Development (#1)

narethiya-godaddy · web-flow · commit fecbae87c01d · 2025-06-06T15:54:18.000+05:30
* added git-deployer-app in ignore list
added, cleanup step

* checking secret

* checking secret

* checking secret

* checking secret

* checking secret

* checking secret

* checking secret

* checking secret

* fix deleting

* fix deleting

* fix SSH_AUTH

* fix SSH_AUTH

* fix SSH_AUTH

* fix SSH_AUTH

* fix SSH_AUTH

* fix SSH_AUTH

* fix SSH_AUTH

* fix SSH_AUTH

* fix SSH_AUTH

* fix SSH_AUTH

* added private_key validation
removed extra echos

* testing Cleanup Uploaded Tar

* Fix tar file deletion on fail

* removed Cleanup test code

* fix warning

* echo ignore list for debug

* added / in root files path for ignore.

* removed debug code.

* updated README.md

* added validation for ssh creds

* added bash -l -c  for script run command

* changed README.md
diff --git a/README.md b/README.md
@@ -1,22 +1,24 @@
-# GoDaddy GitHub Action for Wordpress deployment
+# GoDaddy GitHub Action for Managed WordPress Deployment
 
 ## Overview
 
-This GitHub Action automates WordPress deployment using `rsync` over SSH. It creates a tar archive of modified files, transfers it to the remote server, and executes a deployment script. The action supports post-deployment commands, WordPress health checks, and automatic rollback in case of failures.
+This GitHub Action automates the deployment of your WordPress site by leveraging `rsync` over SSH. It packages only modified files into a tar archive, transfers them to your remote server, and executes a tailored deployment script. In addition, the action supports:
+- Post-deployment commands
+- WordPress health checks with automatic rollback upon failure
+- Secure authentication using an SSH private key
 
 ## Features
 
-- **Deploy only changed files** using `rsync --checksum`
-- **Remove deleted files** from the repository on the server
-- **Execute post-deployment commands**
-- **Perform WordPress health checks** and rollback if necessary
-- **Secure authentication** via SSH private key
+- **Deploy Only Changed Files:** Uses `rsync --checksum` to efficiently update only the modified files.
+- **Sync File Deletions:** Automatically removes files deleted from the repository on the server.
+- **WordPress Health Checks:** Monitor site health and trigger a rollback on failure.
+- **Secure SSH Authentication:** Ensures connectivity using your SSH private key.
 
 ## Usage
 
-### 1. **Add the Action to Your Workflow**
+### 1. Add the Action to Your Workflow
 
-Create a `.github/workflows/deploy.yml` file in your repository:
+Create a `.github/workflows/deploy.yml` file in your repository with the following content:
 
 ```yaml
 name: Deploy WordPress
@@ -25,71 +27,67 @@ on:
   workflow_dispatch:
     inputs:
       deployment_dest:
-        description: 'Target server directory, leave blank for root directory'
+        description: 'Target server directory; leave blank for the root directory'
         required: false
       enable_health_check:
-        description: 'Enable wordpress health check?'
+        description: 'Enable WordPress health check?'
         type: choice
         required: false
         default: "yes"
         options:
           - "yes"
           - "no"
+
 jobs:
   deploy:
     runs-on: ubuntu-latest
     steps:
-      - name: Checkout repository
+      - name: Checkout Repository
         uses: actions/checkout@v3
 
-      - name: Deploy using GitHub Action
-        uses: your-org/your-action-repo@v1
+      - name: Deploy via GoDaddy GitHub Action
+        uses: godaddy-wordpress/git-deploy-poc@v0.0.1
         with:
-          remote_host: ${{ secrets.REMOTE_HOST }}
-          ssh_user: ${{ secrets.SSH_USER }}
-          ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}
+          remote_host: 'http://your-wordpress-site.com'
+          ssh_user: 'SSH_USERNAME_FROM_GODADDY_INTERFACE'
+          ssh_private_key: ${{ secrets.PRIVATE_KEY }}
           deployment_dest: ${{ github.event.inputs.deployment_dest }}
           enable_health_check: ${{ github.event.inputs.enable_health_check }}
 ```
 
