From b95b4f12f97c129e01b76b5beb7c1b7c8ad0fa22 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matej=20Ba=C4=8Do?= Date: Wed, 25 Mar 2026 10:55:17 +0100 Subject: [PATCH 1/4] Fix missing deployment on new branch --- .../Platform/Modules/VCS/Http/GitHub/Events/Create.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/Appwrite/Platform/Modules/VCS/Http/GitHub/Events/Create.php b/src/Appwrite/Platform/Modules/VCS/Http/GitHub/Events/Create.php index c614c80041..a2fa44c613 100644 --- a/src/Appwrite/Platform/Modules/VCS/Http/GitHub/Events/Create.php +++ b/src/Appwrite/Platform/Modules/VCS/Http/GitHub/Events/Create.php @@ -65,7 +65,7 @@ class Create extends Action $signature = $request->getHeader('x-hub-signature-256', ''); $secretKey = System::getEnv('_APP_VCS_GITHUB_WEBHOOK_SECRET', ''); - $valid = empty($signature) ? true : $github->validateWebhookEvent($payload, $signature, $secretKey); + $valid = empty($secretKey) ? true : $github->validateWebhookEvent($payload, $signature, $secretKey); Span::add('vcs.github.event.signature.valid', $valid); if (!$valid) { @@ -162,8 +162,8 @@ class Create extends Action Query::limit(100), ])); - // Create new deployment only on push (not committed by us) and not when branch is created or deleted - if ($providerCommitAuthorEmail !== APP_VCS_GITHUB_EMAIL && !$providerBranchCreated && !$providerBranchDeleted) { + // Create new deployment only on push (not committed by us) and not when branch is deleted + if ($providerCommitAuthorEmail !== APP_VCS_GITHUB_EMAIL && !$providerBranchDeleted) { $this->createGitDeployments($github, $providerInstallationId, $repositories, $providerBranch, $providerBranchUrl, $providerRepositoryName, $providerRepositoryUrl, $providerRepositoryOwner, $providerCommitHash, $providerCommitAuthorName, $providerCommitAuthorUrl, $providerCommitMessage, $providerCommitUrl, '', false, $dbForPlatform, $authorization, $queueForBuilds, $getProjectDB, $platform); } } From f89621cf7482350024c331aa85a23b07baaa77e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matej=20Ba=C4=8Do?= Date: Wed, 25 Mar 2026 13:17:07 +0100 Subject: [PATCH 2/4] Fix double deployments --- .env | 40 ++++++++++++++--- .../Modules/VCS/Http/GitHub/Deployment.php | 45 +++++++++++++++++-- 2 files changed, 75 insertions(+), 10 deletions(-) diff --git a/.env b/.env index 9abfa756e1..72dec798ee 100644 --- a/.env +++ b/.env @@ -25,7 +25,7 @@ _APP_OPTIONS_FORCE_HTTPS=disabled _APP_OPTIONS_ROUTER_FORCE_HTTPS=disabled _APP_OPENSSL_KEY_V1=your-secret-key _APP_DNS=172.16.238.100 # CoreDNS -_APP_DOMAIN=appwrite.test +_APP_DOMAIN=appwritelocal.tunnel.matejbaco.eu _APP_CONSOLE_DOMAIN=localhost _APP_CONSOLE_TRUSTED_PROJECTS=trusted-project,another-trusted-project _APP_DOMAIN_FUNCTIONS=functions.localhost @@ -127,12 +127,38 @@ _APP_GRAPHQL_MAX_COMPLEXITY=250 _APP_GRAPHQL_MAX_DEPTH=4 _APP_DOCKER_HUB_USERNAME= _APP_DOCKER_HUB_PASSWORD= -_APP_VCS_GITHUB_APP_NAME= -_APP_VCS_GITHUB_PRIVATE_KEY=disabled -_APP_VCS_GITHUB_APP_ID= -_APP_VCS_GITHUB_CLIENT_ID= -_APP_VCS_GITHUB_CLIENT_SECRET= -_APP_VCS_GITHUB_WEBHOOK_SECRET= +_APP_VCS_GITHUB_APP_NAME=appwrite-locally-final +_APP_VCS_GITHUB_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEAzeO6vSPXh5OJYVqI9pJY7nuSeStdq7MAAJZgNJOCqErI+45y +5cP/PrF7MVbSFlXOCMsXTTqV5N0dCM/Z8Rc1HDIa/smwlI52SJ9O9VYogdV138OC +BHu1gq8tDsztje4TtYuUDkouCmIobktvMjLhRKxQLt/XssmsRERoKLU0JxAXWB+M +nzyOeqL3hbKK4ftmue04mq7tRFLZgKjnD94SFmteKtRupiXxIGOyI8U67+CzQZeG +oqgwVl+ileftWBoKXautn5zVSusKagehxY2rFB5EM1mwh02XAogD6ENcKQXqtZAP +O0psjoQgCTYANOt29xSAGR/FxULpQyhlt7pB6QIDAQABAoIBAQC7Sc01AMWurqbp +yFGO+tGrHv2++5PZ/Jqj7ibVrNnN/TmWm54pJIGrpgdKeo/hgWxK03P+7Kwt5HXk +7i5zAYlufKXR3+ahPHac2U4aHqX6dRMk2dQL//y9RFzYedIeqdOD8dRcq132VBQz +QKuGHoKM1bKa8URlfs8VyqR1Y2BtprG+47CV4dkcg0lts8NQEX48BIrOHxSixWKo +X+ARhOZPmTDCQDsMDS4dlFDVs/LSmItOV4OnwCqEIzkXSzNitoKYLxy6sJwS49sv +t4o5kny7EaM+faRz4G/HQ3nU7+KyJ53qvlkqtrTSytV1m28/+/D7kUtMdZgm6u1v +U51bPImBAoGBAP4aUJxSjY1+noDawQ83zDtabi+bUcGwCbyO2iD4RFW5M+kSOfTa +n2UauCdyBrqAo2ycG4AMHatSFkgcrIFlO3LqW6a/jTMxD/d+naVDzymSK9C7P2Ga +0fEK0xWeAu04juJIjIdlQkhTi873p41vMB5+38T5WyaAju657dTNvagHAoGBAM9t +Qtk95rqi2h1p9YhKUXYRS+NnV8yeetVLHXmdsa5Cj4mXFm8GKl43rYqDjYvPyq7G +lr5zEnrUaGusd/mPwJziRB6bBcd2Vbka4N/Z+i9GzEHuaU7ZOWZP+wGypMfWLMLQ +7c13Jhl4q3et/z5M5d7lTUxhCQitz4Lfy1g8deqPAoGAf5uXf+m1TKmZz/wLmCjd +V7FCRIYruKk/OoJC6OvE5Yfsmc+da2mfQpb4hFavKloPuCttZBCxlafTqMM9nn3I +LR2kiUkJD/xDmHbtlGFJWAcgGeLvIYUuiW52MxT3Q0pz9w+YAybG8quCOp4EdvKv +p6Dvn2vaaquFHD4jQgtQg2ECgYEAuG3+tSgb4bBw3Rxcav0hZyhD4IL/hvkWYFW0 +dHDpDfcypvTGxpqlyzYYQINttHViUnpSiC3KrZn06l/kIOpXKWbpiIjv34Tw/W/P +qFmo4KZDcQ/pZGkyZy0QEldjuidNjz6zYi/hmV44n2X+/8bh0IjzbMkOfkAEtOoF +ZIQFmDMCgYEAyL0hxaRRYSaUw7ZRnx8O98M7pItDqkH/6C3w77i+6D/9uHSV6FDw +fT7tikCUYYuhO5cAd2dFM90vMkAAbyO7JiJCu3NNTQmFyX8SoMweq/Lw4Fg65H8S +cox5Xc24+5CAE3UWYeR8G93QGpMNxMlP25NehFcNh/0wuIyim1EUDic= +-----END RSA PRIVATE KEY-----" +_APP_VCS_GITHUB_APP_ID=2483214 +_APP_VCS_GITHUB_CLIENT_ID=Iv23liNlqhfXTiQTpO57 +_APP_VCS_GITHUB_CLIENT_SECRET=c342c5d161a2fdbe95134f367595c49b5235b29e +_APP_VCS_GITHUB_WEBHOOK_SECRET=password _APP_MIGRATIONS_FIREBASE_CLIENT_ID= _APP_MIGRATIONS_FIREBASE_CLIENT_SECRET= _APP_ASSISTANT_OPENAI_API_KEY= diff --git a/src/Appwrite/Platform/Modules/VCS/Http/GitHub/Deployment.php