smueller/HexaHost-Web-Prod
1
0
Fork 0
mirror of https://git.hexahost.dev/smueller/HexaHost-Frontend.git synced 2026-06-02 08:08:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: smueller:e91a9ed9c38348be94e3f0171456dd7501551fea
Branches Tags
smueller:main smueller:ci smueller:dev
..
compare: smueller:f7ea36f4f284a0d6d3a36eb25e3576a02b43cde0
Branches Tags
smueller:main smueller:ci smueller:dev

5 Commits
e91a9ed9c3 ... f7ea36f4f2

Author SHA1 Message Date
gitea-actions
f7ea36f4f2 chore(release): obfuscate and hash production assets [skip ci] 2026-05-28 15:42:41 +00:00
gitea-actions
99f0056106 ci: merge dev for release build 2026-05-28 15:42:22 +00:00
smueller
e9d5b55459 Refactor release build process: Updated README.md to clarify branch usage and workflow for development and production. Enhanced Gitea and GitHub workflows to automate merging from dev to main, ensuring consistent obfuscation and asset management during releases. Improved commit messages and streamlined the build process for better clarity and efficiency. 2026-05-28 17:42:06 +02:00
smueller
8f985da61f Enhance obfuscation workflow and asset processing: Updated the Gitea workflow to skip CI for specific commit messages, improving efficiency. Refactored the obfuscation script to include better asset handling, validation, and cleanup processes, ensuring only valid files are processed. Introduced temporary directories for intermediate files during obfuscation, enhancing reliability and reducing errors. 2026-05-28 17:32:21 +02:00
smueller
6c9114e0a7 Update obfuscate workflow: Introduced environment variables for Gitea host and repository path, streamlined commit process to skip CI for bot commits, and adjusted remote URL configuration for secure pushes. Enhanced build process by removing unnecessary steps and ensuring efficient asset obfuscation and hashing. 2026-05-28 17:13:16 +02:00
12 changed files with 84 additions and 37 deletions
Expand all files Collapse all files

37
.gitea/workflows/obfuscate-main.yml
View File

@@ -1,34 +1,43 @@
name: Obfuscate Main Build
name: Release Build (dev → main)
on:
push:
branches:
- main
- dev
workflow_dispatch:
env:
# Gitea liefert intern oft eine IP; das SSL-Zertifikat gilt für den Hostnamen.
GITEA_HOST: git.hexahost.dev
REPO_PATH: smueller/HexaHost-Frontend
jobs:
obfuscate:
release-build:
if: ${{ !contains(github.event.head_commit.message, '[skip ci]') }}
runs-on: ubuntu-latest
steps:
- name: Checkout
- name: Checkout (volle History)
uses: actions/checkout@v4
with:
fetch-depth: 0
repository-url: https://git.hexahost.dev/smueller/HexaHost-Frontend
ref: dev
- name: Skip loop commits
- name: Merge dev in CI-Workspace (Basis main)
env:
GITEA_TOKEN: ${{ github.token }}
run: |
msg="$(git log -1 --pretty=%B)"
echo "Last commit message: $msg"
if echo "$msg" | grep -q "\[skip ci\]"; then
echo "Skip CI commit detected."
exit 0
git config user.name "gitea-actions"
git config user.email "actions@local"
git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git"
git fetch origin main dev
if git show-ref --verify --quiet refs/remotes/origin/main; then
git checkout -B main origin/main
git merge origin/dev -X theirs --no-edit -m "ci: merge dev for release build"
else
echo "main branch missing, initializing from dev"
git checkout -B main origin/dev
fi
- name: Setup Python
@@ -44,7 +53,7 @@ jobs:
- name: Run release obfuscation
run: python scripts/obfuscate_release.py --root . --hash-assets
- name: Commit obfuscated build
- name: Publish release to main
env:
GITEA_TOKEN: ${{ github.token }}
run: |
@@ -53,8 +62,8 @@ jobs:
git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git"
git add -A
if git diff --cached --quiet; then
echo "No build changes to commit."
echo "No release changes to publish."
exit 0
fi
git commit -m "chore(release): obfuscate and hash production assets [skip ci]"
git push origin HEAD:main
git push origin main

50
.github/workflows/obfuscate-main.yml vendored
View File

@@ -1,44 +1,70 @@
name: Obfuscate Main Build
# Hinweis: Gitea nutzt .gitea/workflows/obfuscate-main.yml (identischer Ablauf).
name: Release Build (dev → main)
on:
push:
branches:
- main
- dev
workflow_dispatch:
permissions:
contents: write
env:
GITEA_HOST: git.hexahost.dev
REPO_PATH: smueller/HexaHost-Frontend
jobs:
obfuscate:
if: github.actor != 'github-actions[bot]'
release-build:
if: ${{ !contains(github.event.head_commit.message, '[skip ci]') }}
runs-on: ubuntu-latest
steps:
- name: Checkout
- name: Checkout (volle History)
uses: actions/checkout@v4
with:
fetch-depth: 0
repository-url: https://git.hexahost.dev/smueller/HexaHost-Frontend
ref: dev
- name: Merge dev in CI-Workspace (Basis main)
env:
GITEA_TOKEN: ${{ github.token }}
run: |
git config user.name "gitea-actions"
git config user.email "actions@local"
git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git"
git fetch origin main dev
if git show-ref --verify --quiet refs/remotes/origin/main; then
git checkout -B main origin/main
git merge origin/dev -X theirs --no-edit -m "ci: merge dev for release build"
else
echo "main branch missing, initializing from dev"
git checkout -B main origin/dev
fi
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: '3.12'
python-version: "3.12"
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: '20'
node-version: "20"
- name: Run release obfuscation
run: python scripts/obfuscate_release.py --root . --hash-assets
- name: Commit obfuscated build
- name: Publish release to main
env:
GITEA_TOKEN: ${{ github.token }}
run: |
git config user.name "gitea-actions"
git config user.email "actions@local"
git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git"
git add -A
if git diff --cached --quiet; then
echo "No build changes to commit."
echo "No release changes to publish."
exit 0
fi
git commit -m "chore(release): obfuscate and hash production assets [skip ci]"
git push
git push origin main

