Magento 2 Deployment Process – Step-by-Step Guide

composerdeploymentmagento2

Currently we commit composer.lock to the repository and then run composer install --no-dev on the production server. I don't think this is the best way to do it because it takes a few minutes for composer to generate all the files and it is risky.

I wonder if it is better to commit to the repo all files needed for running in production mode.

How do others manage the deployment process with magento 2?

Best Answer

Agree 100% with claudiu-creanga on not committing vendor and also avoiding running composer install in production.

The way we have handled this is to have a live folder and a release-candidate folder. It is in the release-candidate folder that we run git pull commands and composer install --no-dev. Our process can be summed up like this:

In release-candidate folder:
- Check for unexpected changes
- Update repo
- Composer install
Sync files to live site folder
In live site folder:
- Deploy static files
- Enable maintenance mode
- Enable modules
- Run setup scripts
- Compile DI
- Clear cache
- Disable maintenance mode
- Update permissions

I've written a longer blog article giving the actual commands and reasoning behind this: https://www.c3media.co.uk/blog/c3-news/deploying-magento-2-production-environment/

UPDATE: We now copy the live database to a staging database and use this to run setup scripts, deploy static files and compile DI all offline. This can then be deployed to live including pub/static files and var. We still briefly take the site down if setup scripts are being run, but otherwise the site is left up. More details at https://www.c3media.co.uk/blog/c3-news/magento-2-deployment-without-downtime/

UPDATE: I've changed my mind about committing the vendor folder - by committing the folder you gain the ability to track the history of how these files change, see if you've accidentally changed anything, and most importantly you avoid having to run composer at deployment time. The latter is vital now that we are relying on external suppliers of repositories. What if one of them is not available? Suddenly you cannot deploy. The downsides are a larger repository, the risk of committing core hacks, and the knee-jerk distain of developers like me :)

Repository structure

Below is the folder structure of the 'parent' repository. It contains the composer JSON and lock files and other configuration required for deployment.

- code
   - magento
- deployment
- environmental
   - local
       - local.xml
       - robots.txt
   - staging
       - local.xml
       - robots.txt
   - production
       - local.xml
       - robots.txt
- provisioning
- public
   - index.php
- vendor
- composer.json
- composer.lock

All client-specific customisations are stored in a separate "customisations" module that gets installed using Composer
The Magento core is included as a Git submodule (code/magento)
A custom index.php and other folders like media and errors sit inside a public folder outside of the Magento root
Environment specific files (local.xml, robots.txt, etc) get symlinked into the Magento root during the deployment process
The vendor folder is excluded from Git, but the composer.lock file is included.

Deployment

We deploy using Capsitrano which allows for multiple app servers and environments (staging/production)
Capistrano builds the entire codebase on the server in a new folder, and then swaps the webroot symlink at the very end meaning there is no downtime for your website.
Capistrano runs composer install during the build and deploys all modules into the Magento submodule.

This is still not a continuous integration setup but I find it works well for Magento sites. Feel free to send me a message if you'd like some more advice that's specific to your setup.

Magento 2 – Local, Staging, Production Deployment & gitignore

In fact, every day I am less convinced about the utility of Magento 2 production mode, unless you are not going to change anything in the project. Can you change my mind?

I'm not sure if I understand you correct, but that's exactly what the production mode is for: production systems where you do not change anything (code wise). Until the next deployment, that is.

I find the Git based deployment that you are using less suitable for Magento 2 than it was for Magento 1, because of all the preprocessing. The build and deployment is more complex and IMHO there is no way around an automated build process

What I would recommend:

Have repeatable deployments, i.e. you should be sure that the exact same code ends up in production that was in staging, including generated files.
To achieve that, separate build from deployment and do the following in the build process:
- composer install (adding vendor to the repository instead is possible too, but if you did that just to avoid running composer on the server during deployment, rather do it in the build step and only keep composer.lock in the repo)
- Code generation (YMMV):
```
bin/magento setup:di:compile
bin/magento setup:static-content:deploy
```
- create an archive (the build artifact) from the full Magento directory, excluding media and var, but including vendor, pub, var/generated and var/di. Starting with magento-2.2, var/generated and var/di are moved to generated/code and generated/metadata, which makes it easier to separate them from the rest of var which should be ignored for deployments.
In the deployment, copy the build artifact to the target server, extract it to a new directory and:
- link persistent directories into it (media, var/session, var/log, ...)
- enable maintenance mode
- switch document root (usually the docroot is a symlink to the last release, change it to the new release)
- flush cache
- run setup:upgrade
- disable maintenance mode
This deployment process can be easily implemented with Deployer, which is like Capistrano but in PHP. A full deployment solution for Magento 2 based on deployer can be found here: https://github.com/mwr/magedeploy2 (thanks to netz98!) and here is another one that we use: https://github.com/staempfli/magento2-deployment-tool
Keeping app/etc/config.php in the repository is good to keep track of enabled and disabled modules.

This is not a step by step instruction but it should give you an overview for a more robust alternative to your current process. Take a look at the linked tools to see how a full solution may look like.

Best Answer

Related Solutions

Magento – Managing Magento/Composer/Deployment

Repository structure

Deployment

Magento 2 – Local, Staging, Production Deployment & gitignore

What I would recommend:

Related Topic