b/src/Appwrite/Platform/Modules/VCS/Http/GitHub/Deployment.php index 638ceab59e..f052d62919 100644 --- a/src/Appwrite/Platform/Modules/VCS/Http/GitHub/Deployment.php +++ b/src/Appwrite/Platform/Modules/VCS/Http/GitHub/Deployment.php @@ -127,7 +127,6 @@ trait Deployment Span::add("{$logBase}.authorized", $isAuthorized); - $commentStatus = 'waiting'; $protocol = System::getEnv('_APP_OPTIONS_FORCE_HTTPS') === 'disabled' ? 'http' : 'https'; $hostname = $platform['consoleHostname'] ?? ''; @@ -135,6 +134,33 @@ trait Deployment $action = $isAuthorized ? ['type' => 'logs'] : ['type' => 'authorize', 'url' => $authorizeUrl]; + $commentStatus = 'waiting'; + $commentPreviewUrl = ''; + + // If this action was triggered by pull request, use most up to date details in comment + if (!empty($providerPullRequestId)) { + $existingDeployment = $authorization->skip(fn () => $dbForProject->findOne('deployments', [ + Query::equal('resourceInternalId', [$resource->getSequence()]), + Query::equal('resourceType', [$resourceCollection]), + Query::equal('providerCommitHash', [$providerCommitHash]), + Query::equal('providerBranch', [$providerBranch]), + ])); + + $commentStatus = $existingDeployment->getAttribute('status', 'waiting'); + + if ($resource->getCollection() === 'sites') { + $previewRule = $authorization->skip(fn () => $dbForPlatform->findOne('rules', [ + Query::equal('projectInternalId', [$project->getSequence()]), + Query::equal('type', ['deployment']), // Not redirect + Query::equal('trigger', ['deployment']), // Preview - Not manual + Query::equal('deploymentResourceType', ['site']), // Not function + Query::equal('deploymentInternalId', [$existingDeployment->getSequence()]), + ])); + + $commentPreviewUrl = !$previewRule->isEmpty() ? ("{$protocol}://" . $previewRule->getAttribute('domain', '')) : ''; + } + } + $latestCommentId = ''; if (!empty($providerPullRequestId) && $resource->getAttribute('providerSilentMode', false) === false) { @@ -173,7 +199,7 @@ trait Deployment try { $comment = new Comment($platform); $comment->parseComment($github->getComment($owner, $repositoryName, $latestCommentId)); - $comment->addBuild($project, $resource, $resourceType, $commentStatus, $deploymentId, $action, ''); + $comment->addBuild($project, $resource, $resourceType, $commentStatus, $deploymentId, $action, $commentPreviewUrl); $latestCommentId = \strval($github->updateComment($owner, $repositoryName, $latestCommentId, $comment->generateComment())); } finally { @@ -182,7 +208,7 @@ trait Deployment } } else { $comment = new