18
README.md
View File

@@ -166,9 +166,21 @@ Für den Produktivbetrieb `public/` als Webroot konfigurieren.
### Production-Build & Veröffentlichung
Der Quellcode bleibt auf `dev`, der veröffentlichte Stand liegt auf `main`.
| Branch | Zweck |
|--------|--------|
| **`dev`** | Entwicklung (lesbarer Code, Kommentare) |
| **`main`** | Release/Produktion (obfuskiert, gehashte Assets) |
Bei jedem Push/Merge auf `main` läuft die GitHub Action `.github/workflows/obfuscate-main.yml` automatisch und führt aus:
**Workflow:** Nur auf `dev` entwickeln und pushen — **nicht** `dev` manuell nach `main` mergen.
Bei jedem Push auf `dev` startet `.gitea/workflows/obfuscate-main.yml`:
1. Checkout in temporärem Runner-Workspace
2. `dev` in CI mit `main` mergen (`-X theirs`, dev-Inhalte bei Konflikten)
3. Obfuscation-Build (`scripts/obfuscate_release.py --hash-assets`)
4. Ergebnis nach `main` pushen (Bot-Commit mit `[skip ci]`)
Der Build führt aus:
- Entfernen von Kommentaren (inkl. Block-Kommentaren) in PHP/JS/CSS
- Minify + Obfuscate für JavaScript
@@ -176,7 +188,7 @@ Bei jedem Push/Merge auf `main` läuft die GitHub Action `.github/workflows/obfu
- Kein Source-Map-Output
- Hashing von JS/CSS-Dateinamen + automatische Referenz-Anpassung
Lokal ausführbar:
Lokal testen (nur in Kopie, nicht committen):
```bash
python scripts/obfuscate_release.py --root . --hash-assets

4
backend/includes/footer.php
View File

@@ -156,8 +156,8 @@
</script>
<script async src="https://www.googletagmanager.com/gtag/js?id=G-EF0E9VPMTD"></script>
<script src="/assets/js/main.4515b4bd4dce.js" defer></script>
<script src="/assets/js/cookie-consent.ef52be4e6bf5.js" defer></script>
<script src="/assets/js/main.b83bb213abc1.js" defer></script>
<script src="/assets/js/cookie-consent.6f0657b52e18.js" defer></script>
<?php if (isset($additional_scripts)): ?>
<?php foreach ($additional_scripts as $script): ?>
<script src="<?php echo htmlspecialchars($script, ENT_QUOTES, 'UTF-8'); ?>" defer></script>

1
public/assets/js/contact.ee450029d017.js Normal file
View File

File diff suppressed because one or more lines are too long

1
public/assets/js/contact.ffda3e07de15.js
View File

File diff suppressed because one or more lines are too long

1
public/assets/js/cookie-consent.6f0657b52e18.js Normal file
View File

File diff suppressed because one or more lines are too long

1
public/assets/js/cookie-consent.ef52be4e6bf5.js
View File

File diff suppressed because one or more lines are too long

1
public/assets/js/main.4515b4bd4dce.js
View File

File diff suppressed because one or more lines are too long

1
public/assets/js/main.b83bb213abc1.js Normal file
View File

File diff suppressed because one or more lines are too long

2
public/contact.php
View File

@@ -8,7 +8,7 @@ $preselected_subject = getPreselectedContactSubject();
$page_title = 'Kontakt - HexaHost.de | Hosting aus Niederbayern';
$page_description = 'Kontaktieren Sie HexaHost.de - Ihr Hosting-Partner aus Niederbayern. Persönlicher Support und kompetente Beratung.';
$current_page = 'contact';
$additional_scripts = ['assets/js/contact.ffda3e07de15.js'];
$additional_scripts = ['assets/js/contact.ee450029d017.js'];
includeHeader($page_title, $page_description, $current_page, $additional_scripts);

4
public/robots.txt
View File

@@ -7,8 +7,8 @@ Disallow: /assets/css/
# Allow CSS and JS files for better SEO
Allow: /assets/css/style.d01979e8c871.css
Allow: /assets/js/main.4515b4bd4dce.js
Allow: /assets/js/contact.ffda3e07de15.js
Allow: /assets/js/main.b83bb213abc1.js
Allow: /assets/js/contact.ee450029d017.js
# Sitemap location
Sitemap: https://hexahost.de/sitemap.xml