Enfection DevOps Documentation

WordPress agency CI/CD workflow — complete guide.

New Project Flow

CLIENT PROJECT COMES IN
         │
         ▼
  ┌─────────────┐
  │   DevOps    │  1. CloudPanel → WordPress site + SSL
  │  (First!)   │  2. Run script → GitHub repo + secrets
  │   ~5 mins   │  3. Handover to developer
  └──────┬──────┘
         │ Handover (repo URL + WP credentials)
         ▼
  ┌─────────────┐
  │  Developer  │  1. LocalWP → create local site
  │             │  2. Create theme folder
  │  Daily work │  3. Connect to GitHub repo (staging branch)
  └──────┬──────┘  4. git push origin staging → auto deploy
         │
         ▼
  ┌──────────────────────────────────┐
  │  https://[client].development.   │  ✅ Staging updated!
  │  enfection.com                   │
  └──────────────────────────────────┘
         │
         │ DevOps reviews → merge staging → production
         ▼
  ┌──────────────────────────────────┐
  │  http://[lightsail-ip]           │  ✅ Production updated!
  │  (Docker + Lightsail)            │
  └──────────────────────────────────┘

Branch Strategy

Branch	Purpose	Triggers
`staging`	Developer pushes daily work	SonarQube scan + CloudPanel staging deploy
`production`	DevOps merges when client approves	Lightsail Docker production deploy
`main`	Safety backup only	No deploy

Quick Reference

Developer DailyDevOps → ProductionDevOps New ProjectCheck Pipeline

git add .
git commit -m "feat: your change"
git push origin staging
# ✅ Auto deploy to staging done!

# After client approves staging
git checkout production
git merge staging
git push origin production
# ✅ Auto deploy to production done!

# 1. CloudPanel → Add WordPress Site + SSL
# 2. Run script:
scripts/new-project.sh rocell "Rocell Website"
# 3. Handover to developer
# ~5 minutes total

github.com/ChamodTharuka/[repo] → Actions tab
✅ Green = deployed successfully
❌ Red   = check logs + fix

Servers

Server	URL	Purpose
SonarQube	https://sonarqube.enfection.com	Code quality scanning
Staging Panel	https://dev.enfection.com:8443	CloudPanel admin
Staging Sites	https://[client].dev.enfection.com	Client staging
Production	http://[lightsail-ip]	Docker WordPress
Monitoring	Grafana Cloud	CPU/RAM/Disk alerts
Docs	https://docs.dev.enfection.com	This site

Workflow Summary

What happens when a new project comes in?

DevOps does first:

DevOps goes to CloudPanel and creates a staging site — for example rocell.dev.enfection.com. WordPress installs automatically, the database is created, and SSL certificate is applied.

Then from the local machine, DevOps runs one command in Git Bash:

scripts/new-project.sh rocell "Rocell Website"

That one command automatically:

Creates a private GitHub repo
Pushes deploy.yml, sonar-project.properties, docker files
Creates staging, production, and main branches
Adds all 8 GitHub secrets

Then DevOps sends the developer the repo link and WP credentials.

Developer does:

Developer opens LocalWP and creates a local site. Creates the custom theme folder with their theme files. Then connects that theme folder to the GitHub repo DevOps created, and switches to the staging branch.

From that point, daily work is simple:

Edit theme files locally
Test at http://rocell-website.local
Run git push origin staging
GitHub Actions automatically runs — SonarQube scans the code, deploys theme to staging server
https://rocell.dev.enfection.com updates automatically

When client approves — go to production:

DevOps merges staging into production branch. GitHub Actions automatically deploys to the Lightsail Docker server. The live site updates with no manual work.

Branch roles:

Branch	Who uses it	What happens
`staging`	Developer daily pushes	SonarQube scan + staging site update
`production`	DevOps only — after client approval	Live production site update
`main`	No one pushes here	Safety backup only — no deploy