Repository Files Guide
Per project repo ගෙ files - DevOps create කරනවා, Developer touch කරන්නේ නෑ.
Repository Structure
[client]-wordpress-theme/ ← GitHub repo root
├── .github/
│ └── workflows/
│ └── deploy.yml ← DevOps ✅ (CI/CD pipeline)
├── sonar-project.properties ← DevOps ✅ (SonarQube config)
├── .gitignore ← DevOps ✅ (ignore rules)
├── style.css ← Developer ✅ (theme files)
├── functions.php ← Developer ✅
├── header.php ← Developer ✅
├── footer.php ← Developer ✅
└── ... (all theme files) ← Developer ✅
Rule
.github/,sonar-project.properties,.gitignore→ DevOps only- All theme PHP/CSS/JS files → Developer
1. deploy.yml
Location: .github/workflows/deploy.yml
Same structure for ALL WordPress projects - only [client] path changes.
name: WordPress Theme CI/CD
on:
push:
branches:
- staging # ← staging branch push = auto deploy
jobs:
code-quality:
name: SonarQube Scan
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: SonarQube Scan
uses: SonarSource/sonarqube-scan-action@master
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
deploy-staging:
name: Deploy to Staging
runs-on: ubuntu-latest
needs: code-quality # ← SonarQube pass වෙනකම් wait
steps:
- uses: actions/checkout@v4
- name: Prepare Theme Folder & Permissions # ← Auto permissions fix!
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.STAGING_SERVER_IP }}
username: ${{ secrets.STAGING_SSH_USER }}
key: ${{ secrets.STAGING_SSH_KEY }}
script: |
THEME_PATH="/home/enfection-[client]/htdocs/[client].development.enfection.com/wp-content/themes/[client]-theme"
sudo mkdir -p $THEME_PATH
sudo chmod 755 $(dirname $THEME_PATH)
sudo chown -R ubuntu:ubuntu $(dirname $THEME_PATH)
- name: Deploy Theme to Staging
uses: appleboy/scp-action@v0.1.7
with:
host: ${{ secrets.STAGING_SERVER_IP }}
username: ${{ secrets.STAGING_SSH_USER }}
key: ${{ secrets.STAGING_SSH_KEY }}
source: "./"
target: "/home/enfection-[client]/htdocs/[client].development.enfection.com/wp-content/themes/[client]-theme"
rm: false
Per Project Change
target path ගෙ [client] replace කරන්න:
2. sonar-project.properties
Location: repo root (theme folder ගෙ root)
Per project change කරන දේ: sonar.projectKey සහ sonar.projectName only.
sonar.projectKey=[client]-wordpress-theme
sonar.projectName=[Client] WordPress Theme
sonar.projectVersion=1.0
sonar.sources=.
sonar.exclusions=node_modules/**,assets/**,languages/**,**/*.min.js,**/*.min.css,**/*.map
sonar.language=php
sonar.php.version=8.2
Examples:
# Rocell project
sonar.projectKey=rocell-wordpress-theme
sonar.projectName=Rocell WordPress Theme
# Keells project
sonar.projectKey=keells-wordpress-theme
sonar.projectName=Keells WordPress Theme
3. .gitignore
Location: repo root
Same for ALL WordPress projects - no changes needed.
GitHub Secrets (Same Keys, Per Repo)
Every project repo ගෙ same 5 secrets add කරන්න:
| Secret | Value | Changes per project? |
|---|---|---|
STAGING_SERVER_IP |
13.234.20.114 |
No - same server |
STAGING_SSH_USER |
ubuntu |
No |
STAGING_SSH_KEY |
deploy_key content | No - same key |
SONAR_TOKEN |
SonarQube token | Yes - new token per project |
SONAR_HOST_URL |
https://sonarqube.enfection.com |
No |
Time Saver
STAGING_SERVER_IP, STAGING_SSH_USER, STAGING_SSH_KEY, SONAR_HOST_URL = always same values.
Only SONAR_TOKEN = new token per project generate කරන්න.