3

It is a common practice to perform git pull on dev/staging/production server(s). I frequently do so myself; I perform git pull almost 100 times a day on my production server running linux.

I figure, it's time to make a script to improve that.

pull.sh will do these 3 commands

  • git pull
  • enter my-password (when prompt)
  • service nginx reload

I've tried create my pull.sh here 

#!/bin/bash

function pull {
  git pull
  password
  service nginx reload
}


pull ;

Result

After running the script that I have, I still got prompt to input the password.

enter image description here

Any hints / helps / suggestions will be much appreciated !

Serlite
  • 11,130
  • 5
  • 35
  • 46
cyb3rZ
  • 43,853
  • 82
  • 251
  • 430

2 Answers2

7

You can use expect script to interact with git authentication:

#!/usr/bin/expect -f
spawn git pull
expect "ass"
send "your_password\r"
interact

It waits for "ass" text (that matches "Password", "password", "passphrase") and then it sends your password.

That script can be called from another bash script that will restart your server:

# Call script directly since the shell knows that it should run it with
# expect tool because of the first script line "#!/usr/bin/expect -f"
./git-pull-helper-script.sh
# Without the first line "#!/usr/bin/expect -f" the file with commands
# may be sent explicitly to 'expect':
expect file-with-commands

# Restart server
service nginx reload
Orest Hera
  • 6,346
  • 2
  • 17
  • 33
  • This is a legit question, I don't know why 2 people vote it for close. I really appreciated your concern and helps. :) – cyb3rZ Oct 09 '15 at 13:12
  • @ihue you need to adjust the prompt string to your "Enter...". – Orest Hera Oct 09 '15 at 13:13
  • Will do. Do you mind explain a little bit what is `bin/expect -f` ? – cyb3rZ Oct 09 '15 at 13:14
  • `\r` and `interact` ? – cyb3rZ Oct 09 '15 at 13:15
  • Just out of curiosity, why can't I place `service nginx reload` under interact command ? – cyb3rZ Oct 09 '15 at 13:16
  • 1
    `#!/usr/local/bin/expect -f` it tell to your system to handle the script by `expect` application: http://linux.die.net/man/1/expect Expect reads cmdfile for a list of commands to execute. Expect may also be invoked implicitly on systems which support the #! notation by marking the script executable, and making the first line in your script. – Orest Hera Oct 09 '15 at 13:18
  • 1
    This script is not handled by bash. It is interpreted by another application `expect`. Once the expect script is finished you can run other shell commands as `service nginx reload` – Orest Hera Oct 09 '15 at 13:22
  • Thank-you very much for your explaination. – cyb3rZ Oct 09 '15 at 13:28
3

The way to handle a passphrase is to use an ssh agent: that way, you only need to type in your passphrase once.

I have this in my dev user's ~/.bash_profile

# launch an ssh agent at login, so git commands don't need to prompt for password
# ref: http://stackoverflow.com/a/18915067/7552

SSH_ENV=$HOME/.ssh/env

if [[ -f ~/.ssh/id_rsa ]]; then
    function start_agent {
        # Initialising new SSH agent...
        ssh-agent | sed 's/^echo/#&/' > "${SSH_ENV}"
        chmod 600 "${SSH_ENV}"
        source "${SSH_ENV}" > /dev/null
        ssh-add
    }

    # Source SSH settings, if applicable

    if [ -f "${SSH_ENV}" ]; then
        source "${SSH_ENV}" > /dev/null
        agent_pid=$(pgrep ssh-agent)
        (( ${agent_pid:-0} == $SSH_AGENT_PID )) || start_agent
        unset agent_pid
    else
        start_agent
    fi
fi
glenn jackman
  • 207,528
  • 33
  • 187
  • 305