Deploy with FTP, SFTP, SCP, RSYNC, and SSH

4 minute read

This article is about deploying via SFTP with CloudBees CodeShip Basic.

If you’d like to learn more about CloudBees CodeShip Basic, we recommend the getting started guide.

You should also be aware of how deployment pipelines work on CloudBees CodeShip Basic.

After your code passed through the pipeline successfully, the last step in your CI chain is deploying your code. You’re either using one of our many integrations or deploying with your own script. If you’re using your own means of deployment, we recommend tools like rsync, Capistrano (Ruby), Rocketeer (PHP), Deployer (PHP), or Fabric (Python).

Generally, we advise on using any SSH-based tool over FTP since the latter is not encrypted and transmits plain-text. If security is of any concern to you, one of the first steps is to use SSH when you’re deploying without a tool.

Our recommendation if you do not want to use a deployment tool or one of our integrations is the following:

  1. Add the CodeShip public key to your ~/.ssh/authorized_keys file, see Authenticating via SSH public keys.

  2. Create a deployment script, see Run commands on a remote server via SSH. At the very least, you will have to copy all files needed by your application to the server and start the services needed by your application.

When CodeShip checks out your repository, we clone it to a folder called clone directly beneath the home directory. So when you see references to ~/clone/ folder, we talk about our local copy of your repository.

Authenticating via SSH public keys

All of the methods below can use key-based authentication. As this does not require you to provide your account password to CodeShip, we strongly advise to configure this.

Add the CodeShip public SSH key for your project to the ~/.ssh/authorized_keys file on your server. Below are the commands you need to prepare everything and open an editor window where you can simply paste your key and save the file. Please run those commands via an SSH session on your server.

mkdir -p ~/.ssh touch ~/.ssh/authorized_keys chmod -R go-rwx ~/.ssh/ # add the CodeShip public SSH key to ~/.ssh/authorized_keys nano ~/.ssh/authorized_keys

In the above example, we use nano to paste the public SSH key, but you might use any editor like vi or others that are installed on your server.

See Run commands on a remote server via SSH on how to run commands on a remote server when building your application on CodeShip.

Run commands on a remote server via SSH

If you give a command as the last parameter to SSH it will run this command on the server and exit with the return status of that command. This can be used to start services or trigger a deployment on an external system.

To restart Apache on a remote server, you could call the following command. (This would require the deploy user to be able to call sudo without a password.)

ssh 'sudo service apache restart'

deploy is the username that you are using on the deployment server and is the IP or domain name of the server you want to deploy to.

Continuous Deployment with SCP

SCP allows you to copy files from your local system to another server. With the -r option you can also recursively upload directories. You can read more about the different options in the SCP man page.

For the branch you want to deploy you create a script deployment that contains:

scp -rp ~/clone/*

Add the SSH key of your project into your servers ~/.ssh/authorized_keys file.

Continuous Deployment with RSYNC

Rsync is an amazing tool to sync your local filesystem with an external server. Rsync will check the files and only upload files that have changed.

For the branch you want to deploy you create a script deployment that contains the following code.

rsync -avz ~/clone/

Or you can also run rsync over ssh.

rsync -avz -e "ssh" ~/clone/

You can read more about the Rsync options in the Rsync man page.

Continuous Deployment with SFTP

SFTP supports FTP-like commands over an encrypted SSH session. You can automate SFTP by creating a batch file and handing it to SFTP. The batch file can contain any commands documented in the interactive commands section of the SFTP man page.

We will deploy the complete repository contents onto a remote server. Please add a file containing the following directives to your repository. You can name it any way you like. In our case we will call it production and store it in a subdirectory called deploy.

put -rp /home/rof/clone /path/on/server/

For the branch you want to deploy you create a script deployment that contains:

sftp -b deploy/production
  • Make sure you add the SSH key of your project into your servers authorized_keys file.

  • Also make sure your remote directory already exists before running your first deployment.

Continuous Deployment with FTP

For FTP we recommend using LFTP for uploading files. The following section will help you get started.

To keep your username and password out of your build logs, add them as environment variables in your project configuration:


So if you wanted to copy all of your repository to a remote server, you could add the following command to a custom script deployment on the branch you want to deploy.

  • Make sure your remote directory does not end with a slash unless you want your copy to live in a subdirectory called clone.

  • Also make sure your remote directory already exists before trying your first deployment.

lftp -c "open -u $FTP_USER,$FTP_PASSWORD; set ssl:verify-certificate no; mirror -R ~/clone/ /path/on/remote/server"

LFTP is installed by default, but if you need a more current version you can install it in your build with the following script:

curl -sSL | bash -s

For more information on using LFTP please see the LFTP man page.