Home > Article > Backend Development > Automatically deploy GIT code using PHP
Automatically deploy GIT code using PHP
- WBOYOriginal
- 2016-07-29 09:15:40759browse
Recently I am using Coding’s code hosting, and I set up WebHook automatic deployment. The process is quite difficult, mainly because I still don’t understand the permission control of Linux, but fortunately I have it figured out. Let me share an article that has benefited me the most. For your reference, the original text is in English. My English is not good and I can barely understand it. Please make do with it
Original text link: http://jondavidjohn.com/git-pull-from-a-php-script- not-so-simple/
I intended to set up a repository (hosted on BitBucket) to initiate a pull on a dev server when new commits are pushed up.
It seemed like a simple enough process. BitBucket has a service that will fire off a POST request as a post-receive hook. So I set up a receiving php script to check a randomized token and then initiate the git pull. Looking something like this...
<code data-lang="php"><span><?php
<span>define<span>(<span>'PRIVATE_KEY'<span>, <span>'XXXXXXXXXXXXXXXXxxx'<span>);
<span>if <span>(<span>$_SERVER<span>[<span>'REQUEST_METHOD'<span>] <span>=== <span>'POST'
<span>&& <span>$_REQUEST<span>[<span>'thing'<span>] <span>=== <span>PRIVATE_KEY<span>)
<span>{
<span>echo <span>shell_exec<span>(<span>"git pull"<span>);
<span>}
</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></code>Didn 't end up being as simple as I had anticipated...
There were a few considerations that I did not take into account. Documenting them here will hopefully help you avoid some obstacles in trying to get something like this set up.
(Missed) Considerations
the binary (git in this case)
The user that is attempting to execute Now it was reporting the next issue... Another consideration created by this command being run by the apache user is the ssh key it uses to communicate with the remote repository.
git pull is the apache user (www in our case). This user did not happen to have git in their path. STDERR. To get the function to report STDERR you can route it into STDOUT by adding2->&1 at the end of your command.After I realized this I logged in and found the full path of the git binary with which git, which is/full/path/to/bin/git.<code data-lang="php"><span><?php
<span>...
<span>echo <span>shell_exec<span>(<span>"/full/path/to/bin/git pull 2>&1"<span>);
<span>...
</span></span></span></code>
permissions <pre class="brush:php;toolbar:false"><code data-lang="text">error: cannot open .git/FETCH_HEAD: Permission denied
</code></pre>The apache user also needs read and write access to the entire repository.<code data-lang="text">chown -R ssh_user:www repository/
</code>
It's also a good idea to make sure any files/directories inherit this ownership if being created by others by setting the group sticky bit.<code data-lang="text">chmod -R g+s repository/
</code>
"Host key verification failed"Next, you need to do an intial git pull with the apache user to make sure the remote is added to the apache user's<code data-lang="text">sudo -u www git pull
</code>
ssh keyFirst, I went down the path of attempting to use theGIT_SSHAn easier way I discovered was to give the apache user a home directory (via/etc/passwd This creates the keys and puts them in their expected location with the proper permissions applied.Then I added the key as a read-only key for the BitBucket repository and everything worked as expected.<code data-lang="text">sudo -u www ssh-keygen -t rsa
</code>
The above introduces the use of PHP to automatically deploy GIT code, including aspects of the content. I hope it will be helpful to friends who are interested in PHP tutorials.