-## Inputs
+### 2. Configuration Inputs
 
 | Name                    | Description                          | Required | Default |
-| ----------------------- | ------------------------------------ | -------- | ------- |
-| `remote_host`           | The remote server IP or domain       | ✅ Yes    | -       |
-| `ssh_user`              | SSH username for authentication      | ✅ Yes    | -       |
-| `ssh_private_key`       | SSH private key for authentication   | ✅ Yes    | -       |
-| `deployment_dest`       | Remote WordPress directory           | ❌ No     | `.`     |
-| `post_deploy_commands`  | Commands to run after deployment     | ❌ No     | `''`    |
-| `cleanup_deleted_files` | Remove deleted files from the server | ❌ No     | `yes`   |
-| `enable_health_check`   | Perform a WordPress health check     | ❌ No     | `yes`   |
-
-## Requirements
-
-- **Enable Git Deployment** for site from GoDaddy interface
-- **GitHub secrets configured** for `REMOTE_HOST`, `SSH_USER`, and `SSH_PRIVATE_KEY`
-
-## Troubleshooting
+| ----------------------- | ------------------------------------ | -------- | ------ |
+| `remote_host`           | The remote server IP or domain       | ✅ Yes    | -      |
+| `ssh_user`              | SSH username for authentication      | ✅ Yes    | -      |
+| `ssh_private_key`       | SSH private key for authentication   | ✅ Yes    | -      |
+| `deployment_dest`       | Remote WordPress directory           | ❌ No     | `''`     |
+| `enable_health_check`   | Perform a WordPress health check     | ❌ No     | `yes`  |
 
-### SSH Key Issues
 
-Ensure the private key format is correct and matches the server's authorized keys:
+### Requirements
+- Git Deployment Enabled: Activate Git Deployment for your site via the GoDaddy control panel.
+- GitHub Secrets: Ensure the following secrets are configured in your repository:
+    - `PRIVATE_KEY`
 
 ```bash
 cat ~/.ssh/id_rsa | base64
 ```
+Copy the output and configure it as your repository's SSH_PRIVATE_KEY secret. (**Note:** You may have used a different name when creating your key. Please ammend the example to match your case.)
 
-Set the output as `SSH_PRIVATE_KEY` in GitHub Secrets.
+### For additional troubleshooting:
 
-## License
+- Double-check your remote host details.
+- Consult the issues tab in this repository for similar problems and their resolution.
 
-This action is licensed under the MIT License.
+### License
 
-## Contributing
+This GitHub Action is licensed under the MIT License.
 
-Feel free to open issues or submit PRs for improvements!
+### Contributing
 
-## Support
-
-For help, open an issue in the repository.
+Contributions, bug reports, and ideas for improvements are welcome! Please open an issue or submit a pull request for discussion.
 
+## Support
+For additional help or support, please open an issue in this repository.
diff --git a/action.yml b/action.yml
@@ -50,8 +50,9 @@ runs:
         OUTPUT_DIR="output"
         IGNORE_FILES="$ACTION_DIR/files_to_ignore.txt"
         SYNC_FILES="$OUTPUT_DIR/files_to_sync.txt"
-        TEMP_KEY_FILE="private_key"             
-        SSH_AUTH="-i $TEMP_KEY_FILE -o StrictHostKeyChecking=no"
+        TEMP_KEY_FILE="$(pwd)/private_key"
+        SSH_AUTH="-i \"$TEMP_KEY_FILE\" -o StrictHostKeyChecking=no"
+
         TAR_NAME="repository_$(openssl rand -hex 4).tar"
 
