Search code examples
symfonygitlab-ciphp-deployer

Symfony - Gitlab CI/CD with Deployer


I'm trying to set up Gitlab CI/CD on my Symfony project using Deployer but i'm not able to do it. When deployment is executed on my pipeline, i have an Operation timed out error which mean that my config is wrong.

My gitlab-ci.yml :

image: php:7.4-cli-alpine

stages:
  - deploy

before_script:
  - apk add --update git openssh-client
  - mkdir -p ~/.ssh && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
  - eval $(ssh-agent -s)
  - echo "$SSH_PRIVATE_KEY" | ssh-add -

deploy:
  stage: deploy
  script:
    - curl --show-error --silent https://getcomposer.org/installer | php
    - php composer.phar install -d app/
    - app/vendor/bin/dep deploy dev -vvv
  environment:
    name: prod

My hosts.yml inventory :

dev-server.com:
  stage: dev
  hostname: XX.XXX.XX.X
  user: deployer
  branch: develop
  identityFile: ~/.ssh/gitlab
  deploy_path: /var/www/recruitment_back
  keep_releases: 1

My Gitlab pipeline error:

$ app/vendor/bin/dep deploy dev -vvv
✈︎ Deploying develop on XX.XXX.XX.X
• done on [dev-server.com]
➤ Executing task deploy:prepare
[dev-server.com] > export APP_ENV='prod'; echo $0
[dev-server.com] < ssh multiplexing initialization
[dev-server.com] < ssh: connect to host XX.XXX.XX.X port 22: Operation timed out
➤ Executing task deploy:failed
• done on [dev-server.com]
✔ Ok [0ms]

I've also added variable SSH_PRIVATE_KEY in Gitlab CI/CD settings and also added my public ssh key in authorized_keys on my server. The deployment working good when executed on my local machine.

What's wrong with my config ?


Solution

  • My Solution :

    1. Generate a temporary ssh key for Gitlab CI and add PRIVATE_KEY in Gitlab variables screenshot
    2. Generate ssh key on my AWS EC2 server and add the public ssh key in Gitlab to accept git cloneoperation executed by Deployer
    3. Accept gitlab host connection on my AWS EC2 server by executing the command ssh-keyscan -t rsa gitlab.com >> ~/.ssh/known_hosts
    4. Make sure your AWS EC2 server accept ssh connection for gitlab runner. I've accepted all ip but is there a best solution ? For example restrict by gitlab IP ?

    My gitlab-ci.yml:

    image: php:7.4
    
    stages:
      - deploy
    
    before_script:
      - 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
      - eval $(ssh-agent -s)
      - ssh-add <(echo "$PRIVATE_KEY")
      - mkdir -p ~/.ssh
      - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
    
      - apt-get install -y curl git
      - curl -LO https://deployer.org/deployer.phar
      - mv deployer.phar /usr/local/bin/dep
      - chmod +x /usr/local/bin/dep
    
    deploy:
      stage: deploy
      script:
        - dep deploy dev -vvv
      only:
        - develop
    

    If there is a better solution. Please let me know.