mirror of
https://github.com/myronblair/jarvis
synced 2026-06-30 17:50:23 -05:00
Add auto-deploy webhook handler
Handles GitHub push webhooks for all 8 repos. Queues paths to /tmp/jarvis-deploy-queue.txt. Root cron (/usr/local/bin/jarvis-deploy.sh) processes queue every minute.
This commit is contained in:
@@ -0,0 +1,58 @@
|
||||
<?php
|
||||
/**
|
||||
* GitHub Auto-Deploy Webhook
|
||||
* Verifies GitHub HMAC signature, then queues the repo for git pull.
|
||||
* A root cron job (/usr/local/bin/jarvis-deploy.sh) processes the queue every minute.
|
||||
*/
|
||||
|
||||
define('WEBHOOK_SECRET', '8a8c50c83d37527bdef876f1736b654235724a1a475cb8e5');
|
||||
define('DEPLOY_QUEUE', '/tmp/jarvis-deploy-queue.txt');
|
||||
define('DEPLOY_LOG', '/home/jarvis.orbishosting.com/logs/deploy.log');
|
||||
|
||||
header('Content-Type: application/json');
|
||||
|
||||
$payload = file_get_contents('php://input');
|
||||
$sig = $_SERVER['HTTP_X_HUB_SIGNATURE_256'] ?? '';
|
||||
$expected = 'sha256=' . hash_hmac('sha256', $payload, WEBHOOK_SECRET);
|
||||
|
||||
if (!hash_equals($expected, $sig)) {
|
||||
http_response_code(403);
|
||||
echo json_encode(['error' => 'Invalid signature']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$data = json_decode($payload, true);
|
||||
$repo = $data['repository']['name'] ?? '';
|
||||
$ref = $data['ref'] ?? '';
|
||||
$pusher = $data['pusher']['name'] ?? 'unknown';
|
||||
|
||||
// Only deploy on pushes to main
|
||||
if ($ref !== 'refs/heads/main') {
|
||||
echo json_encode(['ok' => true, 'skipped' => "ref $ref is not main"]);
|
||||
exit;
|
||||
}
|
||||
|
||||
$repoMap = [
|
||||
'jarvis' => '/home/jarvis.orbishosting.com',
|
||||
'tomsjavajive' => '/home/tomsjavajive.com/public_html',
|
||||
'epictravelexpeditions' => '/home/epictravelexpeditions.com/public_html',
|
||||
'parkerslingshotrentals' => '/home/parkerslingshotrentals.com/public_html',
|
||||
'orbishosting' => '/home/orbishosting.com/public_html',
|
||||
'orbis-hosting-portal' => '/home/orbis.orbishosting.com/public_html',
|
||||
'tomtomgames' => '/home/tomtomgames.com/public_html',
|
||||
'infra' => '/tmp/infra-current',
|
||||
];
|
||||
|
||||
if (!isset($repoMap[$repo])) {
|
||||
http_response_code(404);
|
||||
echo json_encode(['error' => "Unknown repo: $repo"]);
|
||||
exit;
|
||||
}
|
||||
|
||||
$path = $repoMap[$repo];
|
||||
file_put_contents(DEPLOY_QUEUE, $path . "\n", FILE_APPEND | LOCK_EX);
|
||||
|
||||
$msg = "[" . date('Y-m-d H:i:s') . "] Queued deploy: $repo by $pusher -> $path";
|
||||
file_put_contents(DEPLOY_LOG, $msg . "\n", FILE_APPEND | LOCK_EX);
|
||||
|
||||
echo json_encode(['ok' => true, 'queued' => $repo, 'path' => $path]);
|
||||
Reference in New Issue
Block a user