Using static site generator like Pelican involved to rebuild it each time you modify it. Modern software forge like GitLab are able not only to manage code repositories but also make some continuous integration. Therefore they are able to run some command after each commit such as test, or build. In our case we will see how to rebuild and deploy our pelican website at each commit.

You will need to have functional installation of GitLab and GitLab Runner with Docker. In addition we suppose that the required python are in the requirements.txt file. The build and deployment will be managed with the make and therefore the Pelican generated Makefile should be correctly setup and notably the SCP parameters that will be used.

Create a runner

If not already done, you will need to setup a runner for the project:

# gitlab-runner register

Put the address of the coordinator. If GitLab is accessible trough, it should be something like

Enter then the token that will link GitLab and the runner:

  • If you would like to have a shared runner go to the Admin Area, then Overview and finally Runners, to get the token.
  • If you prefer to have a runner for the project, go in the configuration menu of the projects and select Runners and use the token of the project.

Give a name to your runner and eventually some tags.

Specify the executor as docker and the docker image as python:2.7. This docker image not only include python but also some development tools such as GNU Make.


Here are the different steps for the deployment.

  • Clone the repository.
  • First install dependencies with the help of pip and the requirements.txt file.
  • Setup a SSH configuration directory with correct POSIX right (~/.ssh)
  • Get the SSH public key of the server and had it to known_hosts with the ssh-keyscan command.
  • Create the required private key files (from SSH_PRIVATE_KEY environment variable). This will allow us to have it outside of the repository and therefore secret.
  • Generate pelican and upload to the ssh server with the help of make command.

Setup of the private SSH key

To avoid to have the private SSH key in the repository and therefore able to be read by everybody accessing it, we will save it in a GitLab Internal variable.

Put the content of the private key in a variable named SSH_PRIVATE_KEY. For this in the configuration menu of the project select Variables and create a new one with the name SSH_PRIVATE_KEY and put the content of id_rsa corresponding that is in between the -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY----- as a value. This variables will be specific to the project and available in the build environment. We will need to past this key in the correct file to be able to use it for SSH connection.

Configuration of the continuous integration

We will create a Gitlab continuous integration configuration file (.gitlab-ci.yml) at the root of the repository. It is automatically reconnised by GitLab. The file is inspired from the one proposed by GitLab.

image: python:2

  - pip install -r requirements.txt
  - mkdir -p ~/.ssh
  - chmod 700 ~/.ssh
  - ssh-keyscan -t rsa domaine.tld > ~/.ssh/known_hosts
  - echo "-----BEGIN RSA PRIVATE KEY-----" > ~/.ssh/id_rsa
  - echo "$SSH_PRIVATE_KEY" >> ~/.ssh/id_rsa
  - echo "-----END RSA PRIVATE KEY-----" >> ~/.ssh/id_rsa
  - chmod 600 ~/.ssh/id_rsa
  - make ssh_upload