Use PHP to automatically deploy GIT code, and use php to deploy git_PHP

Source: Internet
Author: User
Use PHP to automatically deploy GIT code and php to deploy git. Using PHP to automatically deploy GIT code, php to deploy git is using Coding code hosting recently, and WebHook automatic deployment is set by the way, the process is still quite difficult, I still don't understand Linux permissions. I can use PHP to automatically deploy GIT code, and use php to deploy git.

Recently, we are using Coding code hosting. By the way, we have set up automatic WebHook deployment. this process is still quite difficult, but we still don't understand the Linux permission control, but it is better to do it, I would like to share one of the most beneficial articles for your reference. The original article is in English, and I cannot understand English either.

Link: http://jondavidjohn.com/git-pull-from-a-php-script-not-so-simple/

I intended to set up a repository (hosted on BitBucket) to initiate a pull on a dev server when new commits are pushed up.

It seemed like a simple enough process. bitBucket has a service that will fire off a POST request as a post-receive hook. so I set up a login ing php script to check a randomized token and then initiategit pull. Looking something like this...


  

Didn't end up being as simple as I had anticipated...

There were a few considerations that I did not take into account. Documenting them here will hopefully help you avoid some obstacles in trying to get something like this set up.

(Missed) Considerationsthe binary (gitIn this case)

The user that is attempting to executegit pullIs the apache user (wwwIn our case). This user did not happen to havegitIn their path.

This took a while to track down becauseexec()Family of functions simply fail silently because they only report STDOUT and not STDERR. To get the function to report STDERR you can route it into STDOUT by adding2->&1At the end of your command.

After I realized this I logged in and found the full path of the git binarywhich git, Which is/full/path/to/bin/git.


   &1");...

Now it was reporting the next issue...

Permissions
error: cannot open .git/FETCH_HEAD: Permission denied

The apache user also needs read and write access to the entire repository.

chown -R ssh_user:www repository/

It's also a good idea to make sure any files/directories inherit this ownership if being created by others by setting the group sticky bit.

chmod -R g+s repository/
"Host key verification failed"

Next, you need to do an intial git pull with the apache user to make sure the remote is added to the apache user'sknown_hostsFile

sudo -u www git pull
Ssh key

Another consideration created by this command being run by the apache user is the ssh key it uses to communicate with the remote repository.

First, I went down the path of attempting to useGIT_SSHEnvironment variable to setssh -iOption to tell it to use a specific ssh key I had generated with the ssh user. I never got this to work, most likely because there are a lot of rules ssh uses to determine the safety of a given key. it requires some specific permissions regarding the user that is attempting to use the key.

An easier way I discovered was to give the apache user a home directory (/etc/passwd) And.sshDirectory and then runssh-keygenCommandAsThe apache user (www)

sudo -u www ssh-keygen -t rsa

This creates the keys and puts them in their expected location with the proper permissions applied.

Then I added the key as a read-only key for the BitBucket repository and everything worked as expected.

 

Later, Ghost was using Coding code hosting. By the way, it was difficult to set up automatic WebHook deployment. I still didn't understand Linux permissions...

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.