "${GITHUB_OUTPUT}" + echo "host=${FTP_SERVER}" >> "${GITHUB_OUTPUT}" echo "port=${PORT:-default}" >> "${GITHUB_OUTPUT}" - name: Create Git tag diff --git a/.github/workflows/repo_health.yml b/.github/workflows/repo_health.yml index 8c24c9d..6656f8b 100644 --- a/.github/workflows/repo_health.yml +++ b/.github/workflows/repo_health.yml @@ -30,7 +30,7 @@ env: ALLOWED_SFTP_PROTOCOLS: sftp # Release policy - RELEASE_REQUIRED_VARS: FTP_HOST,FTP_USER,FTP_PATH + RELEASE_REQUIRED_VARS: FTP_SERVER,FTP_USER,FTP_PATH RELEASE_OPTIONAL_VARS: FTP_KEY,FTP_PASSWORD,FTP_PROTOCOL,FTP_PORT,FTP_PATH_SUFFIX # Scripts governance policy @@ -125,7 +125,7 @@ jobs: - name: Guardrails release vars env: PROFILE_RAW: ${{ github.event.inputs.profile }} - FTP_HOST: ${{ secrets.FTP_HOST }} + FTP_SERVER: ${{ secrets.FTP_SERVER }} FTP_USER: ${{ secrets.FTP_USER }} FTP_KEY: ${{ secrets.FTP_KEY }} FTP_PASSWORD: ${{ secrets.FTP_PASSWORD }} @@ -236,7 +236,7 @@ jobs: - name: Guardrails SFTP connectivity env: PROFILE_RAW: ${{ github.event.inputs.profile }} - FTP_HOST: ${{ secrets.FTP_HOST }} + FTP_SERVER: ${{ secrets.FTP_SERVER }} FTP_USER: ${{ secrets.FTP_USER }} FTP_KEY: ${{ secrets.FTP_KEY }} FTP_PASSWORD: ${{ secrets.FTP_PASSWORD }} @@ -288,7 +288,7 @@ jobs: printf '%s\n' '### SFTP connectivity' printf '%s\n' '| Control | Value |' printf '%s\n' '|---|---|' - printf '%s\n' "| Host | ${FTP_HOST} |" + printf '%s\n' "| Host | ${FTP_SERVER} |" printf '%s\n' "| User | ${FTP_USER} |" printf '%s\n' "| Port | ${port} |" printf '%s\n' "| Auth | ${auth_method} |" @@ -319,11 +319,11 @@ jobs: ssh-keygen -p -P "${FTP_PASSWORD}" -N '' -f "${key_file}" >/dev/null fi - printf '%s' "${sftp_cmds}" | sftp "${sftp_v_opt[@]}" -oBatchMode=yes -oStrictHostKeyChecking=no -P "${port}" -i "${key_file}" "${FTP_USER}@${FTP_HOST}" >/tmp/sftp_check.log 2>&1 + printf '%s' "${sftp_cmds}" | sftp "${sftp_v_opt[@]}" -oBatchMode=yes -oStrictHostKeyChecking=no -P "${port}" -i "${key_file}" "${FTP_USER}@${FTP_SERVER}" >/tmp/sftp_check.log 2>&1 sftp_rc=$? elif [ -n "${FTP_PASSWORD:-}" ]; then command -v sshpass >/dev/null 2>&1 || (sudo apt-get update -qq && sudo apt-get install -y sshpass >/dev/null) - printf '%s' "${sftp_cmds}" | sshpass -p "${FTP_PASSWORD}" sftp "${sftp_v_opt[@]}" -oBatchMode=no -oStrictHostKeyChecking=no -P "${port}" "${FTP_USER}@${FTP_HOST}" >/tmp/sftp_check.log 2>&1 + printf '%s' "${sftp_cmds}" | sshpass -p "${FTP_PASSWORD}" sftp "${sftp_v_opt[@]}" -oBatchMode=no -oStrictHostKeyChecking=no -P "${port}" "${FTP_USER}@${FTP_SERVER}" >/tmp/sftp_check.log 2>&1 sftp_rc=$? else { diff --git a/docs/CI_MIGRATION_PLAN.md b/docs/CI_MIGRATION_PLAN.md index 89155ea..1b2152e 100644 --- a/docs/CI_MIGRATION_PLAN.md +++ b/docs/CI_MIGRATION_PLAN.md @@ -193,7 +193,7 @@ on: required: true type: string secrets: - FTP_HOST: + FTP_SERVER: required: true FTP_USER: required: true @@ -246,7 +246,7 @@ jobs: ### Secrets to Configure **In .github-private repository:** -- Deployment credentials (FTP_HOST, FTP_USER, FTP_KEY, etc.) +- Deployment credentials (FTP_SERVER, FTP_USER, FTP_KEY, etc.) - API tokens for external services - Signing keys @@ -481,7 +481,7 @@ If issues arise during migration: ``` Organization Level (Settings > Secrets and Variables) ├── Secrets -│ ├── FTP_HOST (inherited by all repos) +│ ├── FTP_SERVER (inherited by all repos) │ ├── FTP_USER (inherited by all repos) │ ├── FTP_KEY (inherited by all repos) │ ├── FTP_PASSWORD (inherited by all repos) diff --git a/docs/MIGRATION_CHECKLIST.md b/docs/MIGRATION_CHECKLIST.md index 8127529..50c9fdf 100644 --- a/docs/MIGRATION_CHECKLIST.md +++ b/docs/MIGRATION_CHECKLIST.md @@ -75,7 +75,7 @@ This checklist guides the migration of CI/CD workflows from individual repositor ## Phase 3: Secrets and Variables Setup ### Organization-Level Secrets -- [ ] Migrate