Skip to main content
Version: 7.x

CI/CD

GitHub Actions

Use official GitHub Action for Deployer.

Create .github/workflows/deploy.yml file with following content:

name: deploy

on:
  push:
    branches: [master]

concurrency: production_environment

jobs:
  deploy:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v3

      - name: Setup PHP
        uses: shivammathur/setup-php@v2
        with:
          php-version: "8.1"

      - name: Install dependencies
        run: composer install

      - name: Deploy
        uses: deployphp/action@v1
        with:
          private-key: ${{ secrets.PRIVATE_KEY }}
          dep: deploy
warning

The concurrency: production_environment is important as it prevents concurrent deploys.

GitLab CI/CD

Set the following variables in your GitLab project:

  • SSH_KNOWN_HOSTS: Content of ~/.ssh/known_hosts file. The public SSH keys for a host may be obtained using the utility ssh-keyscan. For example: ssh-keyscan deployer.org.
  • SSH_PRIVATE_KEY: Private key for connecting to remote hosts. To generate a private key: ssh-keygen -t ed25519 -C 'gitlab@deployer.org'.

Create a .gitlab-ci.yml file with the following content:

stages:
  - deploy

deploy:
  stage: deploy
  image:
    name: deployphp/deployer:v7
    entrypoint: [""]
  before_script:
    - mkdir -p ~/.ssh
    - eval $(ssh-agent -s)
    - echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
    - chmod 644 ~/.ssh/known_hosts
    - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
  script:
    - dep deploy -vvv
  resource_group: production
  only:
    - master

Deployment concurrency

Only one deployment job runs at a time with the resource_group keyword in .gitlab-ci.yml.

In addition, you can ensure that older deployment jobs are cancelled automatically when a newer deployment runs by enabling the skip outdated deployment jobs feature (enabled by default).

Deploy secrets

It is not recommended to commit secrets to the repository, you could use a GitLab variable to store them instead.

Many frameworks use dotenv to store secrets, let's create a GitLab file variable named DOTENV, so it can be deployed along with the code.

Set up a deployer task to copy secrets to the server:

task('deploy:secrets', function () {
    upload(getenv('DOTENV'), '{{deploy_path}}/shared/.env');
});

Run the task immediately after updating the code.