The so-called automated deployment, as I understand it, is a means to quickly and automatically deploy the code to the target server on the premise that the user guarantees the quality of the code.

Realize the principle of

Local push code -> code base -> Webhook notification server -> automatic pull code base

Generate and deploy the public key

For details, see Configuring SSH Public Keys

1) Generate a public key

Generate a public/private RSA key with the given email
SSH /config if not the default address is used
$ ssh-keygen -t rsa -b 4096 -C "[email protected]"
Copy the code

2) Add public key to coding

The deployment public Yue is displayed

$ cat coding.pub
Copy the code

Partially deploy the public key on the Git management side

3) Configure the config file

Edit the ~/.ssh/config file

Host git.coding.net User [email protected] PreferredAuthentications publickey IdentityFile ~/.ssh/coding_rsa // The generated public key storage point for a non-default addressCopy the code

4) Test whether it can be linked [email protected] server

Note that git.coding.net is connected to the CDN and resolves multiple host IP addresses
$ ssh -T [email protected]
The authenticity of host 'git.coding.net (123.59.85.184)' can't be established. RSA key fingerprint is 98:ab:2b:30:60:00:82:86:bb:85:db:87:22:c4:4f:b1. Are you sure you want to continue connecting (yes/no)? Yes Warning: Permanently added 'Git.coding.net, 123.59.85.184'(RSA) to the list of known hosts. Coding prompt: Hello Duoli, You'Ve Connected to Coding.net via SSH. This is a deploy keyCopy the code

Set the webhook

Instruct the server to receive code updates when the code base receives notifications.

This Webhook approach is used to receive deployable requests using the POST method

PHP receive Deployment

Because PHP script code execution may have interruption of service (such as execution time), it may not be practical, so plan to use script calls.

Receive the request -> Queue -> script listens to the processing queue

Thanks to the Laravel framework, after receiving the notification, it is stored in the queue. Since the queue uses the command line listening, there is no interruption when the command line is executed.

Users who need to be configured to run the code before then have access to Git’s servers. If your code runs on www-data, use the role of www-data to access the [email protected] server. Otherwise, the deployment cannot be implemented because the key does not match and the user does not have permission to obtain the content.

1) Queue code settingapp/Jobs

<? php namespace App\Jobs; use Illuminate\Contracts\Bus\SelfHandling; use Illuminate\Contracts\Queue\ShouldQueue; use Symfony\Component\Process\Process; class WebDeploy extends Job implements SelfHandling, ShouldQueue { private$shellPath;

	/**
	 * Create a new job instance.
	 */
	public function __construct()
	{
		$this->shellPath = dirname(dirname(__DIR__));
	}

	/**
	 * Execute the job.
	 * @return void
	 */
	public function handle()
	{
		if(! env('LM_DEPLOY_BRANCH')) {
			echo 'ERR > ' . 'No branch Set'."\n";
		}
		$shell   = "/bin/bash " . base_path('resources/shell/deploy.sh').' ' . base_path() . ' ' . env('LM_DEPLOY_BRANCH'.'master');
		$process = new Process($shell);
		$process->start();
		$process->wait(function ($type.$buffer) {
			if (Process::ERR === $type) {
				echo 'ERR > ' . $buffer;
			}
			else {
				echo 'OUT > ' . $buffer; }}); }}Copy the code

2) Trigger the queue

dispatch(new WebDeploy());
Copy the code

3) Deploy shell scripts

#! /bin/bash
aim_path=The $1
branch=$2
cd ${aim_path}
echo $PWD
/usr/bin/git pull origin ${branch} >/dev/null 2>&1
if[$?-eq0];then
echo "OK"
else
   /usr/bin/git fetch -f
   /usr/bin/git reset --hard
   /usr/bin/git pull origin ${branch}
fi

Copy the code

4) Use supervisor to monitor queue execution and queue tasks

File location/etc/supervisord. D/project. Ini

[program:project_name]
process_name=%(program_name)s_%(process_num)02d
command=php /path/to/project/artisan queue:work  --sleep=3 --tries=3 --daemon
autostart=true
autorestart=true
user=apache
numprocs=1
redirect_stderr=true
stdout_logfile=/webdata/logs/project.log
environment=QUEUE_DRIVER=database
Copy the code

Pay attention to the point

It took a long time to study the automatic deployment with my colleagues, and there was a little doubt about whether PHP was capable of this function. The code was able to be deployed on the LAN before, but failed in the rest of the tests. This time, instead, I found a way to run the script. In theory, there is no execution failure until you see an error like this:

OUT > /webdata/www/sour-lemon.com
ERR > Could not create directory '/usr/share/httpd/.ssh'.
ERR > Host key verification failed.
ERR > fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.
Copy the code

Could not create directory ‘/usr/share/httpd/.ssh’, Consider setting up automated deployment of SSH with Apache permissions.

The Apache user is not allowed to log in. Therefore, you need to allow the Apache user to log in and then set the SSH key.

Change the /etc/passwd file to allow the user to log in

/sbin/nologin
apache:x:48:48:Apache:/usr/share/httpd:/bin/bash
Copy the code

Then switch to apache user to set SSH key, so after the test, pass.

Refer to the article

  • [error] Permission denied (public key)
  • Configuring an SSH Public Key
  • Gist.github.com/jexchan/235…
  • www.freebsd.org/cgi/man.cgi…
  • Help.github.com/articles/er…
  • Callmepeanut.blog.51cto.com/7756998/130…
  • www.huamanshu.com/walle.html
  • walle-web.io/
  • Github.com/meolu/walle…
  • www.phptesting.org/install-php…