Initial commit after split from https://github.com/10up/actions-wordp…

…ress
10up · Aug 22, 2019 · 472a77d · 472a77d
1 parent 47c5a4a
commit 472a77d
Show file tree

Hide file tree

Showing 3 changed files with 186 additions and 2 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,20 @@
+FROM debian:stable-slim
+
+LABEL "com.github.actions.name"="WordPress Plugin Deploy"
+LABEL "com.github.actions.description"="Deploy to the WordPress Plugin Repository"
+LABEL "com.github.actions.icon"="upload-cloud"
+LABEL "com.github.actions.color"="blue"
+
+LABEL maintainer="Helen Hou-Sandí <[email protected]>"
+LABEL version="1.2.1"
+LABEL repository="http://github.com/helen/action-wordpress-plugin-deploy"
+
+RUN apt-get update \
+	&& apt-get install -y subversion rsync git \
+	&& apt-get clean -y \
+	&& rm -rf /var/lib/apt/lists/* \
+	&& git config --global user.email "[email protected]" \
+	&& git config --global user.name "10upbot on GitHub"
+
+COPY entrypoint.sh /entrypoint.sh
+ENTRYPOINT ["/entrypoint.sh"]
diff --git a/README.md b/README.md
@@ -1,2 +1,54 @@
-# action-wordpress-plugin-deploy
-Deploy your plugin to the WordPress.org repository using GitHub Actions
+# WordPress.org Plugin Deploy
+
+This Action commits the contents of your Git tag to the WordPress.org plugin repository using the same tag name. It excludes files in `.git` and `.github` subdirectories and moves anything from a `.wordpress-org` subdirectory to the top-level `assets` directory in Subversion (plugin banners, icons, and screenshots).
+
+## Configuration
+
+### Required secrets
+* `SVN_USERNAME`
+* `SVN_PASSWORD`
+* `GITHUB_TOKEN` - you do not need to generate one but you do have to explicitly make it available to the Action
+
+Secrets can be set while editing your workflow or in the repository settings. They cannot be viewed once stored. [GitHub secrets documentation](https://developer.github.com/actions/creating-workflows/storing-secrets/)
+
+### Optional environment variables
+* `SLUG` - defaults to the respository name, customizable in case your WordPress repository has a different slug. This should be a very rare case as WordPress assumes that the directory and initial plugin file have the same slug.
+* `VERSION` - defaults to the tag name; do not recommend setting this except for testing purposes
+* `ASSETS_DIR` - defaults to `.wordpress-org`, customizable for other locations of WordPress.org plugin repository-specific assets that belong in the top-level `assets` directory (the one on the same level as `trunk`)
+
+### Known issues
+* Currently the `tags` filter on the `push` action does not seem to work correctly, so we target the `refs/tags/*` naming of a branch instead. Ideally for readability and correctness this would use something like `tags: - *`.
+
+## Example Workflow File
+```
+name: Deploy to WordPress.org
+on:
+  push:
+    branches:
+    - refs/tags/*
+jobs:
+  tag:
+    name: New tag
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@master
+    - name: WordPress Plugin Deploy
+      uses: 10up/action-wordpress-plugin-deploy@master
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        SVN_PASSWORD: ${{ secrets.SVN_PASSWORD }}
+        SVN_USERNAME: ${{ secrets.SVN_USERNAME }}
+        SLUG: my-super-cool-plugin
+```
+
+## Contributing
+Want to help? Check out our [contributing guidelines](../CONTRIBUTING.md) to get started.
+
+<p align="center">
+<a href="http://10up.com/contact/"><img src="https://10updotcom-wpengine.s3.amazonaws.com/uploads/2016/10/10up-Github-Banner.png" width="850"></a>
+</p>
+
+## License
+
+Our GitHub Actions are available for use and remix under the MIT license.
+
diff --git a/entrypoint.sh b/entrypoint.sh
@@ -0,0 +1,112 @@
+#!/bin/bash
+
+# Note that this does not use pipefail
+# because if the grep later doesn't match any deleted files,
+# which is likely the majority case,
+# it does not exit with a 0, and I only care about the final exit.
+set -eo
+
+# Ensure SVN username and password are set
+# IMPORTANT: while secrets are encrypted and not viewable in the GitHub UI,
+# they are by necessity provided as plaintext in the context of the Action,
+# so do not echo or use debug mode unless you want your secrets exposed!
+if [[ -z "$SVN_USERNAME" ]]; then
+	echo "Set the SVN_USERNAME secret"
+	exit 1
+fi
+
+if [[ -z "$SVN_PASSWORD" ]]; then
+	echo "Set the SVN_PASSWORD secret"
+	exit 1
+fi
+
+if [[ -z "$GITHUB_TOKEN" ]]; then
+	echo "Set the GITHUB_TOKEN env variable"
+	exit 1
+fi
+
+# Allow some ENV variables to be customized
+if [[ -z "$SLUG" ]]; then
+	SLUG=${GITHUB_REPOSITORY#*/}
+fi
+echo "ℹ︎ SLUG is $SLUG"
+
+# Does it even make sense for VERSION to be editable in a workflow definition?
+if [[ -z "$VERSION" ]]; then
+	VERSION=${GITHUB_REF#refs/tags/}
+fi
+echo "ℹ︎ VERSION is $VERSION"
+
+if [[ -z "$ASSETS_DIR" ]]; then
+	ASSETS_DIR=".wordpress-org"
+fi
+echo "ℹ︎ ASSETS_DIR is $ASSETS_DIR"
+
+SVN_URL="http://plugins.svn.wordpress.org/${SLUG}/"
+SVN_DIR="/github/svn-${SLUG}"
+
+# Checkout just trunk and assets for efficiency
+# Tagging will be handled on the SVN level
+echo "➤ Checking out .org repository..."
+svn checkout --depth immediates "$SVN_URL" "$SVN_DIR"
+cd "$SVN_DIR"
+svn update --set-depth infinity assets
+svn update --set-depth infinity trunk
+
+echo "➤ Copying files..."
+cd "$GITHUB_WORKSPACE"
+
+# "Export" a cleaned copy to a temp directory
+TMP_DIR="/github/archivetmp"
+mkdir "$TMP_DIR"
+
+git config --global user.email "[email protected]"
+git config --global user.name "10upbot on GitHub"
+
+# If there's no .gitattributes file, write a default one into place
+if [[ ! -e "$GITHUB_WORKSPACE/.gitattributes" ]]; then
+	cat > "$GITHUB_WORKSPACE/.gitattributes" <<-EOL
+	/$ASSETS_DIR export-ignore
+	/.gitattributes export-ignore
+	/.gitignore export-ignore
+	/.github export-ignore
+	EOL
+
+	# Ensure we are in the $GITHUB_WORKSPACE directory, just in case
+	# The .gitattributes file has to be committed to be used
+	# Just don't push it to the origin repo :)
+	git add .gitattributes && git commit -m "Add .gitattributes file"
+fi
+
+# This will exclude everything in the .gitattributes file with the export-ignore flag
+git archive HEAD | tar x --directory="$TMP_DIR"
+
+cd "$SVN_DIR"
+
+# Copy from clean copy to /trunk, excluding dotorg assets
+# The --delete flag will delete anything in destination that no longer exists in source
+rsync -rc "$TMP_DIR/" trunk/ --delete
+
+# Copy dotorg assets to /assets
+rsync -rc "$GITHUB_WORKSPACE/$ASSETS_DIR/" assets/ --delete
+
+# Add everything and commit to SVN
+# The force flag ensures we recurse into subdirectories even if they are already added
+# Suppress stdout in favor of svn status later for readability
+echo "➤ Preparing files..."
+svn add . --force > /dev/null
+
+# SVN delete all deleted files
+# Also suppress stdout here
+svn status | grep '^\!' | sed 's/! *//' | xargs -I% svn rm % > /dev/null
+
+# Copy tag locally to make this a single commit
+echo "➤ Copying tag..."
+svn cp "trunk" "tags/$VERSION"
+
+svn status
+
+echo "➤ Committing files..."
+svn commit -m "Update to version $VERSION from GitHub" --no-auth-cache --non-interactive  --username "$SVN_USERNAME" --password "$SVN_PASSWORD"
+
+echo "✓ Plugin deployed!"