smueller/HexaHost-Web-Prod
1
0
Fork 0
mirror of https://git.hexahost.dev/smueller/HexaHost-Frontend.git synced 2026-06-02 05:08:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

ci: merge dev for release build

Browse Source
This commit is contained in:
gitea-actions
2026-05-28 15:42:22 +00:00
parent e91a9ed9c3 e9d5b55459
commit 99f0056106
3 changed files with 76 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
.gitea/workflows/obfuscate-main.yml
View File

@@ -1,34 +1,43 @@
name: Obfuscate Main Build
name: Release Build (dev → main)
on:
push:
branches:
- main
- dev
workflow_dispatch:
env:
# Gitea liefert intern oft eine IP; das SSL-Zertifikat gilt für den Hostnamen.
GITEA_HOST: git.hexahost.dev
REPO_PATH: smueller/HexaHost-Frontend
jobs:
obfuscate:
release-build:
if: ${{ !contains(github.event.head_commit.message, '[skip ci]') }}
runs-on: ubuntu-latest
steps:
- name: Checkout
- name: Checkout (volle History)
uses: actions/checkout@v4
with:
fetch-depth: 0
repository-url: https://git.hexahost.dev/smueller/HexaHost-Frontend
ref: dev
- name: Skip loop commits
- name: Merge dev in CI-Workspace (Basis main)
env:
GITEA_TOKEN: ${{ github.token }}
run: |
msg="$(git log -1 --pretty=%B)"
echo "Last commit message: $msg"
if echo "$msg" | grep -q "\[skip ci\]"; then
echo "Skip CI commit detected."
exit 0
git config user.name "gitea-actions"
git config user.email "actions@local"
git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git"
git fetch origin main dev
if git show-ref --verify --quiet refs/remotes/origin/main; then
git checkout -B main origin/main
git merge origin/dev -X theirs --no-edit -m "ci: merge dev for release build"
else
echo "main branch missing, initializing from dev"
git checkout -B main origin/dev
fi
- name: Setup Python
@@ -44,7 +53,7 @@ jobs:
- name: Run release obfuscation
run: python scripts/obfuscate_release.py --root . --hash-assets
- name: Commit obfuscated build
- name: Publish release to main
env:
GITEA_TOKEN: ${{ github.token }}
run: |
@@ -53,8 +62,8 @@ jobs:
git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git"
git add -A
if git diff --cached --quiet; then
echo "No build changes to commit."
echo "No release changes to publish."
exit 0
fi
git commit -m "chore(release): obfuscate and hash production assets [skip ci]"
git push origin HEAD:main
git push origin main

50
.github/workflows/obfuscate-main.yml vendored
View File

@@ -1,44 +1,70 @@
name: Obfuscate Main Build
# Hinweis: Gitea nutzt .gitea/workflows/obfuscate-main.yml (identischer Ablauf).
name: Release Build (dev → main)
on:
push:
branches:
- main
- dev
workflow_dispatch:
permissions:
contents: write
env:
GITEA_HOST: git.hexahost.dev
REPO_PATH: smueller/HexaHost-Frontend
jobs:
obfuscate:
if: github.actor != 'github-actions[bot]'
release-build:
if: ${{ !contains(github.event.head_commit.message, '[skip ci]') }}
runs-on: ubuntu-latest
steps:
- name: Checkout
- name: Checkout (volle History)
uses: actions/checkout@v4
with:
fetch-depth: 0
repository-url: https://git.hexahost.dev/smueller/HexaHost-Frontend
ref: dev
- name: Merge dev in CI-Workspace (Basis main)
env:
GITEA_TOKEN: ${{ github.token }}
run: |
git config user.name "gitea-actions"
git config user.email "actions@local"
git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git"
git fetch origin main dev
if git show-ref --verify --quiet refs/remotes/origin/main; then
git checkout -B main origin/main
git merge origin/dev -X theirs --no-edit -m "ci: merge dev for release build"
else
echo "main branch missing, initializing from dev"
git checkout -B main origin/dev
fi
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: '3.12'
python-version: "3.12"
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: '20'
node-version: "20"
- name: Run release obfuscation
run: python scripts/obfuscate_release.py --root . --hash-assets
- name: Commit obfuscated build
- name: Publish release to main
env:
GITEA_TOKEN: ${{ github.token }}
run: |
git config user.name "gitea-actions"
git config user.email "actions@local"
git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git"
git add -A
if git diff --cached --quiet; then
echo "No build changes to commit."
echo "No release changes to publish."
exit 0
fi
git commit -m "chore(release): obfuscate and hash production assets [skip ci]"
git push
git push origin main

18
README.md
View File

@@ -166,9 +166,21 @@ Für den Produktivbetrieb `public/` als Webroot konfigurieren.
### Production-Build & Veröffentlichung
Der Quellcode bleibt auf `dev`, der veröffentlichte Stand liegt auf `main`.
| Branch | Zweck |
|--------|--------|
| **`dev`** | Entwicklung (lesbarer Code, Kommentare) |
| **`main`** | Release/Produktion (obfuskiert, gehashte Assets) |
Bei jedem Push/Merge auf `main` läuft die GitHub Action `.github/workflows/obfuscate-main.yml` automatisch und führt aus:
**Workflow:** Nur auf `dev` entwickeln und pushen — **nicht** `dev` manuell nach `main` mergen.
Bei jedem Push auf `dev` startet `.gitea/workflows/obfuscate-main.yml`:
1. Checkout in temporärem Runner-Workspace
2. `dev` in CI mit `main` mergen (`-X theirs`, dev-Inhalte bei Konflikten)
3. Obfuscation-Build (`scripts/obfuscate_release.py --hash-assets`)
4. Ergebnis nach `main` pushen (Bot-Commit mit `[skip ci]`)
Der Build führt aus:
- Entfernen von Kommentaren (inkl. Block-Kommentaren) in PHP/JS/CSS
- Minify + Obfuscate für JavaScript
@@ -176,7 +188,7 @@ Bei jedem Push/Merge auf `main` läuft die GitHub Action `.github/workflows/obfu
- Kein Source-Map-Output
- Hashing von JS/CSS-Dateinamen + automatische Referenz-Anpassung
Lokal ausführbar:
Lokal testen (nur in Kopie, nicht committen):
```bash
python scripts/obfuscate_release.py --root . --hash-assets