action.yml

name: 'Deploy a release to the server'
description: 'Copy and configure a new release to the target server'
inputs:
  ssh_user:
    description: 'SSH user account'
    required: true
  ssh_host:
    description: 'SSH host server'
    required: true
  ssh_key:
    description: 'SSH private key'
    required: true
  ssh_user_jumphost:
    description: 'SSH user account for jumphost'
    required: false
    default: ''
  ssh_host_jumphost:
    description: 'SSH host server for jumphost'
    required: false
    default: ''
  release_id:
    description: 'Name of the release where new release is installed (e.g. release-68cdf63)'
    required: true
  release_filename:
    description: 'Name of the resulted release archive (e.g. release-68cdf63.tar.gz)'
    required: true
  project_dir:
    description: 'Absolute path where the project root is configured (where live symlink exists)'
    required: true
  artifacts_dir:
    description: 'Absolute path where the artifacts will be deployed'
    required: true
  settings_file:
    description: 'Absolute path where settings.local.php file is located'
    required: true
  env_file:
    description: 'Absolute path where .env file is located'
    required: false
    default: ''
  robo_file:
    description: 'Absolute path where robo.yml file is located'
    required: false
    default: ''
  drush_yml_file:
    description: 'Absolute path to drush.yml file for this website'
    required: false
    default: ''
  local_services_file:
    description: 'Absolute path where local.services.yml file is located'
    required: false
    default: ''
  public_files_dir:
    description: 'Absolute path where public files directory is located'
    required: true
  database_dump_dir:
    description: 'Absolute path where database dump directory is located'
    required: false
    default: ''
  artifacts_lifespan:
    description: 'The number of days after which the artifacts are deleted. Cleanup disabled by default'
    required: false
    default: '0'
  check_config:
    description: 'Check if there are configuration changes in the Drupal database not exported in config. Fail if true.'
    required: false
    default: 'false'
  sql_backup:
    description: 'Create a SQL database backup before doing the deployment (with release filename)'
    required: false
    default: 'false'

runs:
  using: "composite"
  steps:
    - name: 'Configure SSH'
      if:  ${{ inputs.ssh_host_jumphost == '' }}
      run: |
        mkdir -p ~/.ssh/
        echo "$SSH_KEY" > ~/.ssh/server.key
        chmod 600 ~/.ssh/server.key
        cat > ~/.ssh/config <<END
        Host server
          HostName $SSH_HOST
          User $SSH_USER
          IdentityFile ~/.ssh/server.key
          StrictHostKeyChecking no
        END
      env:
        SSH_USER: ${{ inputs.ssh_user }}
        SSH_HOST: ${{ inputs.ssh_host }}
        SSH_KEY: ${{ inputs.ssh_key }}
      shell: bash

    - name: 'Configure SSH'
      if:  ${{ inputs.ssh_host_jumphost != '' }}
      run: |
        mkdir -p ~/.ssh/
        echo "$SSH_KEY" > ~/.ssh/server.key
        chmod 600 ~/.ssh/server.key
        cat > ~/.ssh/config <<END
        Host jumphost
          HostName $SSH_HOST_JUMPHOST
          User $SSH_USER_JUMPHOST
          IdentityFile ~/.ssh/server.key
          StrictHostKeyChecking no
          LogLevel QUIET
        Host server
          HostName $SSH_HOST
          User $SSH_USER
          IdentityFile ~/.ssh/server.key
          StrictHostKeyChecking no
          ProxyJump jumphost
        END
      env:
        SSH_USER: ${{ inputs.ssh_user }}
        SSH_HOST: ${{ inputs.ssh_host }}
        SSH_KEY: ${{ inputs.ssh_key }}
        SSH_USER_JUMPHOST: ${{ inputs.ssh_user_jumphost }}
        SSH_HOST_JUMPHOST: ${{ inputs.ssh_host_jumphost }}
      shell: bash

    - name: 'Check for Drupal schema changes'
      if:  ${{ inputs.check_config == 'true' }}
      run: |
        ssh server 'cd ${{ inputs.project_dir }} && ./vendor/bin/drush config:status 2>&1 | grep -i -q -s "No differences" ; if [[ $? == 0 ]]; then echo "No changes, deployment can continue ..."; else echo "Deployment aborted due to the following changes"; echo "no" | ./vendor/bin/drush cex --diff; fi'
      shell: bash

