How to setup simple Gitlab CI/CD for your WordPress development

25. April 2023
3 minutes

CI/CD is a powerful tool that allows you to automate your WordPress development and deployment on a client-server. Just push your code and forget about it

If you ever found yourself pushing your code changes into client-server either connecting with FTP or using SSH to just run git pull every time you have some new update, this workflow may help you to save lot of time.

This allows you to deliver your WordPress site conveniently faster and with fewer errors.

In this blog post, I will focus on how to use GitLab CI/CD to deploy your WordPress code to a client (remote) server with SSH access.

In this article, I will describe a simple deployment process where CI/CD pipeline connects to the remote server and by git pull pulls the current master branch into remote server. There will be no build process involved.

We will cover the following topics:

  1. Prerequisites
  2. Configuring the client (remote) server for deployment
  3. Setting up the GitLab CI/CD pipeline
  4. Deploying WordPress code
  5. Troubleshooting

1. Prerequisites

  1. A GitLab account with a Git repository
  2. You will need a remote server to deploy your code changes with Git installed.
  3. SSH access to the remote server
  4. You should have a basic understanding of how GitLab and how to define jobs in a .gitlab-ci.yml file.

2. Configuring the client (remote) server for deployment

Since we are going to deploy our code running git pull command from the client (remote) server we need to generate a private and public key to connect from the GitLab pipeline

  1. To generate an SSH key run the following command on your remote server:
    ssh-keygen -t rsa
  • The key will be generated in the default directory ~/.ssh Do it without a passphrase, otherwise, it will be asked by the GitLab CI/CD pipeline. Now you should have two new files in ~/.ssh directory named id_rsa and
  1. Now copy the private key content cat ~/.ssh/id_rsa | base64 -w0
  2. Add the public key into authorized_keys cat ~/.ssh/ >> ~/.ssh/authorized_keys

3. Setting up the GitLab CI/CD pipeline

To set up the GitLab CI/CD pipeline, you need to create a .gitlab-ci.yml file in the WordPress root directory.

First, we define stages in our case we will have only deploy:

  - deploy

Within the deployment stage, we define the whole workflow which has two sections :

  • before_script - we install dependencies into GitLab container, setup ssh keys and known hosts
  • script - this is where we connect to the remote server and run git pull master
  • after_script - we do clean-up
  - deploy
    image: ubuntu:latest
    stage: deploy
        - master
        - apt-get -yq update
        - apt-get -yqq install ssh
        - install -m 600 -D /dev/null ~/.ssh/id_rsa
        - echo "$SSH_PRIVATE_KEY" | base64 -d > ~/.ssh/id_rsa
        - chmod 600 ~/.ssh/id_rsa
        - ssh-keyscan -p $SSH_PORT $SSH_HOST > ~/.ssh/known_hosts
        - ssh $SSH_USER@$SSH_HOST -p$SSH_PORT "cd $WORK_DIR && git checkout $MAIN_BRANCH && git pull && exit"
        - rm -rf ~/.ssh

In GitLab create following variables in Project ➝ Setting ➝ CI/CD ➝ Variables:

  • SSH_PRIVATE_KEY - the private key as base64
  • SSH_USER - username to access server
  • SSH_HOST - hostname of your server
  • SSH_PORT - the port is optional here if you have ssh access different port than 22
  • WORK_DIR - path to your WordPress directory on a remote server
  • MAIN_BRANCH - the name of the branch that we will pull

4. Deploying WordPress code

Once you have set up the GitLab CI/CD pipeline and configured the remote server for deployment, you can deploy the changes automatically using GitLab CI/CD:

  1. Push code changes to GitLab this will trigger the GitLab CI/CD pipeline.
  2. Monitor the pipeline. The pipeline will run the deploy job when changes are pushed to the master branch.
  3. Verify the deployment: Once the pipeline has been completed, verify that the code changes have been deployed to the remote server by looking at the pipeline output.

5. Troubleshooting

How can I add SSH public key into known_hosts if my remote server has a different port than 22?

ssh-keyscan -p 12345 >> ~/.ssh/known_hosts

What if I get an error message Permission denied (publickey,password) ?

Be sure that the SSH private key is correctly configured in the pipeline. To see this, you can add a debug script that prints the contents of the private key:

  - echo "$SSH_PRIVATE_KEY

Make sure that the public key of the SSH key pair is correctly added to the remote server's authorized_keys. You can do this by logging in to the remote server and displaying the contents of the authorized_keys file:

cat ~/.ssh/authorized_keys

The output should contain the public key that corresponds to the private key you added to the GitLab runner's environment.

You can test the SSH connection manually from the runner's environment using the ssh command:

ssh -i /path/to/private/key user@remote-server

Replace /path/to/private/key, user, and remote-server with the appropriate values for your configuration. If the SSH connection is successful, you should be able to log in to the remote server


There you have it! We have successfully created an SSH connection to the remote server and created a simple GitLab CI/CD pipeline to deploy our WordPress site to the remote server.

Posted in

Just get in touch
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram