amaxlab/git-web-hook

用于处理 Git web 钩的库(支持并测试过 gitlab.com 和 github.com)

v0.1-beta 2015-06-18 08:14 UTC

This package is not auto-updated.

Last update: 2024-09-14 18:09:33 UTC


README

Build Status Scrutinizer Code Quality

用于处理来自 gitlab.com 或 github.com 的 Git web 钩并运行命令的库

特性

  • 通过全局 GET 请求运行命令
  • 通过 Git 仓库推送运行命令
  • 通过某些分支推送运行命令
  • 安全检查提交作者(全局、仓库、分支)
  • 安全检查来自 $_GET 请求的参数
  • 发送执行命令的结果给作者和邮件接收者

要求

  • php >= 5.3
  • symfony/options-resolver ^2.3
  • symfony/yaml ^2.3
  • psr/log >= ~1.0

安装

$ php composer require amaxlab/git-web-hook "~1.0"

或项目

$ php composer create-project amaxlab/git-web-hook-composer-install ./git-web-hook --prefer-dist

用法

旧方法

直接在 PHP 文件中指定配置

<?php

include __DIR__.'/../vendor/autoload.php';

use AmaxLab\GitWebHook\Hook;

$options = array(
    'sendEmails'          => true,
    'sendEmailAuthor'     => true,
    'mailRecipients'      => array(),
    'allowedAuthors'      => '*',
    'allowedHosts'        => '*',
);

$hook = new Hook(__DIR__, $options);
$hook
	->addRepository('git@github.com:amaxlab/git-web-hook.git', '/var/www/my_project_folder/web', array(/*command executed on each push to repository*/))
		->addBranch('master', array('git status', 'git reset --hard HEAD', 'git pull origin master'), '/var/www/my_project_folder/demo_subdomain',  array(/* array of redefined options*/)) // commands executed on push to specified branch in /var/www/html/my_site/ folder
 		->addBranch('production', 'git pull origin production');

$hook->execute();

您还可以指定一些命令,在钩子调用时执行它们

$hook->addCommand($someCommand);

推荐方法

从 yaml 文件加载配置

<?php

include __DIR__.'/../vendor/autoload.php';

use AmaxLab\GitWebHook\Hook;

$hook = new Hook(__DIR__);
$hook->loadConfig('/var/www/ghw/config.yml');
$hook->execute();

配置

配置可以针对每个分支单独设置,只需传递数组类型的变量选项即可。您可以直接在创建钩子时传递,也可以通过主 config.yml 文件加载。您应使用 yaml 文件,因为未来版本中将通过 PHP 进行配置将被移除。下面是示例。

$options = array(
    'sendEmails'            => false,                          // Enable or disable sending emails
    'sendEmailAuthor'       => false,                          // Enable or disable sending email commit author
    'sendEmailFrom'         => 'git-web-hook@'.gethostname(),  // Email address from which messages are sent
    'mailRecipients'        => array(),                        // Array of subscribers
    'allowedAuthors'        => array(),                        // Array of commit authors allowed to execute commands
    'allowedHosts'          => array(),                        // Array of hook hosts allowed to execute commands
    'securityCode'          => '',                             // Security code on check $_GET request
    'securityCodeFieldName' => 'code',                         // $_GET field name of security code
    'repositoryFieldName'   => 'url',                          // Repository filed name on the JSON query
);
    #/var/www/ghw/config.yml
    options:
        sendEmails: false,                       # Enable or disable sending emails
        sendEmailAuthor: false,                  # Enable or disable sending email commit author
        sendEmailFrom: 'git-web-hook@youdomain', # Email address from which messages are sent
        mailRecipients: [],                      # Array of subscribers
        allowedAuthors: [],                      # Array of commit authors allowed to execute commands
        allowedHosts: [],                        # Array of hook hosts allowed to execute commands
        securityCode: '',                        # Security code on check $_GET request
        securityCodeFieldName: 'code',           # $_GET field name of security code
        repositoryFieldName: 'url',              # Repository filed name on the JSON query
    commands: [] #commands to execute on each hook call
    path: '/var/www/projects' #main path where commands will be executed, can be overwrite in repository or branch
    #trustedProxies: [192.168.0.100] # if your projects lives behind proxy you should specify it ip, to correctly determine real ip address
    repositoriesDir: /var/www/ghw/repos.d/ #directory to load additional yaml files with repository configuraton
    #repositories: # you can specify some repository directly in main config file
    #    git@github.com:amaxlab/git-web-hook-test.git:
    #        path: null
    #        options: {}
    #        commands: 
    #          - git status
    #        branch:
    #            master:
    #                path: null
    #                options: {}
    #                commands: 
    #                  - git reset --hard HEAD
    #                  - git pull origin master
    #            production:
    #                commands: 
    #                  - git reset --hard HEAD
    #                  - git pull origin production

日志记录

使用 PSR-3 标准的日志记录器(PSR-3)(Monolog

use Monolog\Logger;
use Monolog\Handler\StreamHandler;

...

$logger = new Logger('git-web-hook');
$logger->pushHandler(new StreamHandler(__DIR__ . '/hook.log', Logger::WARNING));

...

$hook = new Hook(__DIR__, $options, $logger);

加载仓库配置

如果您有大量的仓库,可以将它们放置在单独的 *.yml 文件中,并从目录中加载所有配置

<?php

$hook = new Hook(__DIR__, $options);
$hook->loadRepos('/path/to/derectory/'); // or $hook->loadConfig('/path/to/file); if you specify `repositoriesDir` in main config.yml
$hook->execute();

部分配置文件示例

repositories:
    #one or several repositories can be described in a file
    git@github.com:amaxlab/git-web-hook-test.git:
        path: null
        options: {}
        commands: 
          - git status
        branch:
            master:
                path: null
                options: {}
                commands: 
                  - git reset --hard HEAD
                  - git pull origin master
            production:
                commands: 
                  - git reset --hard HEAD
                  - git pull origin production

安全代码检查配置

安全代码只能在根选项中进行配置。

设置配置

$options = array(
    ...
    'securityCode'          => 'GjnfkrjdsqKfvgjcjc',
    'securityCodeFieldName' => 'mySecurityCode',
    ...
);
options:
    securityCode: 'GjnfkrjdsqKfvgjcjc',
    securityCodeFieldName: 'mySecurityCode',
);

并在 gitlab.com 或 github.com 上设置 Web 钩

http://yourhost/hook.php?mySecurityCode=GjnfkrjdsqKfvgjcjc

如果安全代码未通过检查,您将在日志文件中看到

Jan 01 00:00:00 WARN Security code not match

内容

待办事项

  • 移除旧配置方法(通过 PHP 文件)
  • 解决加载配置时的传递配置问题,并删除 hook/repository/branch/command 之间的不必要的依赖关系
  • 添加更多测试
  • 重构日志记录

许可证

此库受 MIT 许可证的保护。请参阅完整的许可证内容此处