fix: escape invitation message #39
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy TripTogether | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - staging | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: π¦ Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: π Setup SSH agent | |
| uses: webfactory/ssh-agent@v0.9.0 | |
| with: | |
| ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }} | |
| - name: π§Ύ Setup known_hosts | |
| run: | | |
| mkdir -p ~/.ssh | |
| echo "${{ secrets.VPS_KNOWN_HOST }}" > ~/.ssh/known_hosts | |
| chmod 644 ~/.ssh/known_hosts | |
| - name: π Deploy to VPS | |
| run: | | |
| if [ "${{ github.ref }}" = "refs/heads/main" ]; then | |
| echo "ENVIRONMENT=PRODUCTION" >> $GITHUB_ENV | |
| echo "π Deploying PRODUCTION" | |
| ssh -o StrictHostKeyChecking=yes \ | |
| ${{ secrets.VPS_USER }}@${{ secrets.VPS_HOST }} \ | |
| "bash /home/ubuntu/deploy-triptogether.sh" | |
| else | |
| echo "ENVIRONMENT=STAGING" >> $GITHUB_ENV | |
| echo "π§ͺ Deploying STAGING" | |
| ssh -o StrictHostKeyChecking=yes \ | |
| ${{ secrets.VPS_USER }}@${{ secrets.VPS_HOST }} \ | |
| "bash /home/ubuntu/deploy-triptogether-staging.sh" | |
| fi | |
| ############################################################ | |
| # β SUCCESS NOTIFICATION (FULLY SECURED) | |
| ############################################################ | |
| - name: β Telegram Success Notification | |
| if: success() | |
| env: | |
| TELEGRAM_TOKEN: ${{ secrets.TELEGRAM_TOKEN }} | |
| TELEGRAM_CHAT_ID: ${{ secrets.TELEGRAM_CHAT_ID }} | |
| COMMIT_MESSAGE: ${{ github.event.head_commit.message }} | |
| run: | | |
| SAFE_COMMIT=$(printf "%s" "$COMMIT_MESSAGE" \ | |
| | sed -e 's/&/\&/g' \ | |
| -e 's/</\</g' \ | |
| -e 's/>/\>/g') | |
| curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \ | |
| --data-urlencode "chat_id=${TELEGRAM_CHAT_ID}" \ | |
| --data-urlencode "parse_mode=HTML" \ | |
| --data-urlencode "text=β <b>${ENVIRONMENT} Deploy SUCCESS</b> | |
| π¦ <b>Repo:</b> ${{ github.repository }} | |
| πΏ <b>Branch:</b> ${{ github.ref_name }} | |
| π€ <b>Author:</b> ${{ github.actor }} | |
| π <b>Commit:</b> ${SAFE_COMMIT} | |
| π <b>Date:</b> $(date -u '+%Y-%m-%d %H:%M:%S UTC') | |
| π <a href='https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}'>View Logs</a>" | |
| ############################################################ | |
| # β FAILURE NOTIFICATION (FULLY SECURED) | |
| ############################################################ | |
| - name: β Telegram Failure Notification | |
| if: failure() | |
| env: | |
| TELEGRAM_TOKEN: ${{ secrets.TELEGRAM_TOKEN }} | |
| TELEGRAM_CHAT_ID: ${{ secrets.TELEGRAM_CHAT_ID }} | |
| COMMIT_MESSAGE: ${{ github.event.head_commit.message }} | |
| run: | | |
| SAFE_COMMIT=$(printf "%s" "$COMMIT_MESSAGE" \ | |
| | sed -e 's/&/\&/g' \ | |
| -e 's/</\</g' \ | |
| -e 's/>/\>/g') | |
| curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \ | |
| --data-urlencode "chat_id=${TELEGRAM_CHAT_ID}" \ | |
| --data-urlencode "parse_mode=HTML" \ | |
| --data-urlencode "text=β <b>${ENVIRONMENT} Deploy FAILED</b> | |
| π¦ <b>Repo:</b> ${{ github.repository }} | |
| πΏ <b>Branch:</b> ${{ github.ref_name }} | |
| π€ <b>Author:</b> ${{ github.actor }} | |
| π <b>Commit:</b> ${SAFE_COMMIT} | |
| π <b>Date:</b> $(date -u '+%Y-%m-%d %H:%M:%S UTC') | |
| β οΈ <b>Check immediately.</b> | |
| π <a href='https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}'>View Logs</a>" |