FTP_HOST to organization secrets +- [ ] Migrate FTP_SERVER to organization secrets - [ ] Migrate FTP_USER to organization secrets - [ ] Migrate FTP_KEY to organization secrets (if used) - [ ] Migrate FTP_PASSWORD to organization secrets (if used) @@ -406,13 +406,13 @@ fi - name: Pre-Deployment Validation run: | # Verify deployment prerequisites - if [ -z "${{ secrets.FTP_HOST }}" ]; then - echo "❌ FTP_HOST not configured" + if [ -z "${{ secrets.FTP_SERVER }}" ]; then + echo "❌ FTP_SERVER not configured" exit 1 fi # Test connectivity - nc -zv ${{ secrets.FTP_HOST }} 22 || exit 1 + nc -zv ${{ secrets.FTP_SERVER }} 22 || exit 1 # Verify artifact exists if [ ! -f deployment.zip ]; then @@ -428,7 +428,7 @@ fi - name: Backup Current Deployment run: | # Create backup of current deployment - ssh ${{ secrets.FTP_USER }}@${{ secrets.FTP_HOST }} \ + ssh ${{ secrets.FTP_USER }}@${{ secrets.FTP_SERVER }} \ "cd ${{ secrets.FTP_PATH }} && tar -czf backup-$(date +%Y%m%d-%H%M%S).tar.gz ." echo "✅ Backup created" @@ -437,9 +437,9 @@ fi id: deploy run: | # Deploy new version - scp deployment.zip ${{ secrets.FTP_USER }}@${{ secrets.FTP_HOST }}:${{ secrets.FTP_PATH }}/ + scp deployment.zip ${{ secrets.FTP_USER }}@${{ secrets.FTP_SERVER }}:${{ secrets.FTP_PATH }}/ - ssh ${{ secrets.FTP_USER }}@${{ secrets.FTP_HOST }} \ + ssh ${{ secrets.FTP_USER }}@${{ secrets.FTP_SERVER }} \ "cd ${{ secrets.FTP_PATH }} && unzip -o deployment.zip" echo "✅ Deployment successful" @@ -465,10 +465,10 @@ fi echo "⚠️ Deployment failed, rolling back..." # Restore from backup - BACKUP=$(ssh ${{ secrets.FTP_USER }}@${{ secrets.FTP_HOST }} \ + BACKUP=$(ssh ${{ secrets.FTP_USER }}@${{ secrets.FTP_SERVER }} \ "cd ${{ secrets.FTP_PATH }} && ls -t backup-*.tar.gz | head -1") - ssh ${{ secrets.FTP_USER }}@${{ secrets.FTP_HOST }} \ + ssh ${{ secrets.FTP_USER }}@${{ secrets.FTP_SERVER }} \ "cd ${{ secrets.FTP_PATH }} && tar -xzf $BACKUP" echo "✅ Rollback completed" @@ -1102,7 +1102,7 @@ fi echo "=== Checking Secret Access ===" SECRETS=( - "FTP_HOST" + "FTP_SERVER" "FTP_USER" "FTP_PASSWORD" "FTP_PATH" diff --git a/docs/REUSABLE_WORKFLOWS.md b/docs/REUSABLE_WORKFLOWS.md index 1aaf0f9..0438763 100644 --- a/docs/REUSABLE_WORKFLOWS.md +++ b/docs/REUSABLE_WORKFLOWS.md @@ -292,7 +292,7 @@ on: type: string default: 'joomla' secrets: - FTP_HOST: + FTP_SERVER: required: true FTP_USER: required: true @@ -425,7 +425,7 @@ on: type: boolean default: false secrets: - FTP_HOST: + FTP_SERVER: required: true FTP_USER: required: true @@ -506,7 +506,7 @@ jobs: # Upload via SFTP lftp -c " set sftp:auto-confirm yes; - open sftp://${{ secrets.FTP_USER }}:${{ secrets.FTP_PASSWORD }}@${{ secrets.FTP_HOST }}; + open sftp://${{ secrets.FTP_USER }}:${{ secrets.FTP_PASSWORD }}@${{ secrets.FTP_SERVER }}; cd ${{ secrets.FTP_PATH }}; put deployment.tar.gz; quit @@ -703,7 +703,7 @@ on: required: true type: string secrets: - FTP_HOST: + FTP_SERVER: required: true FTP_USER: required: true @@ -1010,7 +1010,7 @@ on: type: boolean default: false secrets: - FTP_HOST: + FTP_SERVER: required: true FTP_USER: required: true @@ -1179,7 +1179,7 @@ gh secret set ACTIONS_RUNNER_DEBUG --body "true" echo '${{ toJson(inputs) }}' echo "=== Secrets (names only) ===" - echo "FTP_HOST: ${{ secrets.FTP_HOST != '' && 'SET' || 'NOT SET' }}" + echo "FTP_SERVER: ${{ secrets.FTP_SERVER != '' && 'SET' || 'NOT SET' }}" ``` ### Common Error Patterns and Solutions diff --git a/docs/WORKFLOW_GUIDE.md b/docs/WORKFLOW_GUIDE.md index 73382a5..5465a11 100644 --- a/docs/WORKFLOW_GUIDE.md +++ b/docs/WORKFLOW_GUIDE.md @@ -355,7 +355,7 @@ git push origin --delete dev/03.05.00 #### "Missing required secrets" Go to repository Settings → Secrets and variables → Actions, and add: -- `FTP_HOST` +- `FTP_SERVER` - `FTP_USER` - `FTP_KEY` or `FTP_PASSWORD` - `FTP_PATH`