From 6b1750d8d1d4f2564912e07a5f715a58d045d8d6 Mon Sep 17 00:00:00 2001 From: IANewCool Date: Mon, 11 Aug 2025 19:07:18 -0400 Subject: [PATCH 1/2] ci(web): Vercel deploy (Flutter Web) + SPA rewrites --- .github/workflows/web-vercel.yml | 17 +++++++++++++++++ vercel.json | 6 ++++++ 2 files changed, 23 insertions(+) create mode 100644 .github/workflows/web-vercel.yml create mode 100644 vercel.json diff --git a/.github/workflows/web-vercel.yml b/.github/workflows/web-vercel.yml new file mode 100644 index 00000000..b0e07221 --- /dev/null +++ b/.github/workflows/web-vercel.yml @@ -0,0 +1,17 @@ +name: Deploy Web to Vercel +on: + push: + branches: [develop, main] +jobs: + build-and-deploy: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: subosito/flutter-action@v2 + with: { flutter-version: '3.22.0' } + - run: flutter pub get + - run: flutter build web --release --dart-define=API_BASE=https://api.tunestream.io + - run: npm i -g vercel + # deploy del directorio estático generado por Flutter + - run: vercel deploy --prod build/web --yes --token ${{ secrets.VERCEL_TOKEN }} --name tunestream-app +YAML < /dev/null \ No newline at end of file diff --git a/vercel.json b/vercel.json new file mode 100644 index 00000000..e321c25d --- /dev/null +++ b/vercel.json @@ -0,0 +1,6 @@ +{ + "cleanUrls": true, + "trailingSlash": false, + "rewrites": [{ "source": "/(.*)", "destination": "/index.html" }] +} +JSON < /dev/null \ No newline at end of file From 2c0cbcdf8228994f175912cbe31da35065f599bc Mon Sep 17 00:00:00 2001 From: IANewCool Date: Mon, 11 Aug 2025 19:49:47 -0400 Subject: [PATCH 2/2] improve(ci): optimize Vercel deploy workflow - Update Flutter version to 3.29.2 (matches project FVM config) - Add pub-cache for faster builds - Auto-create .env file with required variables - Add security headers (X-Frame-Options, CSRF protection) - Optimize static asset caching (1 year immutable) --- .github/workflows/web-vercel.yml | 21 ++++++++++++++++++++- vercel.json | 19 ++++++++++++++++++- 2 files changed, 38 insertions(+), 2 deletions(-) diff --git a/.github/workflows/web-vercel.yml b/.github/workflows/web-vercel.yml index b0e07221..97e2a91d 100644 --- a/.github/workflows/web-vercel.yml +++ b/.github/workflows/web-vercel.yml @@ -7,8 +7,27 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + + # Cache pub dependencies + - uses: actions/cache@v3 + with: + path: ~/.pub-cache + key: ${{ runner.os }}-pub-${{ hashFiles('pubspec.yaml') }} + restore-keys: ${{ runner.os }}-pub- + - uses: subosito/flutter-action@v2 - with: { flutter-version: '3.22.0' } + with: { flutter-version: '3.29.2' } + + # Create .env file for build + - run: | + echo "SPOTIFY_SECRETS=dummy_client_id:dummy_client_secret" > .env + echo "LASTFM_API_KEY=dummy_lastfm_key" >> .env + echo "LASTFM_API_SECRET=dummy_lastfm_secret" >> .env + echo "HIDE_DONATIONS=0" >> .env + echo "ENABLE_UPDATE_CHECK=1" >> .env + echo "RELEASE_CHANNEL=nightly" >> .env + echo "DISABLE_SPOTIFY_IMAGES=0" >> .env + - run: flutter pub get - run: flutter build web --release --dart-define=API_BASE=https://api.tunestream.io - run: npm i -g vercel diff --git a/vercel.json b/vercel.json index e321c25d..45878c80 100644 --- a/vercel.json +++ b/vercel.json @@ -1,6 +1,23 @@ { "cleanUrls": true, "trailingSlash": false, - "rewrites": [{ "source": "/(.*)", "destination": "/index.html" }] + "rewrites": [{ "source": "/(.*)", "destination": "/index.html" }], + "headers": [ + { + "source": "/(.*)", + "headers": [ + { "key": "X-Frame-Options", "value": "DENY" }, + { "key": "X-Content-Type-Options", "value": "nosniff" }, + { "key": "Referrer-Policy", "value": "strict-origin-when-cross-origin" }, + { "key": "Permissions-Policy", "value": "camera=(), microphone=(), geolocation=()" } + ] + }, + { + "source": "/(.*\\.(js|css|ico|png|jpg|jpeg|gif|svg|woff|woff2|ttf|eot))", + "headers": [ + { "key": "Cache-Control", "value": "public, max-age=31536000, immutable" } + ] + } + ] } JSON < /dev/null \ No newline at end of file