使用PHP自动部署GIT代码,php部署git
最近在使用Coding的代码托管,顺便设置了WebHook自动部署,过程还是挺艰辛的,主要还是没搞懂Linux的权限控制,不过好在弄好了,分享一下获益最深的一篇文章,供大家参考,原文是英文版的,我的英语也不行,勉强能看懂,大家凑合着看吧
原文链接:http://jondavidjohn.com/git-pull-from-a-php-script-not-so-simple/
I intended to set up a repository (hosted on BitBucket) to initiate a pull on a dev server when new commits are pushed up.
It seemed like a simple enough process. BitBucket has a service that will fire off a POST request as a post-receive hook. So I set up a receiving php script to check a randomized token and then initiate the git pull. Looking something like this...
<code class="language-php" data-lang="php"><span class="cp"><?php
<span class="nb">define<span class="p">(<span class="s1">'PRIVATE_KEY'<span class="p">, <span class="s1">'XXXXXXXXXXXXXXXXxxx'<span class="p">);
<span class="k">if <span class="p">(<span class="nv">$_SERVER<span class="p">[<span class="s1">'REQUEST_METHOD'<span class="p">] <span class="o">=== <span class="s1">'POST'
<span class="o">&& <span class="nv">$_REQUEST<span class="p">[<span class="s1">'thing'<span class="p">] <span class="o">=== <span class="nx">PRIVATE_KEY<span class="p">)
<span class="p">{
<span class="k">echo <span class="nb">shell_exec<span class="p">(<span class="s2">"git pull"<span class="p">);
<span class="p">}
</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></code>
Didn't end up being as simple as I had anticipated...
There were a few considerations that I did not take into account. Documenting them here will hopefully help you avoid some obstacles in trying to get something like this set up.
(Missed) Considerations
the binary (git in this case)
The user that is attempting to execute git pull is the apache user (www in our case). This user did not happen to have git in their path.
This took a while to track down because the exec() family of functions simply fail silently because they only report STDOUT and not STDERR. To get the function to report STDERR you can route it into STDOUT by adding 2->&1 at the end of your command.
After I realized this I logged in and found the full path of the git binary with which git, which is /full/path/to/bin/git.
<code class="language-php" data-lang="php"><span class="cp"><?php
<span class="o">...
<span class="k">echo <span class="nb">shell_exec<span class="p">(<span class="s2">"/full/path/to/bin/git pull 2>&1"<span class="p">);
<span class="o">...
</span></span></span></span></span></span></span></span></code>
Now it was reporting the next issue...
permissions
<code class="language-text" data-lang="text">error: cannot open .git/FETCH_HEAD: Permission denied </code>
The apache user also needs read and write access to the entire repository.
<code class="language-text" data-lang="text">chown -R ssh_user:www repository/ </code>
It's also a good idea to make sure any files/directories inherit this ownership if being created by others by setting the group sticky bit.
<code class="language-text" data-lang="text">chmod -R g+s repository/ </code>
"Host key verification failed"
Next, you need to do an intial git pull with the apache user to make sure the remote is added to the apache user's known_hosts file
<code class="language-text" data-lang="text">sudo -u www git pull </code>
ssh key
Another consideration created by this command being run by the apache user is the ssh key it uses to communicate with the remote repository.
First, I went down the path of attempting to use the GIT_SSH environment variable to set the ssh -i option to tell it to use a specific ssh key I had generated with the ssh user. I never got this to work, most likely because there are a lot of rules ssh uses to determine the safety of a given key. It requires some specific permissions regarding the user that is attempting to use the key.
An easier way I discovered was to give the apache user a home directory (via /etc/passwd) and a .ssh directory and then run the ssh-keygen command as the apache user (www)
<code class="language-text" data-lang="text">sudo -u www ssh-keygen -t rsa </code>
This creates the keys and puts them in their expected location with the proper permissions applied.
Then I added the key as a read-only key for the BitBucket repository and everything worked as expected.
