Last active
March 29, 2023 09:15
-
-
Save nurely/042fcc7cc63767903c0af1070bcac1e4 to your computer and use it in GitHub Desktop.
You can use this script to handle the Git Auto Deployment on Cloudways for any number of servers and applications using Git Webhooks.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| const API_KEY = "YOUR API KEY HERE"; | |
| const API_URL = "https://api.cloudways.com/api/v1"; | |
| const EMAIL = "YOUR EMAIL GOES HERE"; | |
| /* examples | |
| const BranchName = "master"; | |
| const GitUrl = "git@bitbucket.org:user22/repo_name.git"; | |
| */ | |
| //Use this function to contact CW API | |
| function callCloudwaysAPI($method, $url, $accessToken, $post = []) | |
| { | |
| $baseURL = API_URL; | |
| $ch = curl_init(); | |
| curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method); | |
| curl_setopt($ch, CURLOPT_URL, $baseURL . $url); | |
| curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
| //Set Authorization Header | |
| if ($accessToken) { | |
| curl_setopt($ch, CURLOPT_HTTPHEADER, ['Authorization: Bearer ' . $accessToken]); | |
| } | |
| //Set Post Parameters | |
| $encoded = ''; | |
| if (count($post)) { | |
| foreach ($post as $name => $value) { | |
| $encoded .= urlencode($name) . '=' . urlencode($value) . '&'; | |
| } | |
| $encoded = substr($encoded, 0, strlen($encoded) - 1); | |
| curl_setopt($ch, CURLOPT_POSTFIELDS, $encoded); | |
| curl_setopt($ch, CURLOPT_POST, 1); | |
| } | |
| $output = curl_exec($ch); | |
| $httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE); | |
| if ($httpcode != '200') { | |
| die('An error occurred code: ' . $httpcode . ' output: ' . substr($output, 0, 10000)); | |
| } | |
| curl_close($ch); | |
| return json_decode($output); | |
| } | |
| //Fetch Access Token | |
| $tokenResponse = callCloudwaysAPI('POST', '/oauth/access_token', null | |
| , [ | |
| 'email' => EMAIL, | |
| 'api_key' => API_KEY | |
| ]); | |
| $accessToken = $tokenResponse->access_token; | |
| $gitPullResponse = callCloudWaysAPI('POST', '/git/pull', $accessToken, [ | |
| 'server_id' => $_GET['server_id'], | |
| 'app_id' => $_GET['app_id'], | |
| 'git_url' => $_GET['git_url'], | |
| 'branch_name' => $_GET['branch_name'] | |
| /* Uncomment it if you want to use deploy path, Also add the new parameter in your link | |
| 'deploy_path' => $_GET['deploy_path'] | |
| */ | |
| ]); | |
| echo (json_encode($gitPullResponse)); | |
| ?> |
What if a hacker (quite easily) finds the URL for this file and uses his own git_url to upload whatever files he wants on the server?
The hacker would still need the SSH key connecting Cloudways to your git repo.
How can i setup 'npm install' or 'npm build' commands, so that it deploy build automatically?
Could the API key be linked to an .env variables file that lives below root with this?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What if a hacker (quite easily) finds the URL for this file and uses his own git_url to upload whatever files he wants on the server?