Automated deployment workflows using GitHub's integrated CI/CD platform
Core Idea: GitHub Actions Deployment automates the process of building, testing, and deploying applications directly from GitHub repositories through configurable workflows that respond to repository events and execute deployment tasks.
Key Elements
-
Deployment Workflow Structure
- Trigger definitions (push, pull request, manual dispatch)
- Environment specification
- Authentication and secrets usage
- Build steps
- Testing process
- Deployment commands
- Post-deployment verification
-
Authentication Methods
- SSH key-based authentication for server access
- Service account tokens for cloud platforms
- Docker registry credentials
- Package repository authentication
- OIDC tokens for federated authentication
- Environment-specific secrets
-
Deployment Targets
- Self-hosted servers via SSH
- Cloud platforms (AWS, Azure, GCP)
- Kubernetes clusters
- Platform-as-a-Service providers
- Container registries
- Static hosting services
- Package repositories
-
Implementation Example
name: Deploy to VPS on: push: branches: [ main ] workflow_dispatch: jobs: deploy: runs-on: ubuntu-latest environment: production steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup build environment uses: actions/setup-go@v4 with: go-version: '1.21' - name: Build application run: go build -o application - name: Setup SSH uses: webfactory/ssh-agent@v0.9.0 with: ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }} - name: Deploy to server run: | ssh -o StrictHostKeyChecking=no ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "sudo systemctl stop application" scp application ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }}:~/application/ ssh -o StrictHostKeyChecking=no ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "sudo systemctl start application"
- **Security Best Practices**
- Store credentials as GitHub Secrets
- Use environment protection rules
- Implement approval requirements for protected environments
- Create deployment-specific access credentials
- Follow principle of least privilege
- