From dbf2ba32502d518db4201505fb15d723c1cfd1e3 Mon Sep 17 00:00:00 2001 From: Talleyrand333 Date: Tue, 9 Jun 2026 08:28:26 +0100 Subject: [PATCH 1/3] feat: add production deployment workflow (WI-001002) Adds deploy-production.yml that: - Triggers on push to version-15 and manual workflow_dispatch - SSHs into production server via appleboy/ssh-action (pinned v1.2.5) - Pulls latest from upstream version-15 - Runs yarn install + yarn build - Uses PRODUCTION_HOST/PRODUCTION_KEY secrets - Follows established patterns from other apps (script_stop, command_timeout, set -x) --- .github/workflows/deploy-production.yml | 29 +++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 .github/workflows/deploy-production.yml diff --git a/.github/workflows/deploy-production.yml b/.github/workflows/deploy-production.yml new file mode 100644 index 0000000..7640656 --- /dev/null +++ b/.github/workflows/deploy-production.yml @@ -0,0 +1,29 @@ +name: Deploy to Production + +on: + workflow_dispatch: + push: + branches: + - version-15 + +jobs: + deploy: + runs-on: ubuntu-latest + timeout-minutes: 90 + + steps: + - name: Deploy to Production + uses: appleboy/ssh-action@0ff4204d59e8e51228ff73bce53f80d53301dee2 # v1.2.5 + with: + host: ${{ secrets.PRODUCTION_HOST }} + username: ${{ secrets.USERNAME }} + key: ${{ secrets.PRODUCTION_KEY }} + port: 22 + command_timeout: 30m + script_stop: true + script: | + set -x + cd /home/frappe/mobile_app_ionic + git pull upstream version-15 + yarn install + yarn build From 76eaa938378421c16210955d4b68fb4a20167ebc Mon Sep 17 00:00:00 2001 From: Talleyrand333 Date: Tue, 9 Jun 2026 08:36:19 +0100 Subject: [PATCH 2/3] fix: address PR review comments on deploy-production workflow - Add concurrency group to prevent parallel deployments - Replace 'set -x' with 'set -euxo pipefail' for fail-fast behavior - Replace 'git pull' with deterministic 'git fetch + checkout + reset --hard' - Use 'yarn install --frozen-lockfile' for reproducible installs --- .github/workflows/deploy-production.yml | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy-production.yml b/.github/workflows/deploy-production.yml index 7640656..056bfa5 100644 --- a/.github/workflows/deploy-production.yml +++ b/.github/workflows/deploy-production.yml @@ -6,6 +6,10 @@ on: branches: - version-15 +concurrency: + group: deploy-production + cancel-in-progress: true + jobs: deploy: runs-on: ubuntu-latest @@ -22,8 +26,10 @@ jobs: command_timeout: 30m script_stop: true script: | - set -x + set -euxo pipefail cd /home/frappe/mobile_app_ionic - git pull upstream version-15 - yarn install + git fetch upstream version-15 + git checkout version-15 + git reset --hard upstream/version-15 + yarn install --frozen-lockfile yarn build From 482776caedc9c08aee14cf98c73fb8fb2e925371 Mon Sep 17 00:00:00 2001 From: Ebuka Akeru <38866184+Talleyrand333@users.noreply.github.com> Date: Tue, 9 Jun 2026 08:43:14 +0100 Subject: [PATCH 3/3] Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --- .github/workflows/deploy-production.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy-production.yml b/.github/workflows/deploy-production.yml index 056bfa5..8661d66 100644 --- a/.github/workflows/deploy-production.yml +++ b/.github/workflows/deploy-production.yml @@ -20,7 +20,7 @@ jobs: uses: appleboy/ssh-action@0ff4204d59e8e51228ff73bce53f80d53301dee2 # v1.2.5 with: host: ${{ secrets.PRODUCTION_HOST }} - username: ${{ secrets.USERNAME }} + username: ${{ secrets.PRODUCTION_USERNAME }} key: ${{ secrets.PRODUCTION_KEY }} port: 22 command_timeout: 30m