mirror_php/deployer
1
0
Fork 0
mirror of https://github.com/deployphp/deployer.git synced 2025-01-17 13:38:17 +01:00
Code Issues Projects Releases Wiki Activity
deployer/docs/ci-cd.md
Stephan Großberndt ac74d0188a
Fix typo for SSH_KNOWN_HOSTS in CI/CD docs (#3310)
2022-09-21 11:04:31 +02:00

2.5 KiB
Executable File
Raw Blame History

CI/CD

GitHub Actions

Use official GitHub Action for Deployer.

Create .github/workflows/deploy.yml file with following content:

name: deploy

on:
  push:
    branches: [master]

concurrency: production_environment

jobs:
  deploy:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v2

      - name: Setup PHP
        uses: shivammathur/setup-php@v2
        with:
          php-version: "8.0"

      - name: Deploy
        uses: deployphp/action@v1
        with:
          private-key: ${{ secrets.PRIVATE_KEY }}
          dep: deploy

:::warning The concurrency: production_environment is important as it prevents concurrent deploys. :::

GitLab CI/CD

Set the following variables in GitLab project:

  • SSH_KNOWN_HOSTS: Content of ~/.ssh/known_hosts file. The public SSH keys for a host may be obtained using the utility ssh-keyscan. For example: ssh-keyscan deployer.org.
  • SSH_PRIVATE_KEY: Private key for connecting to remote hosts. To generate private key: ssh-keygen -t ed25519 -C 'gitlab@deployer.org'.

Create .gitlab-ci.yml file with following content:

stages:
  - deploy

deploy:
  stage: deploy
  image:
    name: deployphp/deployer:7
    entrypoint: [""]
  before_script:
    - mkdir -p ~/.ssh
    - eval $(ssh-agent -s)
    - echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
    - chmod 644 ~/.ssh/known_hosts
    - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
  script:
    - dep deploy -vvv
  resource_group: production
  only:
    - master

Deployment concurrency

Only one deployment job runs at a time with the resource_group keyword in .gitlab-ci.yml.

In addition, you can ensure that older deployment jobs are cancelled automatically when a newer deployment runs by enabling the skip outdated deployment jobs feature.

Deploy secrets

Is not recommended committing secrets in the repository, you could use a GitLab variable to store them.

Many frameworks use dotenv to store secrets, let's create a GitLab file variable named DOTENV, so it can be deployed along with the code.

Set up a deployer task to copy secrets to the server:

task('deploy:secrets', function () {
    upload(getenv('DOTENV'), '{{deploy_path}}/shared/.env');
});

Run the task immediately after updating the code.