<code class="language-php" data-lang="php"><span class="cp"><span class="nb"><span class="p"><span class="s1"><span class="p"><span class="s1"><span class="p"><span class="k"><span class="p"><span class="nv"><span class="p"><span class="s1"><span class="p"><span class="o"><span class="s1"><span class="o"><span class="nv"><span class="p"><span class="s1"><span class="p"><span class="o"><span class="nx"><span class="p"><span class="p"><span class="k"><span class="nb"><span class="p"><span class="s2"><span class="p"><span class="p"> </span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></code>
如何在Go中使用命名管道?May 11, 2023 pm 04:22 PM命名管道是一种在操作系统中相对比较低级的进程通信方式,它是一种以文件为中介的进程通信方式。在Go语言中,通过os包提供了对命名管道的支持。在本文中,我们将介绍如何在Go中使用命名管道来实现进程间通信。一、命名管道的概念命名管道是一种特殊的文件,可以被多个进程同时访问。在Linux系统中,命名管道是一种特殊的文件类型,它们存在于文件系统的某个位置上,并且可以在
如何在Go中使用第三方库?May 11, 2023 pm 03:30 PM在Go语言中,使用第三方库是非常方便的。许多优秀的第三方库和框架可以帮助我们快速地开发应用程序,同时也减少了我们自己编写代码的工作量。但是如何正确地使用第三方库,确保其稳定性和可靠性,是我们必须了解的一个问题。本文将从以下几个方面介绍如何使用第三方库,并结合具体例子进行讲解。一、第三方库的获取Go语言中获取第三方库有以下两种方式:1.使用goget命令首先
如何在PHP中使用协程?May 12, 2023 am 08:10 AM随着传统的多线程模型在高并发场景下的性能瓶颈,协程成为了PHP编程领域的热门话题。协程是一种轻量级的线程,能够在单线程中实现多任务的并发执行。在PHP的语言生态中,协程得到了广泛的应用,比如Swoole、Workerman等框架就提供了对协程的支持。那么,如何在PHP中使用协程呢?本文将介绍一些基本的使用方法以及常见的注意事项,帮助读者了解协程的运作原理,以
如何在PHP中使用变量函数May 18, 2023 pm 03:52 PM变量函数是指可以使用变量来调用函数的一种特殊语法。在PHP中,变量函数是非常有用的,因为它可以让我们更加灵活地使用函数。在本文中,我们将介绍如何在PHP中使用变量函数。定义变量函数在PHP中,变量函数的定义方式非常简单,只需要将要调用的函数名赋值给一个变量即可。例如,下面的代码定义了一个变量函数:$func='var_dump';这里将var_dump函
如何在 Windows 11 中按需使用 OneDrive 的文件Apr 14, 2023 pm 12:34 PM<p>Windows 系统上的 OneDrive 应用程序允许您将文件存储在高达 5 GB 的云上。OneDrive 应用程序中还有另一个功能,它允许用户选择一个选项,是将文件保留在系统空间上还是在线提供,而不占用您的系统存储空间。此功能称为按需文件。在这篇文章中,我们进一步探索了此功能,并解释了有关如何在 Windows 11 电脑上的 OneDrive 中按需使用文件的各种选项。</p><h2>如何使用 On
如何在Go中使用WebSocket?May 11, 2023 pm 04:17 PM近年来,WebSocket技术已经成为了Web开发中不可或缺的一部分。WebSocket是一种在单个TCP连接上进行全双工通信的协议,它使得客户端和服务器之间的通信更加流畅和高效。如今,很多现代的Web应用程序都使用了WebSocket技术,例如实时聊天、在线游戏以及实时数据可视化等。Go语言作为一个现代的编程语言,自然也提供了很好的支持WebSock
如何在Go中使用音频处理?May 11, 2023 pm 04:37 PM随着音频处理在各种应用场景中的普及,越来越多的程序员开始使用Go编写音频处理程序。Go语言作为一种现代化的编程语言,具有优秀的并发性和高效率的特点,使用它进行音频处理十分方便。本文将介绍如何在Go中使用音频处理技术,包括读取、写入、处理和分析音频数据等方面的内容。一、读取音频数据在Go中读取音频数据有多种方式。其中比较常用的是使用第三方库进行读取,比如go-
如何在PHP中使用数据聚合函数May 18, 2023 pm 02:51 PM数据聚合函数是一种用于处理数据库表中多行数据的函数。在PHP中使用数据聚合函数可以使得我们方便地进行数据分析和处理,例如求和、平均数、最大值、最小值等。下面将介绍如何在PHP中使用数据聚合函数。一、介绍常用的数据聚合函数COUNT():计算某一列的行数。SUM():计算某一列的总和。AVG():计算某一列的平均值。MAX():取出某一列的最大值。MIN():
핫 AI 도구
Undresser.AI Undress
사실적인 누드 사진을 만들기 위한 AI 기반 앱
AI Clothes Remover
사진에서 옷을 제거하는 온라인 AI 도구입니다.
Undress AI Tool
무료로 이미지를 벗다
Clothoff.io
AI 옷 제거제
AI Hentai Generator
AI Hentai를 무료로 생성하십시오.
인기 기사
뜨거운 도구
드림위버 CS6
시각적 웹 개발 도구
SecList
SecLists는 최고의 보안 테스터의 동반자입니다. 보안 평가 시 자주 사용되는 다양한 유형의 목록을 한 곳에 모아 놓은 것입니다. SecLists는 보안 테스터에게 필요할 수 있는 모든 목록을 편리하게 제공하여 보안 테스트를 더욱 효율적이고 생산적으로 만드는 데 도움이 됩니다. 목록 유형에는 사용자 이름, 비밀번호, URL, 퍼징 페이로드, 민감한 데이터 패턴, 웹 셸 등이 포함됩니다. 테스터는 이 저장소를 새로운 테스트 시스템으로 간단히 가져올 수 있으며 필요한 모든 유형의 목록에 액세스할 수 있습니다.
맨티스BT
Mantis는 제품 결함 추적을 돕기 위해 설계된 배포하기 쉬운 웹 기반 결함 추적 도구입니다. PHP, MySQL 및 웹 서버가 필요합니다. 데모 및 호스팅 서비스를 확인해 보세요.
mPDF
mPDF는 UTF-8로 인코딩된 HTML에서 PDF 파일을 생성할 수 있는 PHP 라이브러리입니다. 원저자인 Ian Back은 자신의 웹 사이트에서 "즉시" PDF 파일을 출력하고 다양한 언어를 처리하기 위해 mPDF를 작성했습니다. HTML2FPDF와 같은 원본 스크립트보다 유니코드 글꼴을 사용할 때 속도가 느리고 더 큰 파일을 생성하지만 CSS 스타일 등을 지원하고 많은 개선 사항이 있습니다. RTL(아랍어, 히브리어), CJK(중국어, 일본어, 한국어)를 포함한 거의 모든 언어를 지원합니다. 중첩된 블록 수준 요소(예: P, DIV)를 지원합니다.
ZendStudio 13.5.1 맥
강력한 PHP 통합 개발 환경