Comment($platform); - $comment->addBuild($project, $resource, $resourceType, $commentStatus, $deploymentId, $action, ''); + $comment->addBuild($project, $resource, $resourceType, $commentStatus, $deploymentId, $action, $commentPreviewUrl); $latestCommentId = \strval($github->createComment($owner, $repositoryName, $providerPullRequestId, $comment->generateComment())); if (!empty($latestCommentId)) { @@ -274,6 +300,19 @@ trait Deployment continue; } + if (!empty($providerPullRequestId)) { + // Update comment ID so running build can update comment + $authorization->skip(fn () => $dbForProject->updateDocuments('deployments', new Document([ + 'providerCommentId' => \strval($latestCommentId) + ]), [ + Query::equal('providerCommitHash', [$providerCommitHash]), + Query::equal('providerBranch', [$providerBranch]), + ])); + + // Skip rest - prevent double deployments (previous one was made by push) + return; + } + $commands = []; if (!empty($resource->getAttribute('installCommand', ''))) { $commands[] = $resource->getAttribute('installCommand', ''); From 87c462ebd43413b6cc857af386c7c4f190267e4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matej=20Ba=C4=8Do?= Date: Wed, 25 Mar 2026 13:22:55 +0100 Subject: [PATCH 3/4] Revert local setup --- .env | 40 +++++++--------------------------------- 1 file changed, 7 insertions(+), 33 deletions(-) diff --git a/.env b/.env index 72dec798ee..9abfa756e1 100644 --- a/.env +++ b/.env @@ -25,7 +25,7 @@ _APP_OPTIONS_FORCE_HTTPS=disabled _APP_OPTIONS_ROUTER_FORCE_HTTPS=disabled _APP_OPENSSL_KEY_V1=your-secret-key _APP_DNS=172.16.238.100 # CoreDNS -_APP_DOMAIN=appwritelocal.tunnel.matejbaco.eu +_APP_DOMAIN=appwrite.test _APP_CONSOLE_DOMAIN=localhost _APP_CONSOLE_TRUSTED_PROJECTS=trusted-project,another-trusted-project _APP_DOMAIN_FUNCTIONS=functions.localhost @@ -127,38 +127,12 @@ _APP_GRAPHQL_MAX_COMPLEXITY=250 _APP_GRAPHQL_MAX_DEPTH=4 _APP_DOCKER_HUB_USERNAME= _APP_DOCKER_HUB_PASSWORD= -_APP_VCS_GITHUB_APP_NAME=appwrite-locally-final -_APP_VCS_GITHUB_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY----- -MIIEpQIBAAKCAQEAzeO6vSPXh5OJYVqI9pJY7nuSeStdq7MAAJZgNJOCqErI+45y -5cP/PrF7MVbSFlXOCMsXTTqV5N0dCM/Z8Rc1HDIa/smwlI52SJ9O9VYogdV138OC -BHu1gq8tDsztje4TtYuUDkouCmIobktvMjLhRKxQLt/XssmsRERoKLU0JxAXWB+M -nzyOeqL3hbKK4ftmue04mq7tRFLZgKjnD94SFmteKtRupiXxIGOyI8U67+CzQZeG -oqgwVl+ileftWBoKXautn5zVSusKagehxY2rFB5EM1mwh02XAogD6ENcKQXqtZAP -O0psjoQgCTYANOt29xSAGR/FxULpQyhlt7pB6QIDAQABAoIBAQC7Sc01AMWurqbp -yFGO+tGrHv2++5PZ/Jqj7ibVrNnN/TmWm54pJIGrpgdKeo/hgWxK03P+7Kwt5HXk -7i5zAYlufKXR3+ahPHac2U4aHqX6dRMk2dQL//y9RFzYedIeqdOD8dRcq132VBQz -QKuGHoKM1bKa8URlfs8VyqR1Y2BtprG+47CV4dkcg0lts8NQEX48BIrOHxSixWKo -X+ARhOZPmTDCQDsMDS4dlFDVs/LSmItOV4OnwCqEIzkXSzNitoKYLxy6sJwS49sv -t4o5kny7EaM+faRz4G/HQ3nU7+KyJ53qvlkqtrTSytV1m28/+/D7kUtMdZgm6u1v -U51bPImBAoGBAP4aUJxSjY1+noDawQ83zDtabi+bUcGwCbyO2iD4RFW5M+kSOfTa -n2UauCdyBrqAo2ycG4AMHatSFkgcrIFlO3LqW6a/jTMxD/d+naVDzymSK9C7P2Ga -0fEK0xWeAu04juJIjIdlQkhTi873p41vMB5+38T5WyaAju657dTNvagHAoGBAM9t -Qtk95rqi2h1p9YhKUXYRS+NnV8yeetVLHXmdsa5Cj4mXFm8GKl43rYqDjYvPyq7G -lr5zEnrUaGusd/mPwJziRB6bBcd2Vbka4N/Z+i9GzEHuaU7ZOWZP+wGypMfWLMLQ -7c13Jhl4q3et/z5M5d7lTUxhCQitz4Lfy1g8deqPAoGAf5uXf+m1TKmZz/wLmCjd -V7FCRIYruKk/OoJC6OvE5Yfsmc+da2mfQpb4hFavKloPuCttZBCxlafTqMM9nn3I -LR2kiUkJD/xDmHbtlGFJWAcgGeLvIYUuiW52MxT3Q0pz9w+YAybG8quCOp4EdvKv -p6Dvn2vaaquFHD4jQgtQg2ECgYEAuG3+tSgb4bBw3Rxcav0hZyhD4IL/hvkWYFW0 -dHDpDfcypvTGxpqlyzYYQINttHViUnpSiC3KrZn06l/kIOpXKWbpiIjv34Tw/W/P -qFmo4KZDcQ/pZGkyZy0QEldjuidNjz6zYi/hmV44n2X+/8bh0IjzbMkOfkAEtOoF -ZIQFmDMCgYEAyL0hxaRRYSaUw7ZRnx8O98M7pItDqkH/6C3w77i+6D/9uHSV6FDw -fT7tikCUYYuhO5cAd2dFM90vMkAAbyO7JiJCu3NNTQmFyX8SoMweq/Lw4Fg65H8S -cox5Xc24+5CAE3UWYeR8G93QGpMNxMlP25NehFcNh/0wuIyim1EUDic= ------END RSA PRIVATE KEY-----" -_APP_VCS_GITHUB_APP_ID=2483214 -_APP_VCS_GITHUB_CLIENT_ID=Iv23liNlqhfXTiQTpO57 -_APP_VCS_GITHUB_CLIENT_SECRET=c342c5d161a2fdbe95134f367595c49b5235b29e -_APP_VCS_GITHUB_WEBHOOK_SECRET=password +_APP_VCS_GITHUB_APP_NAME= +_APP_VCS_GITHUB_PRIVATE_KEY=disabled +_APP_VCS_GITHUB_APP_ID= +_APP_VCS_GITHUB_CLIENT_ID= +_APP_VCS_GITHUB_CLIENT_SECRET= +_APP_VCS_GITHUB_WEBHOOK_SECRET= _APP_MIGRATIONS_FIREBASE_CLIENT_ID= _APP_MIGRATIONS_FIREBASE_CLIENT_SECRET= _APP_ASSISTANT_OPENAI_API_KEY= From 2f66ae5533c72af7d569915740f4b5d8a11ba2d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matej=20Ba=C4=8Do?= Date: Wed, 25 Mar 2026 13:28:16 +0100 Subject: [PATCH 4/4] AI review fixes --- src/Appwrite/Platform/Modules/VCS/Http/GitHub/Deployment.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/Appwrite/Platform/Modules/VCS/Http/GitHub/Deployment.php b/src/Appwrite/Platform/Modules/VCS/Http/GitHub/Deployment.php index f052d62919..04e2dbd406 100644 --- a/src/Appwrite/Platform/Modules/VCS/Http/GitHub/Deployment.php +++ b/src/Appwrite/Platform/Modules/VCS/Http/GitHub/Deployment.php @@ -144,6 +144,7 @@ trait Deployment Query::equal('resourceType', [$resourceCollection]), Query::equal('providerCommitHash', [$providerCommitHash]), Query::equal('providerBranch', [$providerBranch]), + Query::orderDesc('$createdAt') ])); $commentStatus = $existingDeployment->getAttribute('status', 'waiting'); @@ -310,7 +311,7 @@ trait Deployment ])); // Skip rest - prevent double deployments (previous one was made by push) - return; + continue; } $commands = [];