Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

larsonator's avatar

Laravel Deployments

So I could just be over thinking this, or maybe doing it wrong the whole time. Nether the less, here I am.

I am looking into developing a process to deploy a Laravel application, preferably using CI and CD. But to me, Laravel doesn't seem to play nice with these processes due to its reliance on dot-env. The .env files are of coarse not included in the code repositories, but are used to feed values into the configuration like API keys ect.

This is all well and fine while on your own dev machine, but when they then get pulled into CI environments, what happens here?

An example I am following: I have a Laravel app with stripe integration. Now I know that laravel comes with its own thing to handle all the stripe stuff, but it wasn't quiet suited to the user experience I had in mind, and implemented my own interface while using Laravel's Cashier in the back.

Now I have to include a stripe public key in the env. a testing key for DEV, and live key for production.

Now without an env file in between, I have two options:

  • use MIX_ on my env to import the key and my front end on the server (which then requires me to download all of my devDependencies on production,

  • embed the key in a config file and assign it to a variable in a script tag.

Both of these don't seem right to me, and I am wondering, what others may have done in similar circumstances.

Im interested in hearing what processes other have put in place around deployment and environment variables.

does anyone have similar requirements to myself?

0 likes
1 reply
nexxai's avatar

The way almost everyone I know does it is creates a CICD-ready .env-like file but calls it .env.cicd or something similar with their dev/testing keys in it and then in one step of the pipeline, they copy/rename .env.cicd to .env.

This is my .gitlab-ci.yml which includes that step:

stages:
  - preparation
  - building
  - testing
  - security
  - deployment

# Variables
variables:
  MYSQL_ROOT_PASSWORD: root
  MYSQL_USER: mysql_user
  MYSQL_PASSWORD: mysql_password
  MYSQL_DATABASE: mysql_db
  DB_HOST: mysql

cache:
  key: "$CI_JOB_NAME-$CI_COMMIT_REF_SLUG"

composer:
  stage: preparation
  image: edbizarro/gitlab-ci-pipeline-php:7.4
  script:
    - php -v
    - composer install --prefer-dist --no-ansi --no-interaction --no-progress --no-scripts
    - cp .env.cicd .env
    - php artisan key:generate
  artifacts:
    paths:
      - vendor/
      - .env
    expire_in: 1 days
    when: always
  cache:
    paths:
      - vendor/

yarn:
  stage: preparation
  image: edbizarro/gitlab-ci-pipeline-php:7.4
  script:
    - yarn --version
    - yarn install --pure-lockfile
  artifacts:
    paths:
      - node_modules/
    expire_in: 1 days
    when: always
  cache:
    paths:
      - node_modules/

build-assets:
  stage: building
  image: edbizarro/gitlab-ci-pipeline-php:7.4
  # Download the artifacts for these jobs
  dependencies:
    - composer
    - yarn
  script:
    - yarn --version
    - yarn run production --progress false
  artifacts:
    paths:
      - public/css/
      - public/js/
      - public/fonts/
      - public/mix-manifest.json
    expire_in: 1 days
    when: always

phpunit:
  stage: testing
  services:
    - mysql:5.7
  image: edbizarro/gitlab-ci-pipeline-php:7.4
  # Download the artifacts for these jobs
  dependencies:
    - build-assets
    - composer
  script:
    - php -v
    - sudo cp /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini /usr/local/etc/php/conf.d/docker-php-ext-xdebug.bak
    - echo "" | sudo tee /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini
    - php artisan migrate
    - php artisan passport:install
    - ./vendor/phpunit/phpunit/phpunit --version
    - phpdbg -qrr ./vendor/phpunit/phpunit/phpunit -v --colors=never --stderr --coverage-clover=coverage.xml
    - sudo cp /usr/local/etc/php/conf.d/docker-php-ext-xdebug.bak /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini
    - export CODECOV_TOKEN="MY CODECOV TOKEN - YOU SHOULD GET YOUR OWN"
    - bash <(curl -s https://codecov.io/bash) || echo 'Codecov failed to upload'
  artifacts:
    paths:
      - ./storage/logs # for debugging
    expire_in: 1 days
    when: on_failure

phpcpd:
  stage: testing
  image: edbizarro/gitlab-ci-pipeline-php:7.4
  script:
    - test -f phpcpd.phar || curl -L https://phar.phpunit.de/phpcpd.phar -o phpcpd.phar
    - php phpcpd.phar app/ --min-lines=50
  dependencies: []
  cache:
    paths:
      - phpcpd.phar

sensiolabs:
  stage: security
  image: edbizarro/gitlab-ci-pipeline-php:7.4
  script:
    - test -d security-checker || git clone https://github.com/sensiolabs/security-checker.git
    - cd security-checker
    - composer install
    - php security-checker security:check ../composer.lock
  dependencies: []
  cache:
    paths:
      - security-checker/

Please or to participate in this conversation.