From cec4b79951a28cbc79cb9a53465ea044aa7d40c4 Mon Sep 17 00:00:00 2001
From: pesu98 <destinynazmi@gmail.com>
Date: Wed, 13 May 2026 11:40:17 +0800
Subject: [PATCH] runner

---
 .gitea/workflows/ci.yaml | 144 ++++++++++++++++++++++++++++++++++++---
 1 file changed, 133 insertions(+), 11 deletions(-)

diff --git a/.gitea/workflows/ci.yaml b/.gitea/workflows/ci.yaml
index a34dcfa..be82865 100644
--- a/.gitea/workflows/ci.yaml
+++ b/.gitea/workflows/ci.yaml
@@ -1,14 +1,19 @@
-name: CI
+name: Test Build Deploy
 
 on:
   push:
-    branches: ['**']
-  pull_request:
-    branches: ['**']
+    branches:
+      - master
+
+env:
+  PHP_VERSION: '8.4'
+  NODE_VERSION: '22'
+  ARTIFACT_NAME: laravel-release
+  RELEASE_FILE: laravel-release.tar.gz
 
 jobs:
   test:
-    name: Run Tests
+    name: Test
     runs-on: ubuntu-latest
 
     steps:
@@ -18,21 +23,138 @@ jobs:
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
         with:
-          php-version: '8.4'
+          php-version: ${{ env.PHP_VERSION }}
           extensions: pdo, pdo_sqlite, sqlite3
           coverage: none
 
-      - name: Copy .env
+      - name: Copy environment file
         run: cp .env.example .env
 
       - name: Install Composer dependencies
         run: composer install --no-interaction --prefer-dist --optimize-autoloader
 
-      - name: Generate app key
-        run: php artisan key:generate
+      - name: Generate application key
+        run: php artisan key:generate --ansi
 
       - name: Run migrations
         run: php artisan migrate --no-interaction --force
 
-      - name: Run tests
-        run: php artisan test --compact
+      - name: Run Laravel tests
+        run: composer run test
+
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    needs: test
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ env.PHP_VERSION }}
+          extensions: pdo, pdo_sqlite, sqlite3
+          coverage: none
+
+      - name: Setup Node
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          cache: npm
+
+      - name: Install production Composer dependencies
+        run: composer install --no-dev --no-interaction --prefer-dist --optimize-autoloader
+
+      - name: Install Node dependencies
+        run: npm ci
+
+      - name: Build frontend assets
+        run: npm run build
+
+      - name: Create release artifact
+        run: |
+          tar \
+            --exclude='.git' \
+            --exclude='.gitea' \
+            --exclude='.env' \
+            --exclude='node_modules' \
+            --exclude='tests' \
+            --exclude='storage/logs/*' \
+            --exclude='storage/framework/cache/*' \
+            --exclude='storage/framework/sessions/*' \
+            --exclude='storage/framework/views/*' \
+            -czf "${RELEASE_FILE}" .
+
+      - name: Upload release artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ env.ARTIFACT_NAME }}
+          path: ${{ env.RELEASE_FILE }}
+          if-no-files-found: error
+
+  deploy:
+    name: Deploy
+    runs-on: ubuntu-latest
+    needs: build
+
+    env:
+      # Required Gitea secrets:
+      # - SSH_HOST: server hostname or IP address
+      # - SSH_PORT: SSH port, usually 22
+      # - SSH_USER: SSH username for deployment
+      # - SSH_PASSWORD: SSH password for deployment
+      # - DEPLOY_PATH: absolute path on the server where the app will be deployed
+      # - APP_ENV_FILE: full production .env file content, including APP_KEY and DB credentials
+      SSH_HOST: ${{ secrets.SSH_HOST }}
+      SSH_PORT: ${{ secrets.SSH_PORT }}
+      SSH_USER: ${{ secrets.SSH_USER }}
+      SSH_PASSWORD: ${{ secrets.SSH_PASSWORD }}
+      DEPLOY_PATH: ${{ secrets.DEPLOY_PATH }}
+      APP_ENV_FILE: ${{ secrets.APP_ENV_FILE }}
+
+    steps:
+      - name: Download release artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ env.ARTIFACT_NAME }}
+
+      - name: Install SSH password helper
+        run: sudo apt-get update && sudo apt-get install -y sshpass
+
+      - name: Configure SSH known hosts
+        run: |
+          mkdir -p ~/.ssh
+          chmod 700 ~/.ssh
+          ssh-keyscan -p "${SSH_PORT:-22}" "${SSH_HOST}" >> ~/.ssh/known_hosts
+
+      - name: Create deployment environment file
+        if: env.APP_ENV_FILE != ''
+        run: printf '%s\n' "${APP_ENV_FILE}" > .env.deploy
+
+      - name: Upload release to server
+        run: |
+          SSHPASS="${SSH_PASSWORD}" sshpass -e rsync -avz -e "ssh -p ${SSH_PORT:-22}" "${RELEASE_FILE}" "${SSH_USER}@${SSH_HOST}:/tmp/${RELEASE_FILE}"
+
+      - name: Upload environment file to server
+        if: env.APP_ENV_FILE != ''
+        run: |
+          SSHPASS="${SSH_PASSWORD}" sshpass -e rsync -avz -e "ssh -p ${SSH_PORT:-22}" .env.deploy "${SSH_USER}@${SSH_HOST}:/tmp/.env.deploy"
+
+      - name: Extract release and finalize deployment
+        run: |
+          SSHPASS="${SSH_PASSWORD}" sshpass -e ssh -p "${SSH_PORT:-22}" "${SSH_USER}@${SSH_HOST}" << EOF
+          set -e
+          mkdir -p "${DEPLOY_PATH}"
+          tar -xzf "/tmp/${RELEASE_FILE}" -C "${DEPLOY_PATH}"
+          rm -f "/tmp/${RELEASE_FILE}"
+          cd "${DEPLOY_PATH}"
+          if [ -f /tmp/.env.deploy ]; then
+            mv /tmp/.env.deploy .env
+            chmod 600 .env
+          fi
+          php artisan storage:link || true
+          php artisan migrate --force
+          php artisan optimize
+          EOF