CI/CD Pipeline
Understand how SWAT validates, builds and deploys your application through GitHub Actions across preproduction and production environments.
SWAT includes three complementary GitHub Actions workflows:
one for validation, one for preproduction deployment and one for production deployment.
Together, they provide a lightweight but reliable delivery process based on GitHub Actions,
SSH deployment and environment-specific configuration, without requiring complex infrastructure.
1. Open a pull request
Pull requests targeting dev or master trigger the validation workflow.
2. Validate the project
GitHub Actions installs dependencies, runs checks and tests, then builds the frontend assets.
3. Deploy to preproduction
A push to the dev branch triggers the preproduction deployment workflow.
4. Deploy to production
A version tag matching v* triggers the production deployment workflow.
Preproduction
The preproduction environment is used to validate changes before a production release.
By default, it is deployed on push to the dev branch.
You can adapt this behavior in the deploy-preprod.yml workflow file.
Production
The production environment is used for public releases.
By default, it is deployed when a version tag starting with v is pushed, such as v1.0.0.
You can adapt this behavior in the deploy-production.yml workflow file.
01 - Install production PHP dependencies
Composer installs the backend dependencies required for deployment without development-only packages.
02 - Install frontend dependencies
npm installs the packages required to build the frontend assets for the target environment.
03 - Build assets
The workflow compiles the SCSS and TypeScript assets so the deployed application includes its production-ready frontend build.
04 - Generate build metadata
SWAT generates a build-info.json file containing useful metadata such as commit hash, build date and target environment.
05 - Connect to the target server
GitHub Actions connects to the remote server over SSH using the credentials and settings defined for the target environment.
06 - Deploy and finalize
The workflow transfers the application files and then runs the final deployment steps required by the target environment.
To deploy the application securely, the workflows rely on GitHub repository secrets.
Each environment uses its own dedicated values for SSH access and deployment configuration.
Keeping separate secrets for each environment helps isolate deployments and makes the pipeline safer and easier to maintain.
| Variable name | Description |
|---|---|
| PREPROD_HOST / PROD_HOST | The hostname or IP address of the preproduction or production server. |
| PREPROD_PORT / PROD_PORT | The SSH port used to connect to the preproduction or production server. |
| PREPROD_USER / PROD_USER | The SSH user used for the preproduction or production deployment. |
| PREPROD_PATH / PROD_PATH | The deployment path on the preproduction or production server. |
| PREPROD_SSH_KEY / PROD_SSH_KEY | The private SSH key used by GitHub Actions to connect to the target server. |
| PREPROD_KNOWN_HOSTS / PROD_KNOWN_HOSTS | The known hosts value used to verify the identity of the target server during SSH connection. |