    - name: 'Create SQL database backup'
      if:  ${{ inputs.sql_backup == 'true' }}
      run: ssh server 'cd ${{ inputs.project_dir }} && ./vendor/bin/drush sql:dump --structure-tables-list="cache,cache_*,watchdog,sessions,history" --result-file=${{ inputs.artifacts_dir }}/database-before-${{ inputs.release_id }}.sql --gzip'
      shell: bash

    - name: 'Deploy release to the server'
      run: |
        ssh server 'rm -rf ${{env.BUILD_DIR}} && mkdir -p ${{env.BUILD_DIR}}'
        scp ${{ inputs.release_filename }} server:${{env.BUILD_DIR}}/
        rm ${{ inputs.release_filename }}
        ssh server 'cd ${{ env.BUILD_DIR }} && tar zxf ${{ inputs.release_filename }} && rm ${{ inputs.release_filename }}'
        ssh server 'if [ "${{ inputs.settings_file }}" != "" ]; then ln -s ${{ inputs.settings_file }} ${{ env.BUILD_SETTINGS_FILE }}; fi'
        ssh server 'if [ "${{ inputs.env_file }}" != "" ]; then ln -s ${{ inputs.env_file }} ${{ env.BUILD_ENV_FILE }}; fi'
        ssh server 'if [ "${{ inputs.robo_file }}" != "" ]; then ln -s ${{ inputs.robo_file }} ${{ env.BUILD_ROBO_FILE }}; fi'
        ssh server 'if [ "${{ inputs.drush_yml_file }}" != "" ]; then ln -s ${{ inputs.drush_yml_file }} ${{ env.BUILD_DRUSH_YML_FILE }}; fi'
        ssh server 'if [ "${{ inputs.local_services_file }}" != "" ]; then ln -s ${{ inputs.local_services_file }} ${{ env.BUILD_LOCAL_SERVICES_FILE }}; fi'
        ssh server 'if [ "${{ inputs.public_files_dir }}" != "" ]; then rm -rf ${{ env.BUILD_PUBLIC_FILES_DIR }} && ln -s ${{ inputs.public_files_dir }} ${{ env.BUILD_PUBLIC_FILES_DIR }}; fi'
        ssh server 'if [ "${{ inputs.database_dump_dir }}" != "" ]; then rm -f ${{ env.BUILD_DATABASE_DUMP_DIR }} && ln -s ${{ inputs.database_dump_dir }} ${{ env.BUILD_DATABASE_DUMP_DIR }}; fi'
        ssh server 'rm -f ${{ inputs.project_dir }} && ln -s ${{ env.BUILD_DIR }} ${{ inputs.project_dir }}'
      env:
        BUILD_DIR: "${{ inputs.artifacts_dir }}/${{ inputs.release_id }}"
        BUILD_SETTINGS_FILE: "${{ inputs.artifacts_dir }}/${{ inputs.release_id }}/web/sites/default/settings.local.php"
        BUILD_ENV_FILE: "${{ inputs.artifacts_dir }}/${{ inputs.release_id }}/.env"
        BUILD_ROBO_FILE: "${{ inputs.artifacts_dir }}/${{ inputs.release_id }}/robo.yml"
        BUILD_DRUSH_YML_FILE: "${{ inputs.artifacts_dir }}/${{ inputs.release_id }}/drush/drush.yml"
        BUILD_LOCAL_SERVICES_FILE: "${{ inputs.artifacts_dir }}/${{ inputs.release_id }}/web/sites/local.services.yml"
        BUILD_PUBLIC_FILES_DIR: "${{ inputs.artifacts_dir }}/${{ inputs.release_id }}/web/sites/default/files"
        BUILD_DATABASE_DUMP_DIR: "${{ inputs.artifacts_dir }}/${{ inputs.release_id }}/web/sync"
      shell: bash

    - name: 'Clean old artifacts'
      if:  ${{ inputs.artifacts_lifespan > 0 }}
      run:  ssh server 'cd ${{ inputs.artifacts_dir }} && if [ 0 -lt $(ls -l | grep 'release-*' | wc -l) ]; then find release-* -maxdepth 1 -type d -mtime +${{ inputs.artifacts_lifespan }} -prune -exec rm -rf {} \;; fi'
      shell: bash