I have create a webhook in my github repository which post on the hook url on my live server to run pull command for update my repo files on the server.

The problem is the hook file which i have created is in the /var/www/site/web/hookfile.php (the post request is going there. i am getting the body response also)

and my repo files are in /var/www/git-repo/

its not updating the git-repo when i push anything to my github repository. I run this command using terminal and its working.

cd /var/www/git-repo && git pull

But through my php file its not working

shell_exec('cd /var/www/git-repo && git pull')

shell_exec() fail silently because only report STDOUT and not STDERR.

Try with:

echo shell_exec("cd /var/www/git-repo && /full/path/to/bin/git pull 2>&1");

Normally is a permission error, and could be fixed adding permission to the user that execute php (apache?)

chown -R www-agent:www-agent repository/

But could be also a connection error to the remote repository (authentication, ssh-keys, ...).

First of all in your php file run a test against your server instance to get any error messages output on screen because the exec() family of functions simply fail silently and only report STDOUT and not STDERR:

echo shell_exec("cd /website/root/htdocs && git checkout . && git status 2>&1");

In my case this threw an error that it could not find git command due to lack of binary path defined for apache user. Therefore, a full path needs to be provided to git's binary. It can be obtained by finding it manually or running in shell:

'which git'

It returned (further called YOU_FULL_GIT_BINARY_PATH_HERE):

/usr/local/git/bin/git

A full path with git command e.g. '/usr/local/git/bin/git status' now runs git commands nicely.

Another thing is to ensure your web server user has enough permissions to read/write to your repo folder/files. I have set mine to be owned by the apache user (Centos 6.8; other releases might be www:www or www-data:www-data etc.):

chown -R apache:apache YOUR_WEB_OR_REPO_FOLDER

In order to ensure any newly added files inherit correct permissions run:

chmod -R g+s YOUR_WEB_OR_REPO_FOLDER

The above should get your script to run commands now. Though it doesn't overcome git password prompt to use 'git pull' command for a git user set in YOUR_WEB_OR_REPO_FOLDER/.git/config file. Running below command inside repo:

git config credential.helper store

command will prompt for password and let you store it locally. Please note your stored password will be unencrypted and protected only by file system e.g. in /root/.git-credentials. This will allow to run 'git pull' without prompting for password.

It's not ideal for my fully automated continuous integration environment deploying test VPS on demand as it requires to manually enter git user (defined in repo's .git/config git) password at least once.

Since my environment should always run on code from remote's origin/master copy I am also running

/YOU_FULL_GIT_BINARY_PATH_HERE/git checkout .

before invoking 'git pull' to ensure any local changes are lost forever alternatively do a hard reset instead using:

/YOU_FULL_GIT_BINARY_PATH_HERE/git fetch origin
/YOU_FULL_GIT_BINARY_PATH_HERE/git reset --hard origin/master

If you are not getting any output even using 2>&1, it might be because the git command shows an interactive prompt, asking if you want to trust the server such as

The authenticity of host 'github.com (140.82.121.3)' can't be established.
ECDSA key fingerprint is SHA256:xxxxxxxxx...
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes

To fix it, you can just manually run the command as the www-data user (or which user the web server runs as): sudo -u www-data git pull, write yes and then enter. Now the PHP script might be able to run without errors.