Using php-github-webhook to automatically pull commits from github

Overview

php-github-webhook is a very simple class that allows pulling git commits from GitHub when they are pushed to it. This can be very useful when building continuous integration process or when you want to have some server with all latest commits pushed to GitHub.

How it works

GitHub provides a mechanism called Webhooks that allows calling some URL when certain event is triggered on your repository. Webhook is defined by URL that is called when event is triggered and a shared secret. Shared secret is used to allow script that runs behind the URL to check whether request comes from GitHub or not (shared secret is used by GitHub to sign request body using SHA1 HMAC algorithm, script can then check if request signed correctly by computing same hash using same algorithm).

php-github-webhook class provides means to validate request signature and pull commits to existing git repository from remote repository.

Simplest setup

Script that handles webhook

To use php-github-webhook you must first add a dependency to composer.json. If you are not familiar with composer, read about it here. The dependency that should be added to require is “dintel/php-github-webhook”: “dev-master”. Once you finish editing composer.json, do not forget to run composer update.

Next step is to add simplest script that uses php-github-webhook and keeps local git repository up to date. It can look like this:

<?php
require(__DIR__ . "/vendor/autoload.php");

use GitHubWebhook\Handler;

$handler = new Handler("<your secret>", __DIR__);
if($handler->handle()) {
    exec(__DIR__ . "/composer update -q -d " . __DIR__);
    echo "OK";
} else {
    echo "Wrong secret";
}

This script assumes that composer is binary is available in same directory as this script. If it’s not the case, fix the path to composer.

Do not forget to replace “” with some actual random string. You can put this script in directory that holds your git repository and is accessible by your web server and that’s it.

Notice: I do not recommend putting this script under git control because it has your secret in it. Instead you should make git ignore this file (see more about ignoring files here). This script should only be placed on web server that is accessible public and be kept only there.

GitHub repository setup

To register such Webhook handler you should go to Settings of your repository and then select “Webhooks & Services” on the left. Then you have to click on “Add webhook” button and fill the following values:

  • Payload URL - enter URL which should be called when commits are pushed to your repository
  • Content type - this should be “application/json”
  • Secret - enter some random secret that will be shared between GitHub and your webhook handler (must match secret from previous section)
  • Which events would you like to trigger this webhook? - should be “Just the push event” because we are only interested when new commits are pushed to GitHub
  • Active - must be left checked for webhook to work

Once all fields are filled click “Add webhook” button and you finished. Now each time you push commits to your repository, your remote git repository will pull new commits and always be up to date.

git  github