make it easier to deploy a new env

.github/workflows/continuous-delivery.yml

@@ -33,19 +33,30 @@
     name: Branch Check
     runs-on: ubuntu-latest
     steps:
+      - name: Checkout code
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+
       - name: Validate branch
         env:
           TARGET_ENV: ${{ github.event.inputs.target_env }}
         run: |
           if [ "$GITHUB_REF_NAME" != 'staging' ] && [ "$GITHUB_REF_NAME" != 'master' ]; then
             echo 'This workflow can only be run on branches staging and master.'
             exit 1
           fi
-          if [ "$TARGET_ENV" == 'luxadmosam' ] || [ "$TARGET_ENV" == 'euros' ]; then
-            if [ "$GITHUB_REF_NAME" != 'master' ]; then
-              echo 'Only the master branch can be deployed to external parties.'
-              exit 1
-            fi
+          # Check branch restriction from deploy_targets.yml
+          BRANCH_RESTRICTION=$(python3 << 'PYTHON_EOF'
+          import yaml
+          with open('config/deploy_targets.yml', 'r') as f:
+            config = yaml.safe_load(f)
+            target = config['targets']['${{ github.event.inputs.target_env }}']
+            restriction = target.get('branch_restriction')
+            print(restriction if restriction else '')
+          PYTHON_EOF
+          )
+          if [ ! -z "$BRANCH_RESTRICTION" ] && [ "$GITHUB_REF_NAME" != "$BRANCH_RESTRICTION" ]; then
+            echo "Target $TARGET_ENV can only be deployed from branch $BRANCH_RESTRICTION, but current branch is $GITHUB_REF_NAME."
+            exit 1
           fi
 
   metadata:
@@ -74,18 +85,25 @@
                 echo 'has_diff=false' >> "$GITHUB_OUTPUT"
               fi
             fi
-
-            if [ "$TARGET_ENV" == 'luxadmosam' ]; then
-              echo 'stage=luxproduction' >> "$GITHUB_OUTPUT"
-            elif [ "$TARGET_ENV" == 'euros' ]; then
-              echo 'stage=euros' >> "$GITHUB_OUTPUT"
-            else
-              echo 'stage=production' >> "$GITHUB_OUTPUT"
-            fi
-          else
-            echo 'stage=staging' >> "$GITHUB_OUTPUT"
           fi
 
+          # Get stage from deploy_targets.yml
+          STAGE=$(python3 << 'PYTHON_EOF'
+          import yaml
+          with open('config/deploy_targets.yml', 'r') as f:
+            config = yaml.safe_load(f)
+            target_env = '${{ github.event.inputs.target_env }}'
+            current_branch = '${{ github.ref_name }}'
+            # If on staging branch, always use staging stage unless targeting external party
+            if current_branch == 'staging':
+              print('staging')
+            else:
+              # On master: use the stage from the target environment
+              print(config['targets'][target_env]['stage'])
+          PYTHON_EOF
+          )
+          echo "stage=$STAGE" >> "$GITHUB_OUTPUT"
+
   merge:
     name: Merge
     runs-on: ubuntu-latest
@@ -162,15 +180,21 @@
         env:
           TARGET_ENV: ${{ github.event.inputs.target_env }}
         run: |
-          if [ "$TARGET_ENV" == 'luxadmosam' ] && [ "$GITHUB_REF_NAME" = 'master' ]; then
-            echo 'environment_url=https://luxstreep.csvalpha.nl' >> "$GITHUB_OUTPUT"
-          elif [ "$TARGET_ENV" == 'euros' ] && [ "$GITHUB_REF_NAME" = 'master' ]; then
-            echo 'environment_url=https://euros.csvalpha.nl' >> "$GITHUB_OUTPUT"
-          elif [ "$GITHUB_REF_NAME" = 'master' ]; then
-            echo 'environment_url=https://streep.csvalpha.nl' >> "$GITHUB_OUTPUT"
-          else
-            echo 'environment_url=https://stagingstreep.csvalpha.nl' >> "$GITHUB_OUTPUT"
-          fi
+          # Get URL from deploy_targets.yml based on current branch and target
+          URL=$(python3 << 'PYTHON_EOF'
+          import yaml
+          with open('config/deploy_targets.yml', 'r') as f:
+            config = yaml.safe_load(f)
+            current_branch = '${{ github.ref_name }}'
+            target_env = '${{ github.event.inputs.target_env }}'
+            # If on staging, use stagingstreep URL; otherwise use the target's URL
+            if current_branch == 'staging':
+              print(config['targets']['stagingstreep']['url'])
+            else:
+              print(config['targets'][target_env]['url'])
+          PYTHON_EOF
+          )
+          echo "environment_url=$URL" >> "$GITHUB_OUTPUT"
 
       - name: Checkout code
         uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

