2.27.2. Deploy with GitHub Actions
GitHub Actions is a collection of workflow automation tools on GitHub. With their help, you can run various actions when certain events occur. One example is the automatic upload of the project code from GitHub to the hosting when pushing changes to the repository.
Deploy via FTP
Important points:
- Directory on hosting during deployment not cleared. Files that are not in the repository are not removed from the directory.
Setting up automatic deployment on the example of an action FTP Deploy.
- Create hosted FTP-user with access to the directory where the deployment should be performed.
- Disable access restrictions on FTP.
- Open your repository on GitHub.
- Add the data necessary for deployment to the secrets:
How to add secrets:
- Switch to tab "Settings".
- From the menu on the right, select "Secrets → Actions".
- Clickon "New repository secret".
- Specify the name of the secret in the field "Name" and the value in the field "Value".
- Clickon "Add secret".
Each setting is added as a separate secret.
Name Value REMOTE_HOSTSpecify host FTP-servers from data for access by FTP. FTP_USEREnter login FTP-user from data for access by FTP. FTP_PASSWORDEnter password FTP-user. FTP_PATHPleaseindicate relative way from access directory FTP-user to the directory on the hosting where the deployment should be performed. Warning! Way necessarily must end with a slash /. Also if your project has directoriesliboretc, access directory FTP-user must be such that they are not at the root. - Set up the action:
- Switch to tab "Actions".
- Clickon "set up a workflow yourself" or first "New workflow", and then "set up a workflow yourself".
- Replace the code in the field "Edit new file" on this one:
name: FTP deploy on push on: push jobs: web-deploy: name: Deploy runs-on: ubuntu-latest steps: - name: Get latest code uses: actions/checkout@v2 - name: Sync files uses: SamKirkland/FTP-Deploy-Action@4.3.0 with: server: ${{ secrets.REMOTE_HOST }} username: ${{ secrets.FTP_USER }} password: ${{ secrets.FTP_PASSWORD }} server-dir: ${{ secrets.FTP_PATH }}
- Clickon "Start commit" and then "Commit new file".
- Switch to tab "Actions" and check the deployment status. To view details, click on the workflow name in the list "All workflows" and then on "build" - if successful, each operation should have a checkmark next to it.
Deploy via SSH
Important points:
- To deploy via SSH, you need to disable access restrictions by IP to API. API used to add and remove GitHub IP from list of allowed for SSH access.
- After deployment, the added GitHub IP necessarily should be removed from list of allowed for SSH access. If the IP is not removed, then if the limit of added addresses is reached, the deployment will stop working.
- Directory on hosting during deployment cleared. The contents of the directory will match the contents of the repository.
Setting up automatic deployment on the example of an action Rsync Deployments Action.
Principle of operation:
- The external IP of GitHub is determined from which the connection to the hosting will be made.
- External IP is added via API in list of allowed for SSH access.
- Deployed using rsync.
- The external IP is removed via API of list of allowed for SSH access.
- Set up access to API:
- Set up SSH key authentication:
- Generate and add account key.
- Bind the key to the hosting account where the deployment should be performed.
- Open your repository on GitHub.
- Add the data necessary for deployment to the secrets:
How to add secrets:
- Switch to tab "Settings".
- From the menu on the right, select "Secrets → Actions".
- Clickon "New repository secret".
- Specify the name of the secret in the field "Name" and the value in the field "Value".
- Clickon "Add secret".
Each setting is added as a separate secret.
Name Value ADM_TOOLS_API_TOKENPleaseindicate token to access hosting API. ADM_TOOLS_ACCOUNT_IDSpecify the ID of the hosting account where the deployment should be performed (not to be confused with ID account). For example, if you open the section "Hosting → SSH access", then in the address bar of the browser there will be an address of the form https://adm.tools/hosting/account/123456/ssh/. The numbers in the address are the hosting account ID.REMOTE_HOSTSpecify a host from data for SSH access. REMOTE_USEREnter login from data for SSH access. REMOTE_KEYInsert data private key in PEM format (starts with -----BEGIN RSA PRIVATE KEY-----). Warning! The key must be private, not public.REMOTE_PATHPleaseindicate absolute path to the directory on the hosting where the deployment should be performed. - Set up the action:
- Switch to tab "Actions".
- Clickon "set up a workflow yourself" or first "New workflow", and then "set up a workflow yourself".
- Replace the code in the field "Edit new file" on this one:
name: SSH deploy on push on: push jobs: build: runs-on: ubuntu-latest steps: - name: Get public IP id: ip uses: haythem/public-ip@v1.2 - name: Add IP to whitelist id: addip run: | curl -H "Content-Type: application/json" -H "Authorization: Bearer ${{ secrets.ADM_TOOLS_API_TOKEN }}" --request POST --data '{"account_id": "${{ secrets.ADM_TOOLS_ACCOUNT_ID }}", "ip": "${{ steps.ip.outputs.ipv4 }}"}' https://adm.tools/action/hosting/account/ssh/ip/send/ - uses: actions/checkout@v2 - name: rsync deploy uses: burnett01/rsync-deployments@5.2 with: switches: -avzr --delete path: . remote_host: ${{ secrets.REMOTE_HOST }} remote_user: ${{ secrets.REMOTE_USER }} remote_key: ${{ secrets.REMOTE_KEY }} remote_path: ${{ secrets.REMOTE_PATH }} - name: Remove IP from whitelist id: removeip run: | curl -H "Content-Type: application/json" -H "Authorization: Bearer ${{ secrets.ADM_TOOLS_API_TOKEN }}" --request POST --data '{"account_id": "${{ secrets.ADM_TOOLS_ACCOUNT_ID }}", "ip": "${{ steps.ip.outputs.ipv4 }}"}' https://adm.tools/action/hosting/account/ssh/ip/delete_by_ip/
- Clickon "Start commit" and then "Commit new file".
- Switch to tab "Actions" and check the deployment status. To view details, click on the workflow name in the list "All workflows" and then on "build" - if successful, each operation should have a checkmark next to it.