Create SECURITY.md #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will build and push a PHP application to an Azure Web App when a commit is pushed to your default branch. | |
# | |
# This workflow assumes you have already created the target Azure App Service web app. | |
# For instructions see https://docs.microsoft.com/en-us/azure/app-service/quickstart-php?pivots=platform-linux | |
# | |
# To configure this workflow: | |
# | |
# 1. Download the Publish Profile for your Azure Web App. You can download this file from the Overview page of your Web App in the Azure Portal. | |
# For more information: https://docs.microsoft.com/en-us/azure/app-service/deploy-github-actions?tabs=applevel#generate-deployment-credentials | |
# | |
# 2. Create a secret in your repository named AZURE_WEBAPP_PUBLISH_PROFILE, paste the publish profile contents as the value of the secret. | |
# For instructions on obtaining the publish profile see: https://docs.microsoft.com/azure/app-service/deploy-github-actions#configure-the-github-secret | |
# | |
# 3. Change the value for the AZURE_WEBAPP_NAME. Optionally, change the AZURE_WEBAPP_PACKAGE_PATH and PHP_VERSION environment variables below. | |
# | |
# For more information on GitHub Actions for Azure: https://github.com/Azure/Actions | |
# For more information on the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy | |
# For more samples to get started with GitHub Action workflows to deploy to Azure: https://github.com/Azure/actions-workflow-samples | |
name: Build and deploy PHP app to Azure Web App | |
on: | |
push: | |
branches: [ "main" ] | |
workflow_dispatch: | |
env: | |
AZURE_WEBAPP_NAME: your-app-name # set this to your application's name | |
AZURE_WEBAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root | |
PHP_VERSION: '8.x' # set this to the PHP version to use | |
permissions: | |
contents: read | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup PHP | |
uses: shivammathur/setup-php@7c0b4c8c8ebed23eca9ec2802474895d105b11bc | |
with: | |
php-version: ${{ env.PHP_VERSION }} | |
- name: Check if composer.json exists | |
id: check_files | |
uses: andstor/file-existence-action@87d74d4732ddb824259d80c8a508c0124bf1c673 | |
with: | |
files: 'composer.json' | |
- name: Get Composer Cache Directory | |
id: composer-cache | |
if: steps.check_files.outputs.files_exists == 'true' | |
run: | | |
echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT | |
- name: Set up dependency caching for faster installs | |
uses: actions/cache@v3 | |
if: steps.check_files.outputs.files_exists == 'true' | |
with: | |
path: ${{ steps.composer-cache.outputs.dir }} | |
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} | |
restore-keys: | | |
${{ runner.os }}-composer- | |
- name: Run composer install if composer.json exists | |
if: steps.check_files.outputs.files_exists == 'true' | |
run: composer validate --no-check-publish && composer install --prefer-dist --no-progress | |
- name: Upload artifact for deployment job | |
uses: actions/upload-artifact@v3 | |
with: | |
name: php-app | |
path: . | |
deploy: | |
permissions: | |
contents: none | |
runs-on: ubuntu-latest | |
needs: build | |
environment: | |
name: 'Development' | |
url: ${{ steps.deploy-to-webapp.outputs.webapp-url }} | |
steps: | |
- name: Download artifact from build job | |
uses: actions/download-artifact@v3 | |
with: | |
name: php-app | |
- name: 'Deploy to Azure Web App' | |
id: deploy-to-webapp | |
uses: azure/webapps-deploy@v2 | |
with: | |
app-name: ${{ env.AZURE_WEBAPP_NAME }} | |
publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} | |
package: . |