Using PHP to automate the deployment of GIT code, PHP deployment git_php Tutorial

Source: Internet
Author: User
Tags hosting webhook

Use PHP to automatically deploy git code, PHP to deploy git


Recently in the use of coding code hosting, the way to set up the Webhook automatic deployment, the process is very difficult, mainly still do not understand the rights of Linux control, but fortunately, to share the most benefit of an article for your reference, the original English version, my English is not, barely able to read , let's see.

Original link: http://jondavidjohn.com/git-pull-from-a-php-script-not-so-simple/

I intended to set up a repository (hosted in BitBucket) to initiate a pulling on a dev server when new commits is pushed up.

It seemed like a simple enough process. BitBucket have a service that would fire off a POST request as a post-receive hook. So I set up a receiving PHP script to check a randomized tokens and then initiate the git pull . Looking something like this ...

 "!--? php Define ( ' Private_key '  ' xxxxxxxxxxxxxxxxxxx ' Span class= "P" >); if  ($_server[ ' Request_method ' ] ===  ' POST ' && $_ Request[ ' thing ' ] === private_ Key) {echo shell_exec (  "git pull" );                /span>                

Didn ' t end up being as simple as I had anticipated ...

There were a few considerations that I do not take to account. Documenting them here would hopefully help you avoid some obstacles in trying to get something like this set up.

(Missed) Considerations

The binary (in this case git )

The user is a attempting to execute was the git pull Apache User (in our case www ). This user does not happen to the git their path.

This took a and track down because the exec() family of functions simply fail silently because they only repor T STDOUT and not STDERR. To get the function to report STDERR you can route it into STDOUT by adding at the end of the 2->&1 your command.

After I realized this I logged which git in and found the full path of the Git binary with, which is /full/path/to/bin/git .


   
    ...    echo shell_exec("/full/path/to/bin/git pull 2>&1");...

Now it is reporting the next issue ...

Permissions

error: cannot open .git/FETCH_HEAD: Permission denied

The Apache user also needs read and write access to the entire repository.

chown -R ssh_user:www repository/

It ' s also a good idea to make sure any files/directories inherit this ownership if being created by others by setting the Group Sticky bit.

chmod -R g+s repository/

"Host Key verification Failed"

Next, you need to do a intial git pull with the Apache user to make sure the remote was added to the Apache user ' s file

sudo -u www git pull

SSH key

Another consideration created by this command being run by the Apache user was the SSH key it uses to communicate with the Remote Repository.

First, I went down the path of attempting to use The git_ssh environment variable to set The ssh-i Span class= "apple-converted-space" > option to the IT-use a specific SSH key I had generated with the SSH user. I never got this to work, most likely because there is a lot of rules for SSH uses to determine the safety of a given key. It requires some specific permissions regarding the user that's attempting to use the key.

An easier-discovered is to give the Apache User a home directory (via /etc/passwd ) and a .ssh directory and Then run the command as the ssh-keygen Apache User ( www )

sudo -u www ssh-keygen -t rsa

This creates the keys and puts them in their expected location with the proper permissions applied.

Then I added the key as a read-only key for the BitBucket repository and everything worked as expected.

 

http://www.bkjia.com/PHPjc/1053799.html www.bkjia.com true http://www.bkjia.com/PHPjc/1053799.html techarticle using PHP to automate the deployment of GIT code, PHP deployment git recently in the use of coding code hosting, the way to set up the Webhook automatic deployment, the process is very difficult, mainly still do not understand the rights of Linux ...

  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.