Repository: wpengine/github-action-wpe-site-deploy Branch: main Commit: ee70be47c0c0 Files: 29 Total size: 35.8 KB Directory structure: gitextract_mes4if6r/ ├── .changeset/ │ └── config.json ├── .github/ │ ├── CODEOWNERS │ ├── ISSUE_TEMPLATE/ │ │ ├── bug_report.md │ │ └── config.yml │ ├── PULL_REQUEST_TEMPLATE.md │ ├── SUPPORT.md │ ├── actions/ │ │ ├── get-release-notes/ │ │ │ ├── action.yml │ │ │ └── getReleaseNotes.js │ │ └── publish/ │ │ ├── action.yml │ │ └── publish.sh │ └── workflows/ │ ├── e2e-deploy.yml │ ├── lint-files.yml │ ├── release.yml │ └── sonar.yml ├── .gitignore ├── .npmrc ├── .nvmrc ├── .yamllint ├── CHANGELOG.md ├── CONTRIBUTING.md ├── DEVELOPMENT.md ├── LICENSE ├── README.md ├── SECURITY.md ├── action.yml ├── package.json ├── sonar-project.properties └── tests/ └── data/ ├── plugins/ │ └── test-plugin/ │ └── test-plugin.php └── post-deploy/ └── test-plugin.sh ================================================ FILE CONTENTS ================================================ ================================================ FILE: .changeset/config.json ================================================ { "$schema": "https://unpkg.com/@changesets/config@2.1.0/schema.json", "changelog": "@changesets/cli/changelog", "commit": false, "fixed": [], "linked": [], "access": "restricted", "baseBranch": "main", "updateInternalDependencies": "patch", "ignore": [] } ================================================ FILE: .github/CODEOWNERS ================================================ * @wpengine/mario ================================================ FILE: .github/ISSUE_TEMPLATE/bug_report.md ================================================ --- name: Bug report about: Create a report to help us improve title: '' labels: '' assignees: '' --- **Describe the bug** A clear and concise description of the bug goes here. ### To reproduce Any steps, flags, details that can help the team reproduce the issue. ### Expected behavior A clear and concise description of what you expected to happen. ### Build Output & Screenshots Optionally add the relevant build output and screenshots to help explain your problem. ### Version information - Action version: x.x.x - Git version: x.x.x - WordPress version: x.x.x - Operating system: ### Additional context Add any other context about the problem here. ================================================ FILE: .github/ISSUE_TEMPLATE/config.yml ================================================ blank_issues_enabled: true contact_links: - name: Feature requests url: https://github.com/wpengine/github-action-wpe-site-deploy/discussions/new about: Create a new discussion in the "Ideas" category - name: Help requests url: https://my.wpengine.com/support about: Contact WP Engine live chat support for help with configuration or troubleshooting ================================================ FILE: .github/PULL_REQUEST_TEMPLATE.md ================================================ # JIRA Ticket [MARIO-1234](https://wpengine.atlassian.net/browse/MARIO-1234) ## What Are We Doing Here Here is where you should describe the problem you are solving, adding any fine details on the solution that might otherwise not be recognizable for someone unfamiliar with the changes. Add some pictures if it helps. ================================================ FILE: .github/SUPPORT.md ================================================ # Support WP Engine is committed to supporting and maintaining the functionality and security of the Site Deploy GitHub Action. - Questions concerning action configuration and troubleshooting may be raised via [WP Engine live chat support](https://my.wpengine.com/support). - Bug reports may be submitted as [issues](https://github.com/wpengine/github-action-wpe-site-deploy/issues/new?assignees=&labels=&template=bug_report.md&title=). - Feature requests can be submitted as a [new discussion](https://github.com/wpengine/github-action-wpe-site-deploy/discussions/new) in the "Ideas" category. ================================================ FILE: .github/actions/get-release-notes/action.yml ================================================ name: Get release notes description: Retrieves the release notes for a given version from the changelog. inputs: version: description: "Which version's release notes to retrieve." required: true changelog: description: "Path to the changelog." required: true outputs: release_notes: description: "Release notes parsed from the changelog." value: ${{ steps.notes.outputs.RELEASE_NOTES }} runs: using: 'composite' steps: - id: notes run: | notes=$(node ${{ github.action_path }}/getReleaseNotes ${{ inputs.version }} ${{ inputs.changelog }}) echo "RELEASE_NOTES<> $GITHUB_OUTPUT echo "$notes" >> $GITHUB_OUTPUT echo "EOF" >> $GITHUB_OUTPUT shell: bash ================================================ FILE: .github/actions/get-release-notes/getReleaseNotes.js ================================================ #! /usr/bin/env node const [,, ...args] = process.argv; const fs = require('fs/promises'); const path = require("path"); const readFile = (filename) => fs.readFile(filename, { encoding: "utf8" }); (async ()=>{ if (! args[0] || ! args[1] ) { printUsageInstructions(); process.exit(1); } const notes = await getReleaseNotes(args[0], args[1]); process.stdout.write(notes); })(); /** * Retrieves the changelog entry for a particular version. * * Expects the changelog to be a markdown file as generated by Changesets. * * @param {String} version The version number to get notes for. * @param {String} changelogPath Path to the CHANGELOG.md file. */ async function getReleaseNotes(version, changelogPath) { changelogPath = path.resolve(changelogPath); let changelog = await readFile(changelogPath); const versionStart = changelog.indexOf(`## ${version}`); if ( versionStart < 0 ) { throw new Error(`Version ${version} does not exist in ${changelogPath}`); } changelog = changelog.substring( versionStart ); // split the contents by new line const changelogLines = changelog.split(/\r?\n/); // we don't need the version heading in release notes, so drop the first line changelogLines.shift(); const processedLines = []; // print all lines in current version changelogLines.every((line) => { // Version numbers in CHANGELOG.md are h2, so we've hit the next version if (line.startsWith("## ")) { return false; } if (line.startsWith("### ")) { // Make h3 into h2 line = line.replace("### ", "## "); } processedLines.push(line); return true; }); return processedLines.join("\n"); } function printUsageInstructions() { usage = "Usage: node getReleaseNotes \n"; usage += "\n"; usage += "Example use:\n"; usage += " node getReleaseNotes 3.0.1 ../CHANGELOG.md\n"; console.info(usage); } ================================================ FILE: .github/actions/publish/action.yml ================================================ name: Publish release tags description: Ensures major, minor, and patch version tags for a given version. inputs: version: description: 'Patch version to publish.' required: true outputs: published: description: 'Whether a new version was published.' value: ${{ steps.publish.outputs.PUBLISHED }} runs: using: 'composite' steps: - id: publish run: "${{ github.action_path }}/publish.sh ${{ inputs.version }}" shell: bash ================================================ FILE: .github/actions/publish/publish.sh ================================================ #!/bin/bash set -e print_usage_instructions() { echo "Usage: bash publish.sh "; echo ""; echo "Example use:"; echo " bash publish.sh 3.1.1"; exit 1 } if [ $# -eq 0 ]; then print_usage_instructions fi version="$1" # We will only handle versions >= v1 in the format {MAJOR}.{MINOR}?.{PATCH}? # capture 1: major number # capture 2: minor number with dot # capture 3: minor number without dot # capture 4: patch number with dot # capture 5: patch number without dot VERSION_REGEX="^([1-9][0-9]*)(\.(0|[1-9][0-9]*)){0,1}(\.(0|[1-9][0-9]*)){0,1}$" PUBLISHED='false' if [[ "$version" =~ $VERSION_REGEX ]] ; then majorTag="v${BASH_REMATCH[1]}" minorTag="$majorTag.