         CHECKOUT_DIR=${{ inputs.source_path }}
@@ -72,7 +73,8 @@ runs:
         ACTION_PATH="${{ github.action_path }}"
         TAG_NAME=$(basename "$ACTION_PATH")
         echo "ACTION_TAG=$TAG_NAME" >> $GITHUB_ENV
-        echo "::set-output name=ACTION_TAG::$TAG_NAME"
+        echo "ACTION_TAG=$TAG_NAME" >> $GITHUB_OUTPUT
+      
         
         echo "ACTION_DIR=$ACTION_DIR" >> $GITHUB_ENV
         echo "IGNORE_FILES=$IGNORE_FILES" >> $GITHUB_ENV
@@ -91,19 +93,31 @@ runs:
 
         mkdir -p ~/.ssh $OUTPUT_DIR
         ssh-keyscan -H "${{ inputs.remote_host }}" >> ~/.ssh/known_hosts
-        echo "${{ inputs.ssh_private_key }}" > "$TEMP_KEY_FILE"
+        echo -e "${{ inputs.ssh_private_key }}" > "$TEMP_KEY_FILE"
         chmod 600 "$TEMP_KEY_FILE"
         echo "TEMP_KEY_FILE=$TEMP_KEY_FILE" >> $GITHUB_ENV
     - name: Validate inputs
       shell: bash
       run: |
+        TRIMMED_KEY="$(echo "${{ inputs.ssh_private_key }}" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')"
+        if [[ -z "$TRIMMED_KEY" ]]; then
+          echo "Error: SSH private key is missing."
+          exit 1
+        fi
+
         if [ ! -d "$CHECKOUT_DIR" ]; then
           echo "The source directory does not exists."
           exit 1
         fi
 
+        # Checking credentials
+        if ! ssh -i "$TEMP_KEY_FILE" -o StrictHostKeyChecking=no -o BatchMode=yes "$SSH_USER@$SSH_HOST" "exit" 2>/dev/null; then
+          echo "Error: SSH authentication failed. Please check your SSH credentials."
+          exit 1
+        fi
+
         if [[ "$WP_DEST_DIR" != "$WP_ROOT_DIR" ]]; then
-          if ! ssh "$SSH_AUTH" "$SSH_USER@$SSH_HOST" "[ -d '/$WP_DEST_DIR' ]"; then
+          if ! ssh -i "$TEMP_KEY_FILE" -o StrictHostKeyChecking=no "$SSH_USER@$SSH_HOST" "[ -d '/$WP_DEST_DIR' ]"; then
             echo "Error: Directory '/$WP_DEST_DIR' does not exist on the server."
             exit 1
           fi
@@ -124,14 +138,10 @@ runs:
           EXCLUDE_ARGS+="--exclude=$line "
         done < "$IGNORE_FILES"
         
-        echo "ignore list: $EXCLUDE_ARGS"
         echo "Preparing a changed file list..."
         echo "Source: $CHECKOUT_DIR/"
         echo "Destination: /$WP_DEST_DIR/"
         echo "current dir: $(pwd)"
-        ls -lha
-        echo "rsync command: "
-        echo "rsync -av --dry-run --checksum -e ssh $SSH_AUTH $CHECKOUT_DIR/ $SSH_USER@$SSH_HOST:/$WP_DEST_DIR/"
         
         rsync -av --dry-run --checksum $EXCLUDE_ARGS \
           -e "ssh $SSH_AUTH" \
@@ -154,14 +164,14 @@ runs:
 
           rsync -av --dry-run --delete --ignore-existing $EXCLUDE_ARGS \
             -e "ssh $SSH_AUTH" \
-            $CHECKOUT_DIR/ "$SSH_USER@$SSH_HOST:/$WP_DEST_DIR/" \
-            | grep '^deleting ' | awk '{print $2}' | grep -v '/$' > $DEL_FILE_LIST
-          
+            "$CHECKOUT_DIR/" "$SSH_USER@$SSH_HOST:/$WP_DEST_DIR/" \
+            | grep '^deleting ' 2>/dev/null | awk '{print $2}' | grep -v '/$' > "$DEL_FILE_LIST" || true
+        
           if [[ $? -ne 0 ]]; then
             echo "Error: Failed to prepare the list of files to delete."
             exit 1
           fi
-          
+        
           echo $(basename "$DEL_FILE_LIST") >> "$SYNC_FILES"
           echo "Files to be DELETED:"
           cat "$DEL_FILE_LIST"
@@ -179,10 +189,11 @@ runs:
         echo "Tar file created successfully."
 
