https://gitee.com/kotlindev/PHPWebHook
https://www.bilibili.com/video/av456644728
配置这个网址
http://415.759.288.189:8123/webhook/hook.php
<?php
// 允许请求IP gitee请求的时候会打印
$allowIpArr = [
'gitee的ip'
];
// 请求密码 你的密码
$password = 'tsdsdaf_asdf_fsd1234123sdf';
// 检测IP
if (!in_array($_SERVER['REMOTE_ADDR'], $allowIpArr)) {
echo '非法IP:' . $_SERVER['REMOTE_ADDR'];
exit(0);
}
// 获取请求参数
$headers = getallheaders();
$body = json_decode(file_get_contents("php://input"), true);
// 验证提交分支是否为master
if (!isset($body['ref']) || $body['ref'] !== 'refs/heads/master') {
echo '非主分支' . $body;
exit(0);
}
// 验证提交密码是否正确
if (!isset($body['password']) || $body['password'] !== $password) {
echo '密码错误';
exit(0);
}
// 验证成功,拉取代码
$path = $body['project']['path'];
$command = 'cd /usr/www/' . $path . ' && git pull 2>&1';
$res = shell_exec($command);
//$body['sender']['email'],// 将邮件发送给发送者
//$body['repository']['owner']['email']// 将邮件发送给仓库所有者
//$message = $body['head_commit']['message'];// 提交信息
//$datetime = date('Y-m-d H:i:s', $body['timestamp'] / 1000);// 时间
//$pusher = $body['pusher']['name'];// 提交人
//$name = $body['project']['name'];// 项目名
//$path = $body['project']['path'];// 路径
// 返回结果
echo 'git pull执行结果:' . $res;
//另外一种方法:签名秘钥
<?php
//本地路径
$local = '/www/wwwroot/otc';
//签名验证
$headers = getallheaders();
$gitee_token = $headers["X-Gitee-Token"];
$gitee_timestamp =$headers["X-Gitee-Timestamp"];
echo "gitee_token: $gitee_token <br />\n";
echo "gitee_timestamp: $gitee_timestamp <br />\n";
$sign_key = "LEreKhDjwoN8aZ8L";
$sec_str = "$gitee_timestamp\n$sign_key";
$compute_token = base64_encode(hash_hmac('sha256', $sec_str,$sign_key,true));
echo "computetoken: $compute_token <br />\n";
if($compute_token!=$gitee_token){
die('sign is not right');
}
shell_exec("cd {$local} && sudo git pull 2>&1");
die('done ' . date('Y-m-d H:i:s', time()));
//第3种签名秘钥 指定分支
<?php
/**
* 自动更新钩子
* 修改密钥及项目路径即可使用
**/
//以流的方式读取
$requestBody = file_get_contents("php://input");
if (empty($requestBody)) {
die('send fail');
}
//file_put_contents('./requestBody.log', $requestBody);
$requestBody = json_decode($requestBody,true);
//加密字符串
$secret_post = $requestBody['sign'];
//时间戳参数,单位毫秒级
$time_stamp = $requestBody['timestamp'];
//在WebHooks签名密钥一栏填写的密钥信息
$access_token = 'abcdefg';
//加密文档
//https://gitee.com/help/articles/4290
$secret_join = $time_stamp . "\n" . $access_token;
//file_put_contents('./join.log', $secret_join);
$base64 = base64_encode(hash_hmac('sha256', $secret_join, $access_token, true));
//file_put_contents('./base64.log' , $base64);
//看推送的是哪个分支就构建哪个分支
//如有需要可以更改规则,比如屏蔽某些分支不构建
$branch = str_replace('refs/heads/', '', $requestBody['ref']);
$requestBody = null;
// 打开网站目录下的hooks.log文件 需要在服务器上创建 并给写权限
$fs = fopen('/tmp/deploy_webhooks_pull.log', 'a');
fwrite($fs, date('Y-m-d H:i:s') . ' ================ Update Start ===============' . PHP_EOL);// 请求ip
$client_ip = $_SERVER['REMOTE_ADDR'];
// 把请求的IP和时间写进log
fwrite($fs, date('Y-m-d H:i:s') . ' Request on [' . date("Y-m-d H:i:s") . '] from [' . $client_ip . ']' . PHP_EOL);
// 验证token 有错就写进日志并退出
if ($base64 !== $secret_post) {
fwrite($fs, date('Y-m-d H:i:s') . " Invalid token [{$client_token}]" . PHP_EOL);
$fs and fclose($fs);
header("HTTP/1.1 404 Not Found");
header("Status: 404 Not Found");
exit;
}
// 如果有需要 可以打开下面,把传送过来的信息写进log 可用于调试,测试成功后注释即可
// fwrite($fs, 'Data: ' . print_r($data, true) . PHP_EOL);
// 执行shell命令并把返回信息写进日志
if($branch == 'master') {
}else {
$branch = 'master';
}
//www/wwwroot/garfield 项目目录
$output = shell_exec('cd /www/wwwroot/garfield/; git pull origin ' . $branch . ' 2<&1; chown -R www:www /www/wwwroot/garfield/*;');
fwrite($fs, date('Y-m-d H:i:s') . 'Info:' . print_r($output, true) . PHP_EOL);
fwrite($fs, date('Y-m-d H:i:s') . '================ Update End ===============' . PHP_EOL . PHP_EOL);
$fs and fclose($fs);
// 调试时打开
echo json_encode($output);
Buy me a cup of coffee :)
2736
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
