2

我在 BitBucket git repo 中有一个 PHP 项目。

我在一个名为“开发”的分支中进行小修复,或者我在临时功能分支中工作。当我准备好部署时,我将这些分支合并到“master”中。

我想让部署到我的实时站点变得如此简单(合并到 master 并推送到 BitBucket)。

但我真的不希望我的服务器可以访问我的存储库,因为这会增加安全问题。 如果您关心安全性,您希望您的存储库尽可能少地放置。如果您的服务器受到威胁,那情况就已经够糟糕了,但如果攻击者能够访问我的完整存储库,那就更糟了。 这个人同意。

所以我假设我想使用类似的东西git archive master,就像https://stackoverflow.com/a/163769/470749解释的那样。

如何设置一个钩子来检测“master”的推送,然后运行git archive master以将最新代码(不是作为 repo,虽然)导出到压缩的 zip 文件,然后发送(通过 SCP 和/或 Rsync?)到远程服务器,将其解压缩到一个新目录,然后(可能通过更改符号链接)将服务器指向该新目录?

额外的问题:我怎样才能启用简单的紧急回滚?(我想在某些情况下我想快速恢复到之前的提交。)

4

1 回答 1

1

我对最终得到的脚本感到满意:

部署.sh:

##This executable file will export your latest code from master (via "git archive") and will upload it 
##to the remote server and then call a script on the server to handle from there.
##----------------------------------------------------------------------------------------------------

source dev-ops/archive_and_upload.sh

##On the remote server, run a script to archive the existing production site files and then deploy the uploaded package.
ssh -i ~/.ssh/id_rsa myUserName@vientiane.dreamhost.com <<'ENDSSH'

set -e

cd /home/myUserName/myProjectName/latest

##Unzip the zip file, then delete it.
echo "Unzipping the package.zip..."
unzip -o package.zip && rm package.zip  

cd /home/myUserName/myProjectName/

nowTime=$(date -u +"%Y-%m-%d__%H:%M:%S")
echo "The archive will have this timestamp: " $nowTime

##Copy the "latest" folder to a dated "packages" subfolder.
cp -R latest/ packages/$nowTime 
echo "Copied the existing site to an archive."

##Install Laravel dependencies.
echo "Running Composer so that the remote server downloads and installs dependencies..."
cd packages/$nowTime 
php -d memory_limit=256M ~/bin/composer.phar install   

##Delete the "live" symlink and immediately create a new "live" symlink to the most recent subfolder within "packages".
echo "Updating the symlinks..."
cd /home/myUserName/myProjectName/
echo `pwd`
rm previous
mv live previous && ln -s packages/$nowTime live && ls -lah  

##Clear out the "latest" folder in preparation for next time.
echo "Deleting the contents of the 'latest' folder in preparation for next time..."
rm -rf latest/* && ls latest   
ENDSSH

echo "FINISHED DEPLOYING!"

archive_and_upload.sh:

##This executable file will export your latest code from master (via "git archive") and will upload it 
##to the remote server.
##----------------------------------------------------------------------------------------------------

##Clear out the contents of the previous export package.
rm -rf dev-ops/package/*   

##Export the "master" branch of this git repo. (The result is not a repo but is just code.)
git archive --format zip --output dev-ops/package/package.zip master  

##Send zip file to remote server.
scp -i ~/.ssh/id_rsa dev-ops/package/package.zip myUserName@vientiane.dreamhost.com:/home/myUserName/myProjectName/latest/package.zip

revert_to_previous_package.sh:

ssh -i ~/.ssh/id_rsa myUserName@vientiane.dreamhost.com <<'ENDSSH'

set -e

cd /home/myUserName/myProjectName/

mv live rollingBack && mv previous live && mv rollingBack previous && ls -lah

ENDSSH

echo "ROLLED BACK!"

如您所见,我将 Dreamhost 服务器设置为从名为“live”的文件夹提供服务,该文件夹实际上只是指向子文件夹的符号链接,该子文件夹被命名为该代码包上传时的时间戳。还有另一个名为“previous”的符号链接,它使回滚变得容易(以防我在部署后发现问题并想要恢复)。

于 2013-09-22T06:25:16.180 回答