preface
In project development, you will encounter two processes, one is version control, the other is code release.
Version control currently has two ways, one is Git, the other is SVN. I use Git, so I won’t introduce the differences between Git and SVN here.
The code distribution, at the very beginning, was FTP directly to the server (because it was my own project), which was not only expensive, but also prone to accidents.
Let’s introduce GitHub and WebHooks for automatic deployment.
use
After we finished developing and passed the test, we submitted the code to Git, and Git automatically called the hook to pull the code to the server.
The principle of
steps
The user who creates the project
When webhook git access server script, main task is to perform the git pull the code update to the server, then is running nginx users (ps – ef | grep nginx to view) to perform this command, So the user running nginx must have read and write permission to the project.
Create an ssh-key and configure it on Github
The user mentioned above needs to be configured with a ssh-key so that when the pull code is executed, the user does not need to enter the password. When the webHooks script is executed, the nginx user is used. Therefore, a ssh-key should be created as the running user of nginx. You can create a new user, run nginx with this user (described below), and then assign the project to this user (described below).
Create webHooks and deploy the project
This step is to be automatically deployed by webHooks when the project is pushed to the Master version.
-
Create a new WebHools on gitHub for projects that need to be deployed automatically
Setting -> WehHooks -> Add web
A password is required at creation time.
-
Enter basic Webhook information
-
Interface to webhook requests
As mentioned earlier, this interface actually performs Git pull to update the code into the server project. Here is the PHP version of the code.
// The local repository path is the project path $local = '/data/web/testWebHooks'; If the warehouse directory does not exist, an error is returned if(! is_dir($local)) { header('HTTP/1.1 500 Internal Server Error'); die('Local directory is missing'); } // If the request body is empty, an error is returned if (!isset($_POST['payload'])) { header('the HTTP / 1.1 400 Bad Request'); die('HTTP HEADER or POST is missing.'); } // The second Content Type is Application /x-www-form-urlencoded, post acceptance is applied $payload = json_decode($_POST['payload'].true); / / signature if (!isset($_SERVER['HTTP_X_HUB_SIGNATURE') | |! $_SERVER['HTTP_X_HUB_SIGNATURE']) { header('the HTTP / 1.1 403 Bad Request'); die('Permission denied.' . json_encode($_SERVER)); } $signature = $_SERVER['X-Hub-Signature']; list($algo, $hash) = explode('=', $signature, 2); // Calculate the signature $secret = '* * * * * *'; // The password entered in the third part of the figure above $payloadHash = hash_hmac($algo, $payload, $secret); if($hash ! == $payloadHash){ header('the HTTP / 1.1 403 Bad Request'); die($signature . ' ' . $_SERVER['X-Hub-Signature']); } Copy the codeThis is a PHP script with two main functions, one is verification, the other is to update the code. Validation is to prevent your scripts from being requested all the time. The second is to pull code from Git and update it.
If your project is vUE or some other project that needs to be compiled, you can perform the compilation process after updating the code.
After filling in git, the interface is automatically asked to test, and HTTP returns 200 indicating success. The specific request is logged under Recent Deliveries under the submission message
Pay attention to
1. Ensure that PHP executes system commands properly. Write a PHP file with the following contents:
shell_exec('ls -la') Copy the codeWhen accessing this file through a browser, the ability to output the directory structure shows that PHP can run system commands.
-
Test submitting code to Git and completing automatic deployment
After submitting the code via git push, you can see the webHook execution record at the bottom of github’s Webhook page. If the message is successful, you can refresh the page to check whether the update is successful.