7 easy steps to automated git push deployments. With small and configurable bash only post-receive hook
These are my notes basically. At first i created this gist just as a reminder for myself. But feel free to use this for your project as a starting point. If you have questions you can find me on twitter @thomasf https://twitter.com/thomasf This is how i used it on a Debian Wheezy testing (https://www.debian.org/releases/testing/)
Discuss, ask questions, etc. here https://news.ycombinator.com/item?id=7445545
example.com
, as which we (the git client) connect (push) to exmaple.com
.
We set git-shell
as the login shell, so it is not possible to interactively login as this user.sudo useradd -m -s /usr/bin/git-shell git
authorized_keys
file of the created user:## Because user git can not interactively login, we have to use sudo to get git temporarily
sudo -u git bash
cd ~
## cd /home/git
mkdir -p .ssh
vim .ssh/authorized_keys
## Paste your public key and save
git bare
repo for your project:mkdir testapp
cd testapp
## /home/git/testapp
git init --bare
post-receive
script from this gist to the hooks
dir of the created bare repo.vim testapp/hooks/post-receive
## Paste the post-receive script from this gist and save
## If you do not need to execute a 'build' and/or 'restart' command,
## just delete or comment the lines 'UPDATE_CMD' and 'RESTART_CMD'
chmod +x testapp/hooks/post-receive
DEPLOY_ROOT
directory:sudo chown root:git -R /var/www
sudo chmod 775 /var/www
systemd
, you can use the testapp.service
file from this gist.
Make sure you name it like your repository. The post-receive hook can automatically restart your app. You will also have to allow user git to make the sudo
call. Be very careful and restrictive with this!remote
:mkdir testapp
cd testapp
git init
git remote add production git@example.com:~/testapp
$ vim Makefile
## Paste contents of Makefile from this gist (as an example)
$ git add .
$ git commit -am "test commit"
$ git push production master
Counting objects: 12, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (4/4), done.
Writing objects: 100% (4/4), 432 bytes | 0 bytes/s, done.
Total 4 (delta 2), reused 0 (delta 0)
remote: +++++++++++++++++++++++ Welcome to 'example.com' (1.2.3.4) ++++++++++++++++++++++++
remote:
remote: githook: I will deploy 'master' branch of the 'testapp' project to '/var/www/testapp'
remote:
remote: githook: UPDATE (CMD: 'cd "${DEPLOY_TO}" && make "update"'):
remote: Makefile: Doing UPDATE stuff like grunt, gulp, rake,...
remote: git
remote: /var/www/testapp
remote:
remote: githook: RESTART (CMD: 'sudo systemctl restart "${PROJECT_NAME}.service" && sudo systemctl status "${PROJECT_NAME}.service"'):
remote: testapp.service - node.js testapp
remote: Loaded: loaded (/etc/systemd/system/testapp.service; disabled)
remote: Active: inactive (dead) since Fri 2014-03-21 22:10:23 UTC; 10ms ago
remote: Process: 9265 ExecStart=/bin/bash -c sleep 3;echo "I am starting";echo "$(whoami)"; (code=exited, status=0/SUCCESS)
remote:
remote: Mar 21 22:10:20 image systemd[1]: Starting nodejs testapp...
remote: Mar 21 22:10:23 image testapp[9265]: I am starting
remote: Mar 21 22:10:23 image testapp[9265]: www-data
remote: Mar 21 22:10:23 image systemd[1]: Started node.js testapp.
remote:
remote: ++++++++++++++++++++ See you soon at 'example.com' (1.2.3.4) ++++++++++++++++++++++
To git@example.com:~/testapp
08babc4..95cabcc master -> master
make deploy
Congratulations, you just setup git push deployment with automated build and service restart
Here are some more configuration files as a starting point:
all:
@echo "Doing all"
deploy:
@echo "Pushing to production"
@git push git@example.com:~/testapp master
update:
@echo "Makefile: Doing UPDATE stuff like grunt, gulp, rake,..."
