-
-
Save cowboy/619858 to your computer and use it in GitHub Desktop.
<?php | |
// Use in the "Post-Receive URLs" section of your GitHub repo. | |
if ( $_POST['payload'] ) { | |
shell_exec( 'cd /srv/www/git-repo/ && git reset --hard HEAD && git pull' ); | |
} | |
?>hi |
Thx for the simple gist!
I solved my issue with my shell_exec(...
command not running by changing the directory it was in ownership to www-data
(from root
), ie: sudo chown -R www-data /var/www/
<?php
// GitHub Webhook Secret.
// Keep it the same with the 'Secret' field on your Webhooks / Manage webhook page of your respostory.
$secret = "";
// Path to your respostory on your server.
// e.g. "/var/www/respostory"
$path = "";
// Headers deliveried from GitHub
$signature = $_SERVER['HTTP_X_HUB_SIGNATURE'];
if ($signature) {
$hash = "sha1=".hash_hmac('sha1', file_get_contents("php://input"), $secret);
if (strcmp($signature, $hash) == 0) {
echo shell_exec("cd {$path} && /usr/bin/git reset --hard origin/master && /usr/bin/git clean -f && /usr/bin/git pull 2>&1");
exit();
}
}
http_response_code(404);
?>
Source: https://github.com/mdluo/github-webhook-handler-php/blob/master/github-webhook-handler-php70.php
@Luc45 thank you for the suggestion, it worked and was quite helpful !! 🙌
In addition, on my remote server, I have added a little line to the /etc/sudoers
file to allow the webserver user (usually www-data
) to execute /usr/bin/git
as the user that owns my repo files 😉
Here is my example: www-data ALL = (repo_owner) NOPASSWD : /usr/bin/git
Always be cautious when running shell commands from web scripts backpack battles for security reasons. Sanitize inputs, restrict access, and log activities to avoid potential vulnerabilities.
etc/suoders
:github_post_recieve.php
:Gist