github 利用webhook配置代码自动发布

1 创建一个linux 账户用来,运行php (命令: useradd -m -c “php” www)

2 生成www账户,github免密登录的密匙对 (命令: sudo -Hu www ssh-keygen -t rsa -C “chengqian2100@139.com”, 一路’enter’键,不用管中途的提示)

3 配置github的公匙 (复制 /home/www/.ssh/id_rsa.pub里面的内容,将其粘贴到github的 ssh配置里面)

github ssh key配置

4 配置发布脚本(deploy.php)

<?php
//密钥
$secret = "af16b4d29e93c6cccd0e6ffbdebc0d0d";
//获取 GitHub 发送的内容
$json = file_get_contents('php://input');
$content = json_decode($json, true);
//github 发送过来的签名
$signature = $_SERVER['HTTP_X_HUB_SIGNATURE'];
if (!$signature) {
   return http_response_code(404);
}
list($algo, $hash) = explode('=', $signature, 2);
//计算签名
$payloadHash = hash_hmac($algo, $json, $secret);
// 判断签名是否匹配
if ($hash === $payloadHash) {
        echo "0. begin 开始发布".PHP_EOL;
        echo $content['ref'].PHP_EOL;
        echo $content['repository']['name'].PHP_EOL;
        if ($content['ref']=='refs/heads/master') {
                $path = './master';
                $path .= '/'.$content['repository']['name'];
                echo $path.PHP_EOL;
                $res = system("cd {$path} && git pull",  $status);  //以www用户运行
                echo "1. 代码开始完成 ".$status." ".PHP_EOL;
                system("rsync  -vztr --exclude-from=exclude.list  {$path}  /app/www/", $status2);  //  /app/www 为项目所在的目录
                echo "2. 代码同步完成 ". $status2." ".PHP_EOL;
                $path2 = '/app/www/'.$content['repository']['name'];
                if (is_file($path2."/composer.json")){
                    system("cd {$path2} && export PATH=/app/php73/bin/:/app/php73/sbin:/app/nginx/sbin:/app/Python3.7/bin:usr/local/bin:/usr/bin && /usr/local/bin/composer install", $status3);
                    echo "3.  composer 执行完成".$status3." ".PHP_EOL;
                }
            $res_log = '-------------------------'.PHP_EOL;
            $res_log .= $content['head_commit']['author']['name'] . ' 在' . date('Y-m-d H:i:s') . '向' . $content['repository']['name'] . '项目的' . $content['ref'] . '分支push了' . '个commit:' . PHP_EOL;
            $res_log .= PHP_EOL;
            file_put_contents("git-webhook.txt", $res_log, FILE_APPEND);//追加写入
    }
    echo "4.  sucess 发布完成";
} else {
    $res_log  = 'Error:'.PHP_EOL;
    $res_log .= $content['head_commit']['author']['name'] . ' 在' . date('Y-m-d H:i:s') . '向' . $content['repository']['name'] . '项目的' . $content['ref'] . '分支 push 了' . count($content['commits']) . '个 commit:' . PHP_EOL;
    $res_log .= '密钥不正确不能 pull'.PHP_EOL;
    $res_log .= '======================================================================='.PHP_EOL;
    echo $res_log;
}

在同级目录下创建 exclude.list

vendor
storage
.env
.git
bootstrap/cache/

在同级目录下创建master 文件夹,并进入(cd)到目录里面,git clone 下项目。

5 配置github的webhook

github webhook配置

6 搞定修改一点文件,测试下脚本。

常见问题: 需要更改php-fpm的执行的用户和用户组为www,(./php-fpm.d/www.conf, 下面有个配置行,user = www 和 group = www)

权限问题,将php的项目的组和用户,全部变成www ( chown -R www:www 项目目录)

根据错误码排除问题 (也可以把执行结果的返回打印出来)

rsync 错误码
       0      Success
       1      Syntax or usage error
       2      Protocol incompatibility
       3      Errors selecting input/output files, dirs
       4      Requested action not supported: an attempt was made to manipulate 64-bit files on a platform that cannot support them; or an option was specified that is supported by the client and not by the server.
       5      Error starting client-server protocol
       6      Daemon unable to append to log-file
       10     Error in socket I/O
       11     Error in file I/O
       12     Error in rsync protocol data stream
       13     Errors with program diagnostics
       14     Error in IPC code
       20     Received SIGUSR1 or SIGINT
       21     Some error returned by waitpid()
       22     Error allocating core memory buffers
       23     Partial transfer due to error
       24     Partial transfer due to vanished source files
       25     The --max-delete limit stopped deletions
       30     Timeout in data send/receive
shell  一般的错误码 
    0	    命令成功结束
    1	    一般性未知错误
    2	    不适合的shell 命令
    123	    命令不可执行
    127	    没找到命令
    128	    无效退出参数
    128+x   与linux信号x相关的严重错误
    130	    通过ctrl+C终止的命令
    255	    正常范围之内的退出状态码

发表回复

您的电子邮箱地址不会被公开。 必填项已用 * 标注