@whoami
@pwd
#!/bin/bash
#
# Author: "FRITZ Thomas" <fritztho@gmail.com> (http://www.fritzthomas.com)
# GitHub: https://gist.github.com/thomasfr/9691385
#
# The MIT License (MIT)
#
# Copyright (c) 2014-2015 FRITZ Thomas
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in all
# copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
#
# Application Name:
export DEPLOY_APP_NAME=`whoami`
# This is the root deploy dir.
export DEPLOY_ROOT="${HOME}/work"
# When receiving a new git push, the received branch gets compared to this one.
# If you do not need this, just add a comment
export DEPLOY_ALLOWED_BRANCH="master"
# You could use this to do a backup before updating to be able to do a quick rollback.
# If you need this just delete the comment and modify to your needs
#PRE_UPDATE_CMD='cd ${DEPLOY_ROOT} && backup.sh'
# Use this to do update tasks and maybe service restarts
# If you need this just delete the comment and modify to your needs
#POST_UPDATE_CMD='cd ${DEPLOY_ROOT} && make update'
###########################################################################################
export GIT_DIR="$(cd $(dirname $(dirname $0));pwd)"
export GIT_WORK_TREE="${DEPLOY_ROOT}"
IP="$(ip addr show eth0 | grep 'inet ' | cut -f2 | awk '{ print $2}')"
echo "githook: $(date): Welcome to '$(hostname -f)' (${IP})"
echo
# Make sure directory exists. Maybe its deployed for the first time.
mkdir -p "${DEPLOY_ROOT}"
# Loop, because it is possible to push more than one branch at a time. (git push --all)
while read oldrev newrev refname
do
export DEPLOY_BRANCH=$(git rev-parse --symbolic --abbrev-ref $refname)
export DEPLOY_OLDREV="$oldrev"
export DEPLOY_NEWREV="$newrev"
export DEPLOY_REFNAME="$refname"
if [ ! -z "${DEPLOY_ALLOWED_BRANCH}" ]; then
if [ "${DEPLOY_ALLOWED_BRANCH}" != "$DEPLOY_BRANCH" ]; then
echo "githook: Branch '$DEPLOY_BRANCH' of '${DEPLOY_APP_NAME}' application will not be deployed. Exiting."
exit 1
fi
fi
if [ ! -z "${PRE_UPDATE_CMD}" ]; then
echo
echo "githook: PRE UPDATE (CMD: '${PRE_UPDATE_CMD}'):"
eval $PRE_UPDATE_CMD || exit 1
fi
# Make sure GIT_DIR and GIT_WORK_TREE is correctly set and 'export'ed. Otherwhise
# these two environment variables could also be passed as parameters to the git cli
echo "githook: I will deploy '${DEPLOY_BRANCH}' branch of the '${DEPLOY_APP_NAME}' project to '${DEPLOY_ROOT}'"
git checkout -f "${DEPLOY_BRANCH}" || exit 1
git reset --hard "$DEPLOY_NEWREV" || exit 1
if [ ! -z "${POST_UPDATE_CMD}" ]; then
echo
echo "githook: POST UPDATE (CMD: '${POST_UPDATE_CMD}'):"
eval $POST_UPDATE_CMD || exit 1
fi
done
echo
echo "githook: $(date): See you soon at '$(hostname -f)' (${IP})"
exit 0
[Unit]
Description=node.js testapp
Requires=network.target
After=network.target
[Service]
WorkingDirectory=/var/www/testapp
Type=forking
ExecStart=/bin/bash -c 'sleep 3;echo "I am starting";echo "$(whoami)";'
# For a node.js app this could be something like:
#ExecStart=/bin/bash -c 'npm start'
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=testapp
User=www-data
Group=www-data
Environment="NODE_ENV=production" "DEBUG=testapp:*"
[Install]
WantedBy=multi-user.target