${BASH_REMATCH[3]:-0}" patchTag="$minorTag.${BASH_REMATCH[5]:-0}" tagsToUpdate=("$majorTag" "$minorTag") else echo "Provided version does not match the format \"{MAJOR}.{MINOR}?.{PATCH}?\". Skipping tag updates." exit 0 fi if [ "$(git tag -l "$patchTag")" ]; then echo "Version $patchTag has already been released! Skipping tag updates." exit 0 else echo "Creating tag: $patchTag" git tag -a "$patchTag" -m " Release $patchTag" git push origin "$patchTag" PUBLISHED='true' fi for tag in "${tagsToUpdate[@]}"; do message="Release $patchTag" if [ "$(git tag -l "$tag")" ]; then echo "Updating tag: $tag" message="Update to $patchTag" else echo "Creating tag: $tag" fi git tag -fa "$tag" -m "$message" git push origin "$tag" --force done echo "PUBLISHED=$PUBLISHED" >> $GITHUB_OUTPUT ================================================ FILE: .github/workflows/e2e-deploy.yml ================================================ name: Test e2e Deploy to WP Engine on: schedule: - cron: '*/60 * * * *' push: branches: - main pull_request: branches: - main concurrency: group: ${{ github.workflow }}-main cancel-in-progress: false jobs: run_action: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Bump test plugin version number run: sed -i 's/0.0.1/0.0.2/' tests/data/plugins/test-plugin/test-plugin.php - name: GitHub Action Deploy to WP Engine uses: ./ with: # Deploy vars WPE_SSHG_KEY_PRIVATE: ${{ secrets.WPE_SSHG_KEY_PRIVATE }} WPE_ENV: ghae2e # Deploy Options SRC_PATH: "tests/data/plugins/test-plugin" REMOTE_PATH: "wp-content/plugins/" PHP_LINT: true FLAGS: -r --backup --backup-dir=/tmp --itemize-changes SCRIPT: "tests/data/post-deploy/test-plugin.sh" CACHE_CLEAR: true - name: Fetch deploy results id: fetchResult uses: fjogeleit/http-request-action@v1 with: url: "https://ghae2e.wpengine.com/wp-content/plugins/test-plugin/status.json" - name: Validate deploy results run: | [ ${{ fromJson(steps.fetchResult.outputs.response).status }} = "success" ] || exit 1 ================================================ FILE: .github/workflows/lint-files.yml ================================================ --- name: Lint GHA Files on: push: branches: - main pull_request: branches: - main jobs: lint: runs-on: ubuntu-latest steps: - name: Lint files uses: actions/checkout@v4 - run: echo "Running shell script lint!" - run: find . -name "*.sh" -type f | xargs -I {} shellcheck --severity=error {} - run: echo "Running yml file lint!" - run: find . -name "*.yml" -type f | xargs -I {} yamllint {} ================================================ FILE: .github/workflows/release.yml ================================================ name: Version and Release on: push: branches: - main concurrency: ${{ github.workflow }}-${{ github.ref }} jobs: versioning: name: Versioning runs-on: ubuntu-latest outputs: hasChangesets: ${{ steps.changesets.outputs.hasChangesets }} version: ${{ steps.version.outputs.CURRENT_VERSION }} steps: - name: Checkout Repo uses: actions/checkout@v4 - name: Setup Node.js 20.x uses: actions/setup-node@v4 with: node-version: 20.x - name: Install Dependencies run: npm ci - name: Create Release Pull Request id: changesets uses: changesets/action@v1 with: commit: "Version Action" title: "Version Action" version: npm run version env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Get current version id: version run: echo "CURRENT_VERSION=$(node -p "require('./package.json').version")" >> $GITHUB_OUTPUT release: name: Release runs-on: ubuntu-latest needs: versioning if: needs.versioning.outputs.hasChangesets == 'false' steps: - name: Checkout Repo uses: actions/checkout@v4 with: fetch-depth: 0 - name: Configure git run: | git config user.name github-actions[bot] git config user.email github-actions[bot]@users.noreply.github.com - name: Setup Node.js 20.x uses: actions/setup-node@v4 with: node-version: 20.x - name: Publish tags id: publish uses: ./.github/actions/publish with: version: ${{ needs.versioning.outputs.version }} - name: Get release notes id: notes if: steps.publish.outputs.published == 'true' uses: ./.github/actions/get-release-notes with: version: ${{ needs.versioning.outputs.version }} changelog: ./CHANGELOG.md - name: Create release if: steps.notes.outputs.release_notes uses: softprops/action-gh-release@1e07f4398721186383de40550babbdf2b84acfc5 with: body: ${{ steps.notes.outputs.release_notes }} tag_name: v${{ needs.versioning.outputs.version }} ================================================ FILE: .github/workflows/sonar.yml ================================================ on: # Trigger analysis for pushes and pull requests push: branches: - main pull_request: types: [opened, synchronize, reopened] name: SonarQube jobs: domino_quality_gate: runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 with: # Fetch full history for better SCM information fetch-depth: 0 - name: Run SonarQube Scan uses: sonarsource/sonarqube-scan-action@master env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} - name: Quality Gate Check uses: sonarsource/sonarqube-quality-gate-action@master timeout-minutes: 5 env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} ================================================ FILE: .gitignore ================================================ node_modules .DS_Store ================================================ FILE: .npmrc ================================================ engine-strict=true ================================================ FILE: .nvmrc ================================================ v20 ================================================ FILE: .yamllint ================================================ --- rules: line-length: max: 120 truthy: {check-keys: false} ================================================ FILE: CHANGELOG.md ================================================ # @wpengine/github-action-wpe-site-deploy ## 3.2.9 ### Patch Changes - cbc333d: Bump wpengine/site-deploy image version [1.0.7](https://github.com/wpengine/site-deploy/releases/tag/v1.0.7) ## 3.2.8 ### Patch Changes - d903a96: Bump wpengine/site-deploy image version [1.0.6](https://github.com/wpengine/site-deploy/releases/tag/v1.0.6) ## 3.2.7 ### Patch Changes - 1de7e02: Bump wpengine/site-deploy image version [1.0.5](https://github.com/wpengine/site-deploy/releases/tag/v1.0.5) ## 3.2.6 ### Patch Changes - 0a8b985: Bump wpengine/site-deploy image version 1.0.4 ## 3.2.5 ### Patch Changes - 24a71db: Update wpengine/site-deploy image to 1.0.3 ## 3.2.4 ### Patch Changes - 34b3009: Update link to exclude.txt - 1a754af: Bump @changesets/cli > 2.26.2 (resolves semver vulnerability) - 4e010b0: Update wpengine/site-deploy image to 1.0.2 ## 3.2.3 ### Patch Changes - 2bc933a: Update wpengine/site-deploy image to 1.0.1 ## 3.2.2 ### Patch Changes - 42002e5: Fixes an issue in v3.2.1 where the action may fail to resolve the public Docker image ## 3.2.1 ### Patch Changes - cecc467: [CICD-217] Replace split image with site-deploy combined image ## 3.2.0 ### Minor Changes - 24c8aaf: Add CDN cache clearing ability to the CACHE_CLEAR flag. ### Patch Changes - 7301b87: Improve performance by utilizing pre-built Docker Image. ## 3.1.1 ### Patch Changes - 0da65a6: Prevent plugin and theme conflicts from adversely affecting cache clear ## 3.1.0 ### Minor Changes - 559547c: Copy post-deploy `SCRIPT` to the remote if it exists in the repo but not on the remote. This allows for storing script files outside of `SRC_PATH`. [#12](https://github.com/wpengine/github-action-wpe-site-deploy/pull/12) ### Patch Changes - 559547c: Fix action failures caused by attempts to rsync wpe-cache-plugin [#8](https://github.com/wpengine/github-action-wpe-site-deploy/pull/8) ================================================ FILE: CONTRIBUTING.md ================================================ # Contributing Thanks for your interest in contributing! There are several ways to get involved: - Discuss open [issues](https://github.com/wpengine/github-action-wpe-site-deploy/issues). - Submit [bugs](https://github.com/wpengine/github-action-wpe-site-deploy/issues/new?assignees=&labels=&template=bug_report.md&title=) and