Skip to main content
Version: 8.x

CI/CD

GitHub Actions

Use official GitHub Action for Deployer.

Create .github/workflows/deploy.yml file with following content:

name: deploy

on:
push:
branches: [master]

concurrency: production_environment

jobs:
deploy:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v3

- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: "8.1"

- name: Install dependencies
run: composer install

- name: Deploy
uses: deployphp/action@v1
with:
private-key: ${{ secrets.PRIVATE_KEY }}
dep: deploy
warning

The concurrency: production_environment is important as it prevents concurrent deploys.

GitLab CI/CD

Set the following variables in your GitLab project:

  • SSH_KNOWN_HOSTS: Content of ~/.ssh/known_hosts file. The public SSH keys for a host may be obtained using the utility ssh-keyscan. For example: ssh-keyscan deployer.org.
  • SSH_PRIVATE_KEY: Private key for connecting to remote hosts. To generate a private key: ssh-keygen -t ed25519 -C 'gitlab@deployer.org'.

Create a .gitlab-ci.yml file with the following content:

stages:
- deploy

deploy:
stage: deploy
image:
name: deployphp/deployer:v7
entrypoint: [""]
before_script:
- mkdir -p ~/.ssh
- eval $(ssh-agent -s)
- echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
script:
- dep deploy -vvv
resource_group: production
only:
- master

Deployment concurrency

Only one deployment job runs at a time with the resource_group keyword in .gitlab-ci.yml.

In addition, you can ensure that older deployment jobs are cancelled automatically when a newer deployment runs by enabling the skip outdated deployment jobs feature (enabled by default).

Deploy secrets

It is not recommended to commit secrets to the repository, you could use a GitLab variable to store them instead.

Many frameworks use dotenv to store secrets, let's create a GitLab file variable named DOTENV, so it can be deployed along with the code.

Set up a deployer task to copy secrets to the server:

task('deploy:secrets', function () {
upload(getenv('DOTENV'), '{{deploy_path}}/shared/.env');
});

Run the task immediately after updating the code.