Git 根据推送的分支自动从中央存储库推送到开发和生产

发布于 2024-11-02 23:58:57 字数 561 浏览 4 评论 0原文

我对 Git 只是有点陌生​​,我只将它用于具有简单设置的基本项目。现在我正在努力思考一个更复杂的设置。我整晚都在谷歌搜索,但找不到任何与我想要如何设置相关的内容。

我的网络上有三台服务器:一台用于开发 (dev.example.com),一台用于生产 (www.example.com),另一台充当两者之间的中心阶段 (central.example.com)。

我想在 Central 上创建一个主(可能是裸)Git 存储库,我可以从本地计算机(与三个主服务器分开,但位于同一网络上)推送到该存储库。理想情况下,该存储库将有两个分支:master 和 Development。我的本地机器只会处理 Central 上的这个存储库。

当我推送到 Central 上的开发分支时,Central 应该将这些更改推送到 DEV 服务器。同样,对 master 分支的更改应该推送到 WWW。我认为使用提交/更新挂钩将是实现此目标的最佳方法。

这是一个粗略绘制的图表:

 Local
   |
 Central
  /   \
DEV   WWW

有人能指出我正确的方向吗?谢谢!

I am somewhat new to Git only and I have only used it for basic projects with simple setups. Now I am struggling to wrap my head around a more complex setup. I have been up all night Googling but I can't find anything related to how I want to set this up.

I have three servers on my network: one for development (dev.example.com), one for production (www.example.com), and another that acts a central stage between the two (central.example.com).

I want to create a main (probably bare) Git repository on Central that I can push to from my local machine (which is separate from the three main servers but on the same network). Ideally, this repo would have two branches: master and Development. My local machine will only deal with this repo on Central.

When I push to the dev branch on Central, Central should then push those changes to the DEV server. Likewise, changes to the master branch should be pushed to WWW. I think using a commit/update hook would be the best way to accomplish this.

Here is a crudely drawn diagram:

 Local
   |
 Central
  /   \
DEV   WWW

Could someone kindly point me in the right direction? Thanks!

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

森林很绿却致人迷途 2024-11-09 23:58:57

您必须使用 post-updatepost-receive 挂钩;它们是在推送到存储库完成后运行的。他们之间唯一的区别是他们如何获得论据。

我建议对生产/登台服务器使用 ssh 触发器,然后从那里运行拉取,因为:

  • 无论如何,您都需要在那里运行一些代码,因为 git 中的推送不支持在远程端检查推送的版本。所以你需要另一个钩子。
  • 在那里运行推送意味着允许在那里进行推送访问,这意味着还要保护另一件事。另一方面,ssh 触发器将有硬编码的分支来拉取,因此没有人可以用它造成任何伤害,除非中央存储库也受到损害,更重要的是,即使是这样,潜在的伤害也仅限于欺骗它拉取坏版本,但无法删除任何数据,并且无法访问计算机的其余部分。

ssh 触发器是一个脚本,与 ssh 中的特定公钥相关联(在 .ssh/authorized_keys 中的公钥前面加上 command=trigger)。当您使用该密钥通过 ssh 登录时,ssh 将忽略客户端提供的命令并运行触发器。这限制了有人窃取密钥时可能造成的损害,因为触发器可以使用它自己的逻辑来知道要做什么,并且不接受来自客户端的任何输入。

或者,您可以简单地推动并安装适当的挂钩来检查。请参阅这个问题< /a>.

You have to use post-update or post-receive hook; they are the ones that run after push to the repository completes. The only difference between them is how they get the arguments.

Than I'd suggest using an ssh trigger to the production/staging server tu run a pull from there, because:

  • You need to run some code there anyway, because push in git does not support checking the pushed version out on the remote end. So you'd need another hook there.
  • Running a push there means allowing push access there and that means one more thing to secure. On the other hand the ssh trigger will have hardcoded branch to pull, so nobody can do any harm with it unless the central repository is also compromised and more importantly, even if it is, potential harm is only limited to tricking it to pull bad version, but no data can be deleted an no access to the rest of the computer may be gained.

An ssh trigger is a script, that is associated with particular public key in ssh (prefix the public key in .ssh/authorized_keys with command=trigger). When you log in with ssh using that key, ssh will ignore command provided by client and run the trigger. This limits possible damage when somebody steals the key, because the trigger can use it's own logic to know what to do and not accept any input from the client.

Alternatively you can simply push and install appropriate hook to check out. See this question.

我的痛♀有谁懂 2024-11-09 23:58:57

你可以在 Git 中设置钩子来轻松获得你想要的东西。利用 post-receive 钩子,它从标准输入接收以下内容:

; <新版本>

示例:

aa453216d1b3e49e7f6f98441fa56946ddcd6a20 68f7abf4e6f922807889f52bc043ecd31b79f814 refs/heads/master

使用refname,您可以在脚本中查看正在推送的分支to 并依次推至适当的回购协议 - www 或 dev。

或者,您可以使用 post-update 钩子,它接收引用名称,也可以作为参数来执行相同的操作。

为了完整起见,该钩子必须放置在中央存储库的钩子中。

You can setup hooks in Git to easily get what you want here. Make use of post-receive hook, which receives the following from stdin:

<oldrev> <newrev> <refname>

Example:

aa453216d1b3e49e7f6f98441fa56946ddcd6a20 68f7abf4e6f922807889f52bc043ecd31b79f814 refs/heads/master

Using the refname you can see in your script what branch is being pushed to and inturn push to the appropriate repo - www or dev.

Or, you can use the post-update hook which receives only refname and also as an argument to do the same thing.

For sake of completeness, the hook must be placed in the hooks of the Central repo.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文