hervehobbes/.github-workflows-main.yaml

## .github-workflows-main.yaml
name: CI/CD production
on:
    push:
        branches: [ production ]

jobs:
    build:
        runs-on: ubuntu-latest
        steps:
            # Mandatory : fetch the current repository
            -   name: Checkout repository
                uses: actions/checkout@v2

            # To be faster, use cache system for the NPM
            -   name: Cache NPM (node_modules)
                uses: actions/cache@v2
                env:
                    cache-name: cache-node-modules
                with:
                    path: ~/.npm
                    key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }}
                    restore-keys: |
                        ${{ runner.os }}-build-${{ env.cache-name }}-
                        ${{ runner.os }}-build-
                        ${{ runner.os }}-

            # Define the right Node.js's environment
            -   name: Environment for NPM
                uses: actions/setup-node@v2
                with:
                    node-version: '14'

            # NPM run build
            -   name: NPM build
                run: |
                    node -v
                    npm ci --cache .npm --unsafe-perm --prefer-offline
                    npm run build

            # Upload artifacts (= builded files) to download them in the next job
            -   name: NPM artifacts
                uses: actions/upload-artifact@v2
                with:
                    name: npm-build
                    retention-days: 1
                    path: public/build/

    deploy:
        # Need the "build" job to be complete before started it
        needs: build
        runs-on: ubuntu-latest
        steps:
            # Mandatory : fetch the current repository
            -   name: Checkout repository
                uses: actions/checkout@v2

            # To be faster, use cache system for the Composer
            -   name: Get Composer Cache Directory
                id: composer-cache
                run: |
                    echo "::set-output name=dir::$(composer config cache-files-dir)"
            -   name: Cache composer (vendor)
                uses: actions/cache@v2
                with:
                    path: ${{ steps.composer-cache.outputs.dir }}
                    key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
                    restore-keys: |
                        ${{ runner.os }}-composer-

            # Define the right PHP environment
            # https://github.com/shivammathur/setup-php (community)
            -   name: Environment for PHP
                uses: shivammathur/setup-php@v2
                with:
                    php-version: '8.0'
                    #extensions: mbstring, xml, ctype, iconv, intl, pdo, pdo_mysql, dom, filter, gd, iconv, json, mbstring, pdo
                    tools: composer:v2
                    coverage: none
                env:
                    update: true

            # Ensure that composer.json is valid
            -   name: Validate composer.json and composer.lock
                run: composer validate

            # Log the PHP version in use, and copy the "prod" env file to the "local" env file
            -   name: PHP utils
                run: |
                    php -v
                    cp .env.prod .env.local

            # Install composer dependencies, and dump env
            -   name: Composer install & dump-env
                run: |
                    composer install --no-dev --no-progress --no-scripts --prefer-dist -a
                    composer dump-env prod

            # Download artifacts created in the previous job
            -   name: Download NPM artifacts
                uses: actions/download-artifact@v2
                with:
                    name: npm-build
                    path: public/build

            # Define the right Node.js environment
            -   name: Environment for deploy
                uses: actions/setup-node@v2
                with:
                    node-version: '14'

            # Deploy repository onto the host provided in Github Secrets, including downloaded artifacts and files created (like vendor folder)
            # Deploy is running thanks to "Deployator" NPM dependency (https://github.com/la-haute-societe/deployator)
            # See "deployment-config.js" to get the config in use
            -   name: Deploy on prod
                env:
                    SSH_HOST: ${{ secrets.SSH_HOST }}
                    SSH_LOGIN: ${{ secrets.SSH_LOGIN }}
                    SSH_PWD: ${{ secrets.SSH_PWD }}
                    SSH_PATH: ${{ secrets.SSH_PATH }}
                run: |
                    npx --cache .npm deployator deploy --config deployment-config.js --environment=production

## deployment-config.js
"use strict";

function afterDeploy(context) {
	return [
		`php ${context.release.path}/bin/console d:m:m -n`,
		`php ${context.release.path}/bin/console c:c`,
	];
}

module.exports = function (options) {
	return {
		common: {
			mode: 'synchronize',
			currentReleaseLink: 'current',
			localPath: './', //Warning : Do not leave blank !
			share: {
				'uploads': 'public/uploads',
				'media-cache': 'public/media/cache',
				'translations-dir': 'translations',
				'log': 'var/log',
			},
			exclude: [
				'.github/**',
				'.github',
				'assets/**',
				'assets',
				'tests/**',
				'tests',
			],
			create: [
				'var',
				'var/log'
			],
			onAfterDeploy: afterDeploy,
		},

		environments: {
			production: {
				host: process.env.SSH_HOST,
				username: process.env.SSH_LOGIN,
				password: process.env.SSH_PWD,
				port: 22,
				deployPath: process.env.SSH_PATH,
			},
		}
	};
};

## package.json
{
	"license": "UNLICENSED",
	"private": true,
	"scripts": {
		"dev-server": "encore dev-server",
		"dev": "encore dev",
		"watch": "encore dev --watch",
		"build": "encore production --progress"
	},
	"devDependencies": {
		....
		"deployator": "^2.0.0",
	},
	"dependencies": {
    ...
	}
}
	name: CI/CD production
	on:
	push:
	branches: [ production ]

	jobs:
	build:
	runs-on: ubuntu-latest
	steps:
	# Mandatory : fetch the current repository
	- name: Checkout repository
	uses: actions/checkout@v2

	# To be faster, use cache system for the NPM
	- name: Cache NPM (node_modules)
	uses: actions/cache@v2
	env:
	cache-name: cache-node-modules
	with:
	path: ~/.npm
	key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }}
	restore-keys: \|
	${{ runner.os }}-build-${{ env.cache-name }}-
	${{ runner.os }}-build-
	${{ runner.os }}-

	# Define the right Node.js's environment
	- name: Environment for NPM
	uses: actions/setup-node@v2
	with:
	node-version: '14'

	# NPM run build
	- name: NPM build
	run: \|
	node -v
	npm ci --cache .npm --unsafe-perm --prefer-offline
	npm run build

	# Upload artifacts (= builded files) to download them in the next job
	- name: NPM artifacts
	uses: actions/upload-artifact@v2
	with:
	name: npm-build
	retention-days: 1
	path: public/build/

	deploy:
	# Need the "build" job to be complete before started it
	needs: build
	runs-on: ubuntu-latest
	steps:
	# Mandatory : fetch the current repository
	- name: Checkout repository
	uses: actions/checkout@v2

	# To be faster, use cache system for the Composer
	- name: Get Composer Cache Directory
	id: composer-cache
	run: \|
	echo "::set-output name=dir::$(composer config cache-files-dir)"
	- name: Cache composer (vendor)
	uses: actions/cache@v2
	with:
	path: ${{ steps.composer-cache.outputs.dir }}
	key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
	restore-keys: \|
	${{ runner.os }}-composer-

	# Define the right PHP environment
	# https://github.com/shivammathur/setup-php (community)
	- name: Environment for PHP
	uses: shivammathur/setup-php@v2
	with:
	php-version: '8.0'
	#extensions: mbstring, xml, ctype, iconv, intl, pdo, pdo_mysql, dom, filter, gd, iconv, json, mbstring, pdo
	tools: composer:v2
	coverage: none
	env:
	update: true

	# Ensure that composer.json is valid
	- name: Validate composer.json and composer.lock
	run: composer validate

	# Log the PHP version in use, and copy the "prod" env file to the "local" env file
	- name: PHP utils
	run: \|
	php -v
	cp .env.prod .env.local

	# Install composer dependencies, and dump env
	- name: Composer install & dump-env
	run: \|
	composer install --no-dev --no-progress --no-scripts --prefer-dist -a
	composer dump-env prod

	# Download artifacts created in the previous job
	- name: Download NPM artifacts
	uses: actions/download-artifact@v2
	with:
	name: npm-build
	path: public/build

	# Define the right Node.js environment
	- name: Environment for deploy
	uses: actions/setup-node@v2
	with:
	node-version: '14'

	# Deploy repository onto the host provided in Github Secrets, including downloaded artifacts and files created (like vendor folder)
	# Deploy is running thanks to "Deployator" NPM dependency (https://github.com/la-haute-societe/deployator)
	# See "deployment-config.js" to get the config in use
	- name: Deploy on prod
	env:
	SSH_HOST: ${{ secrets.SSH_HOST }}
	SSH_LOGIN: ${{ secrets.SSH_LOGIN }}
	SSH_PWD: ${{ secrets.SSH_PWD }}
	SSH_PATH: ${{ secrets.SSH_PATH }}
	run: \|
	npx --cache .npm deployator deploy --config deployment-config.js --environment=production
	"use strict";

	function afterDeploy(context) {
	return [
	`php ${context.release.path}/bin/console d:m:m -n`,
	`php ${context.release.path}/bin/console c:c`,
	];
	}

	module.exports = function (options) {
	return {
	common: {
	mode: 'synchronize',
	currentReleaseLink: 'current',
	localPath: './', //Warning : Do not leave blank !
	share: {
	'uploads': 'public/uploads',
	'media-cache': 'public/media/cache',
	'translations-dir': 'translations',
	'log': 'var/log',
	},
	exclude: [
	'.github/**',
	'.github',
	'assets/**',
	'assets',
	'tests/**',
	'tests',
	],
	create: [
	'var',
	'var/log'
	],
	onAfterDeploy: afterDeploy,
	},

	environments: {
	production: {
	host: process.env.SSH_HOST,
	username: process.env.SSH_LOGIN,
	password: process.env.SSH_PWD,
	port: 22,
	deployPath: process.env.SSH_PATH,
	},
	}
	};
	};
	{
	"license": "UNLICENSED",
	"private": true,
	"scripts": {
	"dev-server": "encore dev-server",
	"dev": "encore dev",
	"watch": "encore dev --watch",
	"build": "encore production --progress"
	},
	"devDependencies": {
	....
	"deployator": "^2.0.0",
	},
	"dependencies": {
	...
	}
	}