在部署webhook是需要注意的有几个点

  • 执行的用户,比如在我的服务器上执行webhook.php得是www-data,就需要将www-data的id-rsa.pub公钥放到github上,具体步骤为,打开github个人设置settings,添加keys。
  • 添加密钥到ssh-agent
  # start the ssh-agent in the background
    eval "$(ssh-agent -s)"
    Agent pid 59566
  • 将生成的ssh key添加到ssh-agent
   ssh-add ~/.ssh/id_rsa
  • 测试
 ssh -T git@github.com

会看到

www-data@iZuf641gml1y1a389223qiZ:~/.ssh$ ssh -T git@github.com
The authenticity of host 'github.com (13.250.177.223)' can't be established.
RSA key fingerprint is SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8.
Are you sure you want to continue connecting (yes/no)?

选择输入yes

Warning: Permanently added 'github.com,13.250.177.223' (RSA) to the list of known hosts.
Hi TheLostIn! You've successfully authenticated, but GitHub does not provide shell access.
  • 修改.git文件夹下的config中的url
    修改前
[remote "origin"]
        url = https://github.com/truenyl/Mondrian-Generator.git
        fetch = +refs/heads/*:refs/remotes/origin/*

修改后

[remote "origin"]
        url = git@github.com:truenyl/Mondrian-Generator.git
        fetch = +refs/heads/*:refs/remotes/origin/*

webhook.php,欸嘿,于老板写的古老的代码,我一用再用,一抄再抄


<?php

$tokenMondrian = 'mondrian';
$token = json_decode(file_get_contents('php://input'), 'r')['token'];
if (empty($token)) {
    die('error request');
}
switch ($token) {
    case $tokenMondrian:
        $log = shell_exec('cd /www/Mondrian-Generator && git pull').shell_exec('whoami');
        break;
    default:

        echo ('wrong token');
}

$file = fopen('webhook.log', 'a+');

fwrite($file, "\n-----------\n". date('Y-n-j H:i:s') . "\n" . $log);