Created
November 8, 2017 07:42
-
-
Save seancheung/b867767e1030f59d0e7f861cb636b619 to your computer and use it in GitHub Desktop.
git post-receive hook(docker)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| WORK_BRANCH=production | |
| WORK_DIR=/path/to/workdir | |
| COMPOSE_FILE=/path/to/docker-compose.yml | |
| SU_PWD=sudo_pass | |
| SERVICE=service_name | |
| CMD=command | |
| restart() | |
| { | |
| echo "$SU_PWD" | sudo -S docker-compose --file "$COMPOSE_FILE" restart $SERVICE | |
| } | |
| exec() | |
| { | |
| echo "$SU_PWD" | sudo -S docker-compose --file "$COMPOSE_FILE" exec $SERVICE "$CMD" | |
| } | |
| while read oldrev newrev refname | |
| do | |
| branch=$(git rev-parse --symbolic --abbrev-ref $refname) | |
| if [ "$WORK_BRANCH" == "$branch" ]; then | |
| GIT_WORK_TREE="$WORK_DIR" git checkout $WORK_BRANCH -f | |
| # restart, exec | |
| fi | |
| done |
I don't think it is safe to hard code the sudo password into a file. Why don't you just give the user permissions to interact with docker daemon by adding to docker group? :)
You're right about that but this is used in a CI environment :P
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I don't think it is safe to hard code the sudo password into a file. Why don't you just give the user permissions to interact with docker daemon by adding to docker group? :)