Dockerfile

@@ -28,7 +28,8 @@ WORKDIR /app
 
 # Pre-install gems, so that they can be cached.
 COPY Gemfile* /app/
-RUN if [ "$RAILS_ENV" = 'production' ] || [ "$RAILS_ENV" = 'staging' ] || [ "$RAILS_ENV" = 'luxproduction' ] || [ "$RAILS_ENV" = 'euros' ]; then \
+COPY config/deploy_targets.yml /app/config/
+RUN if ruby -e "require 'yaml'; targets = YAML.load_file('config/deploy_targets.yml')['targets'].keys; exit(targets.include?(ENV['RAILS_ENV']) ? 0 : 1)"; then \
     bundle config set --local without 'development test'; \
   else \
     bundle config set --local without 'development'; \
@@ -43,7 +44,7 @@ RUN yarn install --immutable
 COPY . /app/
 
 # Precompile assets after copying app because whole Rails pipeline is needed.
-RUN if [ "$RAILS_ENV" = 'production' ] || [ "$RAILS_ENV" = 'staging' ] || [ "$RAILS_ENV" = 'luxproduction' ] || [ "$RAILS_ENV" = 'euros' ]; then \
+RUN if ruby -e "require 'yaml'; targets = YAML.load_file('config/deploy_targets.yml')['targets'].keys; exit(targets.include?(ENV['RAILS_ENV']) ? 0 : 1)"; then \
     SECRET_KEY_BASE_DUMMY=1 bundle exec rails assets:precompile; \
   else \
     echo "Skipping assets:precompile"; \

app/controllers/application_controller.rb

@@ -1,5 +1,6 @@
 class ApplicationController < ActionController::Base
   include Pundit::Authorization
+  include EnvironmentAware
 
   protect_from_forgery with: :exception, prepend: true
 

app/controllers/concerns/environment_aware.rb

@@ -0,0 +1,30 @@
+module EnvironmentAware
+  extend ActiveSupport::Concern
+
+  included do
+    class_variable_set(:@@deploy_targets, nil)
+  end
+
+  def production_deployed?
+    self.class.production_deployed?
+  end
+
+  class_methods do
+    def production_deployed?
+      Rails.env.development? || Rails.env.test? ? false : deployed_environments.include?(Rails.env.to_sym)
+    end
+
+    def deployed_environments
+      load_deploy_targets.keys.map(&:to_sym)
+    end
+
+    private
+
+    def load_deploy_targets
+      @@deploy_targets ||= begin
+        config_path = Rails.root.join('config', 'deploy_targets.yml')
+        YAML.load_file(config_path)['targets']
+      end
+    end
+  end
+end

app/controllers/credit_mutations_controller.rb

@@ -19,9 +19,7 @@ def create # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
 
     respond_to do |format|
       if @mutation.save
-        if Rails.env.production? || Rails.env.staging? || Rails.env.luxproduction? || Rails.env.euros?
-          NewCreditMutationNotificationJob.perform_later(@mutation)
-        end
+        NewCreditMutationNotificationJob.perform_later(@mutation) if production_deployed?
         format.html { redirect_to which_redirect?, flash: { success: 'Inleg of mutatie aangemaakt' } }
         format.json do
           render json: @mutation, include: { user: { methods: User.orderscreen_json_includes } }

app/jobs/application_job.rb

@@ -1,2 +1,3 @@
 class ApplicationJob < ActiveJob::Base
+  include EnvironmentAware
 end

app/jobs/credit_insufficient_notification_job.rb

@@ -30,7 +30,7 @@ def send_notification_delivery_reports(success_count, unnotifyable_users)
       ).deliver_later
     end
 
-    return unless Rails.env.production? || Rails.env.staging? || Rails.env.luxproduction? || Rails.env.euros?
+    return unless production_deployed?
 
     HealthCheckJob.perform_later('credit_insufficient')
   end

app/jobs/payment_poll_job.rb

@@ -9,7 +9,7 @@ def perform
       # it will be checked again the next time this poll job runs
     end
 
-    return unless Rails.env.production? || Rails.env.staging? || Rails.env.luxproduction? || Rails.env.euros?
+    return unless production_deployed?
 
     HealthCheckJob.perform_later('payment_poll')
   end

app/models/application_record.rb

@@ -1,4 +1,6 @@
 class ApplicationRecord < ActiveRecord::Base
+  include EnvironmentAware
+
   self.abstract_class = true
 
   acts_as_paranoid

app/views/partials/_footer.html.erb

@@ -1,8 +1,8 @@
 <footer class="footer d-flex justify-content-between">
   <span class="text-danger text-uppercase fw-bold mx-2">
-    <% if Rails.application.config.x.sofia_host == 'stagingstreep.csvalpha.nl' %>
+    <% if DeployTargetConfig.staging_deployed? %>
       For demo and testing purposes only
-    <% elsif Rails.application.config.x.sofia_host != 'streep.csvalpha.nl' && Rails.application.config.x.sofia_host != 'luxstreep.csvalpha.nl' && Rails.application.config.x.sofia_host != 'euros.csvalpha.nl' %>
+    <% elsif !DeployTargetConfig.production_deployed? %>
       Development mode
     <% end %>
   </span>

config/deploy.rb

@@ -2,22 +2,17 @@
 # This file is for mina to be able to connect to the rails console on the server
 
 require 'mina/rails'
+require 'yaml'
 import 'lib/mina/tasks/rails.rake'
 
 set :domain, 'ssh.csvalpha.nl'
 
