prod log: code deployment

Posted . Visible to the public.

"git is not a deployment tool, so don't do that"

http://gitolite.com/deploy.html

Set up SSH keys

The following setup the SSH for root so we can use SSH to bitbucket when login as root.

  1. Putty to prod, cd to home
  2. mkdir root in /home
  3. ~~chown -R root:root root~~ ~~change owner~~
  4. cd root
  5. mkdir .ssh
  6. cd .ssh
  7. ssh-keygen -t rsa
  8. When prompted name the key bitbucket_rsa. Press enter when asked for a passphrase, which will generate a passwordless key.
  9. A public and private key pair will be generated. Copy your public key – the one with a .pub extension – to the clipboard. On the Bitbucket website navigate to Account > SSH Keys, and choose to add a new key. Paste in your public key and save it.
  10. cd ..
  11. chown -R root:root .ssh change owner
  12. Back on your server, edit your ~/.ssh/config file to add bitbucket.org as a host. This ensures that the correct key is used when connecting by SSH to bitbucket.org. You’ll need to create the config file if it doesn’t exist.
  13. Copy existing config from local machine to prod server and modify the content to:
    Host bitbucket
    Hostname bitbucket.org
    IdentityFile ~/.ssh/bitbucket_rsa
    User kiatng

Cloning the repository

  1. mkdir -p /home/git/stars.git Create a new directory for your git repository, suffixing the directory name with .git implies a bare repo,
  2. cd /home/git/stars.git
  3. Copy the Bitbucket SSH URL: git@bitbucket.org:/stars.git
  4. git clone --mirror git@bitbucket.org:emgsstars/stars.git
  5. Notice the --mirror flag? As its name implies this flag creates an exact mirror of the source repository, including mapping it’s remote branches. It implies --bare, which means that our repository will not have a working copy.
  6. If error, make sure port 22 is open in the firewall for connecting to bitbucket

TEST: Now let’s do an initial checkout

  1. cd /home/git/stars.git
  2. template GIT_WORK_TREE=/home/<username>/www git checkout -f production template
  3. actual to do GIT_WORK_TREE=/home/web/public_html/magento/gittest git checkout -f master
  4. We have specified a GIT_WORK_TREE that corresponds to your public web directory, and checked out the ~~production~~ master branch to that location. This step is important so that in future when our deployment script does a checkout we’re already on the correct branch.
  5. Check that your initial checkout completed as expected, and that files from your production branch have been created in your public web directory. If everything worked as expected then you’re ready to set up automated deployments.

# GIT_WORK_TREE=/home/web/public_html/magento/gittest git checkout -f master

Already on 'master'

#

What happened: remote repo was copied over to gittest, like an FTP transfer

Continue the Test, fetch changes and checkout

  1. cd /home/git/stars.git
  2. git fetch
  3. GIT_WORK_TREE=/home/web/public_html/magento/gittest git checkout -f

# git fetch

remote: Counting objects: 44, done.
remote: Compressing objects: 100% (24/24), done.
remote: Total 25 (delta 12), reused 0 (delta 0)
Unpacking objects: 100% (25/25), done.
From bitbucket.org:emgsstars/stars
4461b37..21c606b master -> master

# GIT_WORK_TREE=/home/web/public_html/magento/gittest git checkout -f

#

What happened: changed files were updated in gittest

So far so good, but we want to skip the initial checkout which overwrite the prod with files from bitbucket

Continue the test

  1. Create another test dir in /home/web/public_html/magento/gittest2
  2. Make a commit from local repo to bibucket
  3. Then in prod, do a fetch and checkout and see what happened
  4. cd /home/git/stars.git
  5. git fetch
  6. GIT_WORK_TREE=/home/web/public_html/magento/gittest2 git checkout -f

# cd /home/git/stars.git

# git fetch

remote: Counting objects: 18, done.
remote: Compressing objects: 100% (8/8), done.
remote: Total 10 (delta 2), reused 0 (delta 0)
Unpacking objects: 100% (10/10), done.
From bitbucket.org:emgsstars/stars
21c606b..9d3cd9f master -> master

# GIT_WORK_TREE=/home/web/public_html/magento/gittest2 git checkout -f

Unfortunately, all files in bitbucket are transferred to gittest2,

Update 1
~~Actually, we are all good. From the official git checkout documentation:~~

Updates files in the working tree to match the version in the index or the specified tree. If no paths are given, git checkout will also update HEAD to set the specified branch as the current branch.

~~And from the test in gittest, the dir Gmap was not overwritten. The updates files means exactly that, update only the files in the working tree to match the repo in bitbucket.~~

Update 2
Using PHP to execute git checkout, the files were all overwritten from bitbucket creating a crash, since local.xml were modified with an earlier version. Further more, file permission is changed to 666 and the created folders have permission 777.

BitBucket Hook

URL http://domain.com.my/emgs/git/
On the Bitbucket website navigate to your repository’s Administration > Hooks screen and add a new POST hook, pointed at URL.

Deploy Code

Set ownership for PHP to exec
chown -R apache:apache stars.git

Test Code:

    public function testAction()
    {
        // non-zero $returnVar means error    
        exec('cd /home/git/stars.git && git remote show origin', $output, $returnVar);
        //exec('whoami', $output, $returnVar); //apache            
        Mage::helper('clog')->_echo($this, $output, "git show remote =$returnVar="); 
            
    }

$returnVar=128

Make apache as user for bitbucket

There were 128 errors when executing git fetch and other git commands from PHP. I think 128 is related to permissions.

  1. the apache user account is located at /var/www
  2. create dir /var/www/.ssh
  3. copy the 2 key files id_rsa and id_rsa.pub from /root/.ssh
  4. cd /var
  5. chown -R apache:apache www change owner
  6. now we can execute git commands from PHP

TEST: fetch and checkout as apache

  1. su - apache -s /bin/sh
  2. cd /home/web/public_html/magento/gittest
  3. find . -type f -exec chmod 644 {} \; find . -type d -exec chmod 755 {} \;
  4. cd /home/git/stars.git
  5. git fetch
  6. GIT_WORK_TREE=/home/web/public_html/magento/gittest git checkout -f

Result All files were overwritten with those from remote. Permissions remain the same.

which git

/# which git

/usr/bin/git

Debug

# ssh -v git@bitbucket.org
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to bitbucket.org [131.103.20.167] port 22.
debug1: connect to address 131.103.20.167 port 22: Connection timed out
debug1: Connecting to bitbucket.org [131.103.20.168] port 22.
debug1: connect to address 131.103.20.168 port 22: Connection timed out
ssh: connect to host bitbucket.org port 22: Connection timed out
#

SSH on Port 443

Some network administrators block outgoing SSH connections on port 22. If your network blocks this port, Bitbucket provides an alternate hostname and port combination you can use. The host altssh.bitbucket.org supports SSH over port 443. Port 443 is typically used for HTTPS and administrator typically leave it open for outbound web browsing. If you are blocked, you can use these URLs.

Alternate SSH URL format

Git ssh://git@altssh.bitbucket.org:443/accountname/reponame/

jonathannicol.com
kiatng
Say thanks
Last edit
Posted by kiatng to Git (2014-08-05 08:31)
This website uses short-lived cookies to improve usability.
or learn more