smueller/HexaHost-Web-Prod
1
0
Fork 0
mirror of https://git.hexahost.dev/smueller/HexaHost-Frontend.git synced 2026-06-02 10:28:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: smueller:main
Branches Tags
smueller:main smueller:ci smueller:dev
...
compare: smueller:bbc3cbae4e00579be1ed2a17f7a5d22021166e34
Branches Tags
smueller:main smueller:ci smueller:dev

1 Commits
main ... bbc3cbae4e

Author SHA1 Message Date
smueller
bbc3cbae4e Update README and workflows for release process: Clarified branch usage and workflow steps in README.md, emphasizing the new ci branch for integration. Adjusted Gitea and GitHub workflows to reflect the change from dev to ci for triggering release builds, ensuring a streamlined and consistent obfuscation process for production assets. 2026-05-29 10:42:08 +02:00
3 changed files with 56 additions and 53 deletions
Expand all files Collapse all files

39
.gitea/workflows/obfuscate-main.yml
View File

@@ -1,9 +1,9 @@
name: Release Build (dev → main) name: Release Build (ci → main)
on: on:
push: push:
branches: branches:
- dev - ci
workflow_dispatch: workflow_dispatch:
env: env:
@@ -16,29 +16,12 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout (volle History) - name: Checkout ci (Integration)
uses: actions/checkout@v4 uses: actions/checkout@v4
with: with:
fetch-depth: 0 fetch-depth: 0
repository-url: https://git.hexahost.dev/smueller/HexaHost-Frontend repository-url: https://git.hexahost.dev/smueller/HexaHost-Frontend
ref: dev ref: ci
- name: Merge dev in CI-Workspace (Basis main)
env:
GITEA_TOKEN: ${{ github.token }}
run: |
git config user.name "gitea-actions"
git config user.email "actions@local"
git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git"
git fetch origin main dev
if git show-ref --verify --quiet refs/remotes/origin/main; then
git checkout -B main origin/main
git merge origin/dev -X theirs --no-edit -m "ci: merge dev for release build"
else
echo "main branch missing, initializing from dev"
git checkout -B main origin/dev
fi
- name: Setup Python - name: Setup Python
uses: actions/setup-python@v5 uses: actions/setup-python@v5
@@ -60,10 +43,20 @@ jobs:
git config user.name "gitea-actions" git config user.name "gitea-actions"
git config user.email "actions@local" git config user.email "actions@local"
git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git" git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git"
git fetch origin main ci
git add -A git add -A
if git diff --cached --quiet; then if git diff --cached --quiet; then
echo "No release changes to publish." echo "No release changes to publish."
exit 0 exit 0
fi fi
git commit -m "chore(release): obfuscate and hash production assets [skip ci]"
git push origin main TREE=$(git write-tree)
MSG="chore(release): obfuscate and hash production assets [skip ci]"
if git show-ref --verify --quiet refs/remotes/origin/main; then
PARENT=$(git rev-parse origin/main)
COMMIT=$(git commit-tree "$TREE" -p "$PARENT" -m "$MSG")
else
COMMIT=$(git commit-tree "$TREE" -m "$MSG")
fi
git push origin "${COMMIT}:refs/heads/main"

