GitHub Actions SSH Deploy Setup
Lately I’ve been deploying a bunch of static webpages to my server.
Even though there are several offers out there which seamlessly integrate with GitHub and others, I still like this machine and I’m not going to get rid of it anytime soon.
The one thing I dislike, though, are manual deployments.
So, after I manually deployed the first page, I began to automate this task.
And since I’m hosting most of my code on GitHub, I started looking for solutions using GitHub Actions.
Preparations — Generate SSH Key
Before we take a look at the actual GitHub action we’re going to generate an SSH key:
ssh-keygen -m PEM -t rsa -b 4096 -C "you@your_mail.tld"
Our SSH key is required to be in PEM
format, hence the -m PEM
flag.
Preparations — Copy SSH Key
To log into our machine using our SSH private key we need to add our public key to the machine’s authorized_keys
.
We’ll do so using ssh-copy-id
:
ssh-copy-id -i /path/to/your/key youruser@yourhost
This will copy the public key of your key pair to the remote host and add it to its list of authorized_keys
.
Action — Configure Secrets
We definitely don’t want to expose our private key required for login to our GitHub repository, so let’s configure some secrets for our deployment:
- DEPLOY_KEY: Our SSH private key
- DEPLOY_HOST: The host we’re going to connect to
- DEPLOY_USER: Our user on the remote host
- DEPLOY_PORT: The port we’re using. (Not necessarily required, port 22 will be used by default)
- DEPLOY_TARGET: The target folder on the remote host we’re copying our assets to
Action — Add a Workflow File
With our secrets all set up, we’re ready to configure our workflow.
The following workflow is using easingthemes/ssh-deploy:
name: SSH Deploy
on:
push:
branches: [ master ]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: ssh deploy
uses: easingthemes/ssh-deploy@v2.1.4
env:
SSH_PRIVATE_KEY: ${{ secrets.DEPLOY_KEY }}
REMOTE_HOST: ${{ secrets.DEPLOY_HOST }}
REMOTE_USER: ${{ secrets.DEPLOY_USER }}
REMOTE_PORT: ${{ secrets.DEPLOY_PORT }}
SOURCE: "dist/"
TARGET: ${{ secrets.DEPLOY_TARGET }}
It will copy the content of our SOURCE
folder to the target folder on our remote host. Our SOURCE
is freely configurable, so we’re able to deploy just about anything via SSH.
Commit this workflow file in your repository under .github/workflows/deploy.yaml
to get things started.