Deploy what the ….
In short I have a bitbucket account (using it with git for some of the projects). For hosting I am using digitalocean which is by the way the best hosting ever for 5$. You get like VPS SSD hosting with 20GB of memory, 2TB bandwith, super simple interface and al that for 5$.. So let’s see how to deploy code to digitalocean.
So I did some project with google polymer, which uses bower for dependency resolving. Polymer is using vulcanize as a build tool. I needed a deploy system which will do the following after my local push:
- code is now on bitbucket
- than code needs to be deployed to my domain
- project needs to be build
- I need some log if something goes wrong
After I created repository in bitbucket and cloned it to my PC, I did the same on the server. Why, because there is no need to copy code or similar, I can just do git pull on my server too and voila, code is there.
Nest step is to create bitbucket webhook (github has it also). That’s one cool option. It just triggers some URL via POST when some action occurs, for example push to repository. Bitbucket also sends ton of data, commits etc. I don’t need that for now.
Here is some example from bitbucket blog how it looks
Very simple, it’s in repository settings. You can just check Repository push for start.In URL bar enter the script that you want to do your build process. Ok you’r done on bitbucket.
Next step is to secure your script so it can only trigger build for bitbucket IP addresses.
I whitelisted 184.108.40.206 && 220.127.116.11 . You can find more info on this bitbucket blogpost.
Next you create build.sh script which will be triggered by your PHP, Python or any other script that received the webhook request and is capable to trigger bash file.
– plz put it in some protected folder so it’s not available on the web
– add www-data user to sudoers and limit access so it can only execute git pull and other commands you need for build.
www-data is used by apache so it’s good to also change the owner of your project files to be sure build will pass, you can do it with chown www-data:www-data *
Ok so my build.sh looks like this
git pull https://username:firstname.lastname@example.org/bitbucketUsername/repoName &&
npm run build
you can see that I am putting my username and password in git repo origin so git will properly login to bitbucket and pull my repository.
And this is simplified sample of php code that is triggering bash script on webhook request
if($ip == '18.104.22.168' || $ip == '22.214.171.124')
shell_exec("cd protected_dir && sudo sh ./build.sh 1>build.log 2>&1");
on every build output is written to build.log so you can check if build failed or so.
I didn’t included all the small details and steps, just wanted to describe the flow..Linux users won’t have a problem setting this all up because you can potentially have problems with permissions or similar.
Basically that’s it. A very simple and basic steps for simple deploy with one branch. I am using this method for some smaller projects. Probably Jenkins is the way to go and a standard flow. But if don’t have time to prepare all, custom approach can be useful also.