39
.github/workflows/obfuscate-main.yml vendored
View File

@@ -1,10 +1,10 @@
# Hinweis: Gitea nutzt .gitea/workflows/obfuscate-main.yml (identischer Ablauf). # Hinweis: Gitea nutzt .gitea/workflows/obfuscate-main.yml (identischer Ablauf).
name: Release Build (dev → main) name: Release Build (ci → main)
on: on:
push: push:
branches: branches:
- dev - ci
workflow_dispatch: workflow_dispatch:
env: env:
@@ -17,29 +17,12 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout (volle History) - name: Checkout ci (Integration)
uses: actions/checkout@v4 uses: actions/checkout@v4
with: with:
fetch-depth: 0 fetch-depth: 0
repository-url: https://git.hexahost.dev/smueller/HexaHost-Frontend repository-url: https://git.hexahost.dev/smueller/HexaHost-Frontend
ref: dev ref: ci
- name: Merge dev in CI-Workspace (Basis main)
env:
GITEA_TOKEN: ${{ github.token }}
run: |
git config user.name "gitea-actions"
git config user.email "actions@local"
git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git"
git fetch origin main dev
if git show-ref --verify --quiet refs/remotes/origin/main; then
git checkout -B main origin/main
git merge origin/dev -X theirs --no-edit -m "ci: merge dev for release build"
else
echo "main branch missing, initializing from dev"
git checkout -B main origin/dev
fi
- name: Setup Python - name: Setup Python
uses: actions/setup-python@v5 uses: actions/setup-python@v5
@@ -61,10 +44,20 @@ jobs:
git config user.name "gitea-actions" git config user.name "gitea-actions"
git config user.email "actions@local" git config user.email "actions@local"
git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git" git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git"
git fetch origin main ci
git add -A git add -A
if git diff --cached --quiet; then if git diff --cached --quiet; then
echo "No release changes to publish." echo "No release changes to publish."
exit 0 exit 0
fi fi
git commit -m "chore(release): obfuscate and hash production assets [skip ci]"
git push origin main TREE=$(git write-tree)
MSG="chore(release): obfuscate and hash production assets [skip ci]"
if git show-ref --verify --quiet refs/remotes/origin/main; then
PARENT=$(git rev-parse origin/main)
COMMIT=$(git commit-tree "$TREE" -p "$PARENT" -m "$MSG")
else
COMMIT=$(git commit-tree "$TREE" -m "$MSG")
fi
git push origin "${COMMIT}:refs/heads/main"

31
README.md
View File

@@ -169,16 +169,33 @@ Für den Produktivbetrieb `public/` als Webroot konfigurieren.
| Branch | Zweck | | Branch | Zweck |
|--------|--------| |--------|--------|
| **`dev`** | Entwicklung (lesbarer Code, Kommentare) | | **`dev`** | Entwicklung (lesbarer Code, Kommentare) |
| **`main`** | Release/Produktion (obfuskiert, gehashte Assets) | | **`ci`** | Integration (du mergst `dev` hierher) |
| **`main`** | Release/Produktion (obfuskiert, gehashte Assets — nur per Pipeline) |
**Workflow:** Nur auf `dev` entwickeln und pushen — **nicht** `dev` manuell nach `main` mergen. **Ablauf: `dev` → `ci` → `main`**
Bei jedem Push auf `dev` startet `.gitea/workflows/obfuscate-main.yml`: 1. Auf **`dev`** entwickeln und pushen
2. **`dev` nach `ci` mergen** (manuell, z. B. in Gitea oder lokal)
3. **`ci` pushen** → startet `.gitea/workflows/obfuscate-main.yml`
4. Pipeline obfuskiert im Runner-Workspace und publiziert nach **`main`**
1. Checkout in temporärem Runner-Workspace ```powershell
2. `dev` in CI mit `main` mergen (`-X theirs`, dev-Inhalte bei Konflikten) # Nach fertigen Änderungen auf dev:
3. Obfuscation-Build (`scripts/obfuscate_release.py --hash-assets`) git checkout ci
4. Ergebnis nach `main` pushen (Bot-Commit mit `[skip ci]`) git pull origin ci
git merge dev
git push origin ci
```
Bei jedem Push auf **`ci`**:
1. Checkout von `ci` im temporären Runner-Workspace
2. Obfuscation-Build (`scripts/obfuscate_release.py --hash-assets`)
3. Ergebnis nach `main` pushen (Bot-Commit mit `[skip ci]`)
**Nicht** `dev` oder `ci` direkt nach `main` mergen. Der Branch **`ci` bleibt lesbar** — Obfuscation wird nur nach `main` publiziert.
`ci`-Branch einmalig anlegen (falls noch nicht vorhanden): `git checkout -b ci dev && git push -u origin ci`
Der Build führt aus: Der Build führt aus: