overspend1/website-thingy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
website-thingy/.github/workflows/deploy.yml
overspend1 a03b00a8da 🚀 Deploy ROM Mirror Portfolio with Glassmorphism 
 Features:
- Enhanced glassmorphism design throughout
- Google Drive ROM mirror integration
- Professional icon system (no emojis)
- GitHub Actions secure deployment
- Responsive design for all devices

🔐 Security:
- API keys protected via GitHub Secrets
- No sensitive data in repository
- Automated security scanning

🎯 ROM Mirror:
- Real Google Drive file browser
- Download tracking and analytics
- Beautiful file management interface
- Mobile-optimized experience
2025-07-07 12:20:46 +02:00

141 lines
4.3 KiB
YAML
Raw Permalink Blame History

name: Deploy ROM Mirror Portfolio to overspend.cloud
on:
push:
branches: [main, master]
pull_request:
branches: [main, master]
workflow_dispatch:
permissions:
contents: read
pages: write
id-token: write
concurrency:
group: "pages"
cancel-in-progress: false
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Create secure config file
run: |
echo "Creating secure configuration..."
cat > js/config.js << 'EOF'
// ROM Mirror Configuration - Generated by GitHub Actions
// This file contains secure credentials and is not committed to git
// Deployed to: overspend.cloud
window.ROM_MIRROR_CONFIG = {
DRIVE_API_KEY: "${{ secrets.DRIVE_API_KEY }}",
DRIVE_FOLDER_ID: "${{ secrets.DRIVE_FOLDER_ID }}",
// Domain configuration
DOMAIN: "overspend.cloud",
// Optional configuration
MAX_RETRIES: 3,
CACHE_DURATION: 300000,
// File type icons mapping
FILE_ICONS: {
"zip": "icon-zip",
"img": "icon-image",
"iso": "icon-image",
"apk": "icon-file",
"txt": "icon-file",
"md": "icon-file",
"rar": "icon-zip",
"7z": "icon-zip"
},
// User messages
MESSAGES: {
LOADING: "Loading ROM files from Google Drive...",
ERROR: "Failed to connect to Google Drive. Please check your configuration.",
NO_FILES: "No ROM files found in this folder.",
DOWNLOAD_SUCCESS: "Download started successfully!",
SECURITY_OK: "Secure connection to overspend.cloud verified"
}
};
// Production environment indicator
window.ROM_MIRROR_CONFIG.ENVIRONMENT = "production";
window.ROM_MIRROR_CONFIG.BUILD_TIME = "${{ github.run_number }}";
window.ROM_MIRROR_CONFIG.COMMIT_SHA = "${{ github.sha }}";
window.ROM_MIRROR_CONFIG.DEPLOY_DOMAIN = "overspend.cloud";
EOF
- name: Verify config file creation
run: |
echo "Verifying config file exists..."
if [ -f "js/config.js" ]; then
echo "✅ Config file created successfully"
echo "File size: $(wc -c < js/config.js) bytes"
else
echo "❌ Config file creation failed"
exit 1
fi
- name: Setup Pages
if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master'
uses: actions/configure-pages@v4
- name: Upload artifact
if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master'
uses: actions/upload-pages-artifact@v3
with:
path: "."
deploy:
if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master'
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
runs-on: ubuntu-latest
needs: build
steps:
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v4
security-check:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Security audit
run: |
echo "🔍 Running security checks..."
# Check for exposed secrets in code
echo "Checking for exposed API keys..."
if grep -r "AIzaSy" . --exclude-dir=.git --exclude-dir=.github --exclude="*.md" --exclude="deploy-to-repo.sh"; then
echo "❌ Found potential exposed API keys!"
exit 1
else
echo "✅ No exposed API keys found"
fi
# Check gitignore
echo "Checking .gitignore configuration..."
if grep -q "js/config.js" .gitignore; then
echo "✅ Config file properly ignored"
else
echo "⚠️ Warning: config.js not in .gitignore"
fi
# Check for config template
if [ -f "js/config.example.js" ]; then
echo "✅ Config template exists"
else
echo "⚠️ Warning: config.example.js template missing"
fi
echo "🔐 Security check completed"
Reference in New Issue View Git Blame Copy Permalink