help us verify fixes as they are checked in. - Open or participate in [discussions](https://github.com/wpengine/github-action-wpe-site-deploy/discussions) regarding feature requests. ================================================ FILE: DEVELOPMENT.md ================================================ # Development ## Getting Started Before you get started, we recommend installing [Node Version Manager](https://github.com/nvm-sh/nvm#installing-and-updating) to help manage `node` and `npm` versions. Next, from your local copy of the action run `nvm use` and `npm install`. You're ready to start coding! ## Git Workflows We use the [feature branch workflow](https://www.atlassian.com/git/tutorials/comparing-workflows/feature-branch-workflow). The workflow for a typical code change looks like this: 1. Create a new branch for the feature. 2. Make changes to the code. 3. Use `npx changeset` to create a changeset describing the change to users. 4. Commit your changes. 5. Open a pull request to the `main` branch. 6. Once all checks are passing and the PR is approved, Squash and Merge into the `main` branch. ## Updating the Docker Image The docker image that this action relies on is managed in https://github.com/wpengine/site-deploy. After a new `wpengine/site-deploy` image is released and tagged: 1. Create a new branch. 2. Update the tag in [./action.yml](./action.yml). 3. Use `npx changeset` to create a changeset describing the change to users. 4. Commit your changes. 5. Open a pull request to the `main` branch. 6. Once all checks are passing and the PR is approved, Squash and Merge into the `main` branch. ## Creating a release We use [Changesets](https://github.com/changesets/changesets) to automate versioning and releasing. 1. Go to pull requests and view the automated "Version Action" PR. 2. Review the PR: - [ ] Changelog entries were created. - [ ] Version number in package.json was bumped. - [ ] All `.changeset/*.md` files were removed. 3. Approve, then "Squash and merge" the PR into `main`. Merging the versioning PR will run a workflow that creates or updates all necessary tags. It will also create a new release in GitHub. ================================================ FILE: LICENSE ================================================ MIT License Copyright (c) 2021 WP Engine Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ================================================ FILE: README.md ================================================ ![WP Engine GitHub Actions Site Deployment](docs/images/banner.jpg) [![Test e2e Deploy to WP Engine](https://github.com/wpengine/github-action-wpe-site-deploy/actions/workflows/e2e-deploy.yml/badge.svg)](https://github.com/wpengine/github-action-wpe-site-deploy/actions/workflows/e2e-deploy.yml) [![Lint GHA Files](https://github.com/wpengine/github-action-wpe-site-deploy/actions/workflows/lint-files.yml/badge.svg)](https://github.com/wpengine/github-action-wpe-site-deploy/actions/workflows/lint-files.yml) [![Version and Release](https://github.com/wpengine/github-action-wpe-site-deploy/actions/workflows/release.yml/badge.svg)](https://github.com/wpengine/github-action-wpe-site-deploy/actions/workflows/release.yml) # WP Engine GitHub Action for Site Deployment Use this GitHub Action to deploy code from a GitHub repo to a WP Engine environment of your choosing. If you do not have a WP Engine Account, [click here to get started!](https://wpengine.com/plans/?utm_content=wpe_gha) If you do have an account, check out our guided [step-by-step instructions](https://my.wpengine.com/profile/github_action). This action enables you to: * Deploy a full site directory or subdirectory of your WordPress install * Perform a PHP Lint * Customize rsync flags * Clear cache * Execute a post-deploy script of your choosing ## Setup Instructions 1. **SSH PUBLIC KEY SETUP IN WP ENGINE** * [Generate a new SSH key pair](https://wpengine.com/support/ssh-keys-for-shell-access/#Generate_New_SSH_Key?utm_content=wpe_gha) if you have not already done so. Please note that this SSH Key needs to be *passwordless*. * Add *SSH Public Key* to WP Engine SSH Gateway Key settings. [This Guide will show you how.](https://wpengine.com/support/ssh-gateway/#Add_SSH_Key?utm_content=wpe_gha) 2. **SSH PRIVATE KEY SETUP IN GITHUB** * Add the *SSH Private Key* to your [Repository Secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-a-repository) or your [Organization Secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-an-organization). Save the new secret "Name" as `WPE_SSHG_KEY_PRIVATE`. 