From faea1ee10ec4921a30a7922ce97cd51d7cbec5f6 Mon Sep 17 00:00:00 2001 From: Brandon Payton Date: Tue, 3 Dec 2024 19:32:25 -0500 Subject: [PATCH] Fix CORS proxy deploy workflow (#2049) ## Motivation for the change, related issues The CORS proxy deploy workflow isn't able to find the files it checked out in order to sync them to the dedicated proxy site. ## Implementation details This PR fixes multiple incorrect paths, tightens command line params, and restores some missing bash var declarations in order to fix deployment of the dedicated CORS proxy. ## Testing Instructions (or ideally a Blueprint) Allow dispatching this branch's version of the workflow and trigger the workflow manually to test. --- .github/workflows/deploy-cors-proxy.yml | 14 +++++++++++--- .../php-cors-proxy-deployment/apply-update.sh | 10 +++++++++- 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/.github/workflows/deploy-cors-proxy.yml b/.github/workflows/deploy-cors-proxy.yml index 4f8bf85c02..4e39745764 100644 --- a/.github/workflows/deploy-cors-proxy.yml +++ b/.github/workflows/deploy-cors-proxy.yml @@ -29,8 +29,16 @@ jobs: steps: - uses: actions/checkout@v4 with: - sparse-checkout: packages/playground/php-cors-proxy + sparse-checkout: | + packages/playground/php-cors-proxy packages/playground/php-cors-proxy-deployment + sparse-checkout-cone-mode: false + + - name: Observe working directory contents + shell: bash + run: | + pwd + ls -laR - name: Deploy to CORS proxy server shell: bash @@ -43,8 +51,8 @@ jobs: # CORS proxy files rsync --verbose --archive --compress -e "ssh -i ~/.ssh/id_ed25519" \ - --include '*/' --include '*.php' --exclude '*' \ - --delete --prune-empty-dirs \ + --exclude 'tests/' --include '*/' --include '*.php' --exclude '*' \ + --delete --delete-excluded --prune-empty-dirs \ packages/playground/php-cors-proxy/ \ ${{ secrets.DEPLOY_CORS_PROXY_TARGET_USER }}@${{ secrets.DEPLOY_WEBSITE_TARGET_HOST }}:'~/updated-proxy-files' diff --git a/packages/playground/php-cors-proxy-deployment/apply-update.sh b/packages/playground/php-cors-proxy-deployment/apply-update.sh index 8bf57ac92f..ca407e8e0e 100755 --- a/packages/playground/php-cors-proxy-deployment/apply-update.sh +++ b/packages/playground/php-cors-proxy-deployment/apply-update.sh @@ -2,6 +2,14 @@ set -euo pipefail +# Explicitly use the site's declared PHP version. +# Otherwise, we've seen this defaulting to older versions which can break our scripts. +SITE_PHP="/usr/local/php${PHP_VERSION}/bin/php" +SITE_API_BASE="$( "$SITE_PHP" -r 'require "/scripts/env.php"; echo SITE_API_BASE;')" + +echo Adding config file to updated proxy files +cp ~/cors-proxy-deployment/cors-proxy-config.php ~/updated-proxy-files/ + echo Syncing staged files to production rsync -av --delete --no-perms --omit-dir-times ~/updated-proxy-files/ /srv/htdocs/ @@ -14,6 +22,6 @@ curl -sS -X POST -H "Auth: $ATOMIC_SITE_API_KEY" "$SITE_API_BASE/edge-cache/$ATO echo Applying latest CORS proxy rate-limiting schema # NOTE: This will reset rate-limiting token buckets, but that should be tolerable # as long as we're generally discouraging abuse of the proxy. -cat ~/website-deployment/cors-proxy-rate-limiting-table.sql | mysql --database="$DB_NAME" +cat ~/cors-proxy-deployment/cors-proxy-rate-limiting-table.sql | mysql --database="$DB_NAME" echo Done!