     - name: Upload tar file to server
+      id: upload
       shell: bash
       run: |
         echo "Creating remote directory: $UPLOAD_DIR"
-        ssh $SSH_AUTH "$SSH_USER@$SSH_HOST" "mkdir -p '/$UPLOAD_DIR' || exit 1"
+        ssh -i "$TEMP_KEY_FILE" -o StrictHostKeyChecking=no "$SSH_USER@$SSH_HOST" "mkdir -p '/$UPLOAD_DIR' || exit 1"
 
         echo "Uploading tar file to $UPLOAD_DIR"
         rsync -avz -e "ssh $SSH_AUTH" $TAR_FILE "$SSH_USER@$SSH_HOST:/$UPLOAD_DIR/"
@@ -202,13 +213,21 @@ runs:
         POST_COMMAND=${{inputs.post_deploy_commands}}
         HEALTH_CHECK=${{inputs.enable_health_check}}
         DEPLOYER_SH="php /$DEPLOYER_APP_DIR/bin/init mwp:deployer"
-
-        OPTIONS="--destDir=$DEST_DIR --postDeploymentCommand=$POST_COMMAND"
-        if [ "$HEALTH_CHECK" == "no" ]; then
+        
+        OPTIONS="--destDir=$DEST_DIR"
+        if [ "$HEALTH_CHECK" = "no" ]; then
           OPTIONS="$OPTIONS --skipHealthCheck"
         fi
-
-        echo "SSH Command: ssh $SSH_AUTH "$SSH_USER@$SSH_HOST" $DEPLOYER_SH $TAR_NAME $OPTIONS"; 
-        ssh $SSH_AUTH "$SSH_USER@$SSH_HOST" $DEPLOYER_SH $TAR_NAME $OPTIONS 
+        
+        ssh -i "$TEMP_KEY_FILE" -o StrictHostKeyChecking=no "$SSH_USER@$SSH_HOST" \
+        "bash -l -c '$DEPLOYER_SH $TAR_NAME \"$OPTIONS\"'"
 
         rm -f $TEMP_KEY_FILE
+
+    - name: Cleanup Uploaded Tar File on Failure
+      shell: bash
+      if: failure() && steps.upload.outcome == 'success'
+      run: |
+        echo "Deleting uploaded tar file"
+        ssh -i "$TEMP_KEY_FILE" -o StrictHostKeyChecking=no "$SSH_USER@$SSH_HOST" "rm -f '/$UPLOAD_DIR/$TAR_NAME'"
+
diff --git a/files_to_ignore.txt b/files_to_ignore.txt
@@ -6,26 +6,26 @@ Thumbs.db
 readme.md
 .gitignore
 output
-private_key
+/private_key
 action_dir
-index.php
-plat-cron.php
-wp-activate.php
-wp-blog-header.php
-wp-comments-post.php
-wp-cron.php
-wp-links-opml.php
-wp-load.php
-wp-login.php
-wp-mail.php
-wp-settings.php
-wp-signup.php
-wp-trackback.php
-xmlrpc.php
+/index.php
+/plat-cron.php
+/wp-activate.php
+/wp-blog-header.php
+/wp-comments-post.php
+/wp-cron.php
+/wp-links-opml.php
+/wp-load.php
+/wp-login.php
+/wp-mail.php
+/wp-settings.php
+/wp-signup.php
+/wp-trackback.php
+/xmlrpc.php
+git-deployer-app/
 platform/
 wp-admin/
 wp-includes/
 wp-content/mu-plugins/
 wp-content/object-cache.php
 wp-content/uploads/
-git-deployer-app/