3. **YML SETUP** * Create `.github/workflows/main.yml` directory and file locally. Copy and paste the configuration from below, replacing the value under `branches:` and the value for `WPE_ENV:`. * To deploy from another branch, simply create another yml file locally for that branch, such as `.github/workflows/stage.yml` and replace the values for `branches:` and `WPE_ENV:` for that workflow. This provides the ability to perform a different workflow for different branches/environments. Consult ["Environment Variable & Secrets"](#environment-variables--secrets) for more available options. 4. Git push your site GitHub repo. The action will do the rest! View your actions progress and logs by navigating to the "Actions" tab in your repo. ## Example GitHub Action workflow ### Simple main.yml: ```yml name: Deploy to WP Engine on: push: branches: - main jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: GitHub Action Deploy to WP Engine uses: wpengine/github-action-wpe-site-deploy@v3 with: WPE_SSHG_KEY_PRIVATE: ${{ secrets.WPE_SSHG_KEY_PRIVATE }} WPE_ENV: ``` ### Extended main.yml ```yml name: Deploy to WP Engine on: push: branches: - main jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: GitHub Action Deploy to WP Engine uses: wpengine/github-action-wpe-site-deploy@v3 with: # Deploy vars WPE_SSHG_KEY_PRIVATE: ${{ secrets.WPE_SSHG_KEY_PRIVATE }} WPE_ENV: # Deploy Options SRC_PATH: "wp-content/themes/genesis-child-theme/" REMOTE_PATH: "wp-content/themes/genesis-child-theme/" PHP_LINT: TRUE FLAGS: -azvr --inplace --delete --exclude=.* --exclude=wp-content/mu-plugins/local-plugin --exclude-from=.deployignore SCRIPT: "path/yourscript.sh" CACHE_CLEAR: TRUE ``` ## Environment Variables & Secrets ### Required | Name | Type | Usage | |-|-|-| | `WPE_SSHG_KEY_PRIVATE` | secrets | Private SSH Key for the SSH Gateway and deployment. See below for SSH key usage. | ### Deploy Options | Name | Type | Usage | |---------------|--------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | `WPE_ENV` | string | Insert the name of the WP Engine environment you want to deploy to. This also has an alias of `PRD_ENV`, `STG_ENV`, or `DEV_ENV` for multi-step workflows. | | `SRC_PATH` | string | Optional path to specify a directory within the repo to deploy from. Ex. `"wp-content/themes/genesis-child-theme/"`. Defaults to root of repo filesystem as source.

**Note:** Including a trailing slash ensures that the contents of the specified directory are copied, while omitting the trailing slash results in the directory itself being copied, including its contents. | | `REMOTE_PATH` | string | Optional path to specify a directory destination to deploy to. Ex. `"wp-content/themes/genesis-child-theme/"` . Defaults to WordPress root directory on WP Engine. | | `PHP_LINT` | bool | Set to TRUE to execute a php lint on your branch pre-deployment. Default is `FALSE`. | | `FLAGS` | string | Set optional rsync flags such as `--delete` or `--exclude-from`. The extended example above is excluding paths specified in a `.deployignore` file in the root of the repo. This action defaults to a non-destructive deploy.

For flags that contain whitespace, use single quotes around the flag's value:

`FLAGS: -azvr --filter=':- .gitignore'`

For flags that do not contain whitespace, quotes are unnecessary.

**Default:** `-azvr --inplace --exclude=.*`

_Caution: Setting custom rsync flags replaces the default flags provided by this action. Consider also adding the `-azvr` flags as needed.