-task :staging do
-  set :deploy_to, '/opt/docker/sofia/staging'
-end
-
-task :production do
-  set :deploy_to, '/opt/docker/sofia/production'
-end
-
-task :luxproduction do
-  set :deploy_to, '/opt/docker/sofia/luxproduction'
-end
+# Load deployment targets from config/deploy_targets.yml
+deploy_targets = YAML.load_file(File.expand_path('deploy_targets.yml', __dir__))['targets']
 
-task :euros do
-  set :deploy_to, '/opt/docker/sofia/euros'
+# Dynamically create mina tasks for each deployment target
+deploy_targets.each do |target_name, config|
+  task target_name.to_sym do
+    set :deploy_to, config['deploy_path']
+  end
 end

config/deploy_targets.yml

@@ -0,0 +1,46 @@
+# Deployment Targets Configuration
+# 
+# This file defines all deployment targets for the Sofia application.
+# Each target specifies the deployment location, stage name, and URL.
+#
+# To add a new deployment target:
+#   1. Add a new entry below with the target name as the key
+#   2. Set deploy_path to the docker directory path on the server
+#   3. Set stage to the Rails environment name (creates config/environments/{stage}.rb)
+#   4. Set hostname to the application's domain
+#   5. Set url to the HTTPS URL for GitHub Actions deployment tracking
+#   6. Set branch_restriction to limit deployments to specific branches (optional)
+#   7. Optionally set allow_targets to whitelist this target (used by CI to determine valid targets)
+
+targets:
+  csvalpha:
+    deploy_path: /opt/docker/sofia/production
+    stage: production
+    hostname: streep.csvalpha.nl
+    url: https://streep.csvalpha.nl
+    branch_restriction: master  # Only from master branch
+    allow_targets: csvalpha
+
+  stagingstreep:
+    deploy_path: /opt/docker/sofia/staging
+    stage: staging
+    hostname: stagingstreep.csvalpha.nl
+    url: https://stagingstreep.csvalpha.nl
+    branch_restriction: staging  # Only from staging branch
+    allow_targets: csvalpha
+
+  luxadmosam:
+    deploy_path: /opt/docker/sofia/luxproduction
+    stage: luxproduction
+    hostname: luxstreep.csvalpha.nl
+    url: https://luxstreep.csvalpha.nl
+    branch_restriction: master  # Only from master branch
+    allow_targets: luxadmosam
+
+  euros:
+    deploy_path: /opt/docker/sofia/euros
+    stage: euros
+    hostname: euros.csvalpha.nl
+    url: https://euros.csvalpha.nl
+    branch_restriction: master  # Only from master branch
+    allow_targets: euros

config/initializers/deploy_target_config.rb

@@ -0,0 +1,30 @@
+# Helper to dynamically generate environment configurations from deploy_targets.yml
+module DeployTargetConfig
+  def self.load_targets
+    @targets ||= YAML.load_file(Rails.root.join('config', 'deploy_targets.yml'))['targets']
+  end
+
+  def self.target_stages
+    load_targets.keys
+  end
+
+  def self.all_production_stages
+    target_stages
+  end
+
+  def self.production_hostnames
+    load_targets.values.map { |config| config['hostname'] }
+  end
+
+  def self.staging_hostname
+    load_targets['stagingstreep']&.dig('hostname')
+  end
+
+  def self.production_deployed?
+    production_hostnames.include?(Rails.application.config.x.sofia_host)
+  end
+
+  def self.staging_deployed?
+    Rails.application.config.x.sofia_host == staging_hostname
+  end
+end

config/initializers/sentry.rb

@@ -1,6 +1,10 @@
 Sentry.init do |config|
   config.dsn = Rails.application.config.x.sentry_dsn
-  config.enabled_environments = %w[production staging luxproduction euros]
+
+  # Load enabled environments from deploy_targets.yml
+  deploy_targets = YAML.load_file(Rails.root.join('config', 'deploy_targets.yml'))['targets']
+  config.enabled_environments = deploy_targets.keys
+
   config.environment = Rails.env
   config.release = ENV.fetch('BUILD_HASH', nil)
 end

spec/rails_helper.rb

@@ -6,7 +6,9 @@
 require File.expand_path('../config/environment', __dir__)
 # Prevent database truncation if the environment is production
 # rubocop:disable Rails/Exit
-if Rails.env.production? || Rails.env.staging? || Rails.env.luxproduction? || Rails.env.euros?
+deploy_targets = YAML.load_file(File.expand_path('../config/deploy_targets.yml', __dir__))['targets']
+production_envs = deploy_targets.keys.map(&:to_sym)
+if production_envs.include?(Rails.env.to_sym)
   abort('The Rails environment is running in production mode!')
 end
 # rubocop:enable Rails/Exit