`-a` preserves symbolic links, timestamps, user permissions and ownership.
`-z` is for compression
`-v` is for verbose output
`-r` is for recursive directory scanning_ | | `SCRIPT` | string | Remote bash file to execute post-deploy. This can include WP_CLI commands for example. Path is relative to the WP root and file executes on remote. This file can be included in your repo, or be a persistent file that lives on your server. | | `CACHE_CLEAR` | bool | Optionally clear page and CDN cache post deploy. This takes a few seconds. Default is TRUE. | ### Further reading * **NOTE:** This Action DOES NOT utilize WP Engine GitPush or the GitPush SSH keys [found here.](https://wpengine.com/support/git/#Add_SSH_Key_to_User_Portal?utm_content=wpe_gha) * **TIP:** If using a GitHub Organization, adding the SSH key to the [Organization Secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-an-organization) will allow all repos to reference the same SSH key for deploys using the method in the sample `main.yml`. The SSH Key also connects to all installs made available to its WP Engine User. One key can then effectively be used to deploy all projects to their respective sites on WP Engine. Less work. More deploys! * [Defining environment variables in GitHub Actions](https://docs.github.com/en/actions/reference/environment-variables) * [Storing secrets in GitHub repositories](https://docs.github.com/en/actions/reference/encrypted-secrets) * It is recommended to leverage one of [WP Engine's .gitignore templates.](https://wpengine.com/support/git/#Add_gitignore?utm_content=wpe_gha) * This action excludes several files and directories from the deploy by default. See the [exclude_from_root.txt](https://github.com/wpengine/site-deploy/blob/main/tests/fixtures/excludes/exclude_from_root.txt) for reference. ## Versioning We follow [SemVer](https://semver.org/) and [GitHub's action versioning recommendations](https://github.com/actions/toolkit/blob/01e1ff7bc04e1c57c980a0d1530478a5b60cf812/docs/action-versioning.md) for maintaining major, minor, and patch [version tags](https://github.com/wpengine/github-action-wpe-site-deploy/tags). Patch tags (e.g. `v1.1.1`) are created for each release and will not move once created. Major tags (e.g. `v1`) and minor tags (e.g. `v1.1`) will be updated to track their respective latest versions. We recommend binding this action to the latest major tag so that you will receive backwards compatible updates. ================================================ FILE: SECURITY.md ================================================ # Security At WP Engine, we take security seriously. We appreciate our community’s involvement in finding and fixing security issues on our platform. ## Reporting a Security Issue If you have found a security vulnerability or other security issue on WP Engine and are a WP Engine customer, please [contact WP Engine support](https://my.wpengine.com/support?#general-issue). If you are not a WP Engine customer, please submit security vulnerabilities or other security issues via our Intigriti Vulnerability Disclosure Program at https://app.intigriti.com/programs/wpengine/wpengine/detail. A member of our security or support team will follow up with you regarding the issue shortly. Thank you for reporting your security concern with us! ================================================ FILE: action.yml ================================================ --- name: "Deploy WordPress to WP Engine" branding: icon: "upload-cloud" color: "blue" description: "Deploy WordPress projects to a WP Engine account using SSH Gateway" inputs: WPE_SSHG_KEY_PRIVATE: description: "The private RSA key you will save in the Github Secrets" required: true PHP_LINT: description: "optional php syntax check" required: false default: false FLAGS: description: "Optional flags for the deployment" required: true default: '-azvr --inplace --exclude=".*"' CACHE_CLEAR: description: "Optional WPE Clear cache" required: false default: true SRC_PATH: description: "An optional source directory to deploy other than the root directory that is being versioned." default: "." required: false REMOTE_PATH: description: "An optional destination directory to deploy to other than the WordPress root." default: "" required: false WPE_ENV: description: "Destination to deploy to WPE" required: false PRD_ENV: description: "Destination to deploy to WPE Prod" required: false STG_ENV: description: "Destination to deploy to WPE Stage" required: false DEV_ENV: description: "Destination to deploy to WPE Dev" required: false SCRIPT: description: "File containing custom scripts run after the rsync" required: false runs: using: "docker" image: docker://wpengine/site-deploy:1.0.7 env: WPE_SSHG_KEY_PRIVATE: ${{ inputs.WPE_SSHG_KEY_PRIVATE }} WPE_ENV: ${{ inputs.WPE_ENV }} PRD_ENV: ${{ inputs.PRD_ENV }} STG_ENV: ${{ inputs.STG_ENV }} DEV_ENV: ${{ inputs.DEV_ENV }} REMOTE_PATH: ${{ inputs.REMOTE_PATH }} SRC_PATH: ${{ inputs.SRC_PATH }} FLAGS: ${{ inputs.FLAGS }} PHP_LINT: ${{ inputs.PHP_LINT }} CACHE_CLEAR: ${{ inputs.CACHE_CLEAR }} SCRIPT: ${{ inputs.SCRIPT }} ================================================ FILE: package.json ================================================ { "name": "@wpengine/github-action-wpe-site-deploy", "version": "3.2.9", "private": true, "engines": { "node": ">=20", "npm": ">=9" }, "dependencies": {}, "devDependencies": { "@changesets/cli": "^2.29.8" }, "scripts": { "version": "changeset version && npm install --package-lock-only" } } ================================================ FILE: sonar-project.properties ================================================ # Server and project configuration sonar.projectVersion=1.0-beta sonar.sourceEncoding=UTF-8 sonar.scm.provider=git # Project identifiers sonar.projectName=github-action-wpe-site-deploy sonar.projectKey=wpengine_github-action-wpe-site-deploy_2cd09997-922e-4fc9-b1ba-46178d41a6ce # Individual configurations # Paths to source code directories (use relative paths) sonar.sources=. # # Additional parameters for advanced configurations # sonar.exclusions=**/docs/**, **/tests/**, **/node_modules/** ================================================ FILE: tests/data/plugins/test-plugin/test-plugin.php ================================================ true )); } ================================================ FILE: tests/data/post-deploy/test-plugin.sh ================================================ #!/bin/sh BACKUP_DIR=/tmp PLUGINS_DIR=wp-content/plugins PLUGIN_NAME=test-plugin STATUS_FILE=status.json cleanup() { rm tests/data/post-deploy/test-plugin.sh } trap cleanup EXIT # Get the the new plugin version AFTER_PLUGIN_VERSION=$(wp plugin get $PLUGIN_NAME | sed -n "/version/p" | cut -f2) echo "New test plugin version: $AFTER_PLUGIN_VERSION" # Revert to backup created by rsync if it exists if [ -d $BACKUP_DIR/$PLUGIN_NAME ]; then rm -rf $PLUGINS_DIR/$PLUGIN_NAME && mv $BACKUP_DIR/$PLUGIN_NAME $PLUGINS_DIR/ fi # Get the old plugin version BEFORE_PLUGIN_VERSION=$(wp plugin get $PLUGIN_NAME | sed -n "/version/p" | cut -f2) echo "Old test plugin version: $BEFORE_PLUGIN_VERSION" # Check that the expected update was made if [ -z "$BEFORE_PLUGIN_VERSION" ] || [ -z "$AFTER_PLUGIN_VERSION" ] || [ "$BEFORE_PLUGIN_VERSION" = "$AFTER_PLUGIN_VERSION" ]; then echo "Failure: Test plugin was not updated!" echo "{\"status\": \"failure\"}" > $PLUGINS_DIR/$PLUGIN_NAME/$STATUS_FILE else echo "Success: Test plugin successfully updated from $BEFORE_PLUGIN_VERSION to $AFTER_PLUGIN_VERSION!" echo "{\"status\": \"success\"}" > $PLUGINS_DIR/$PLUGIN_NAME/$STATUS_FILE fi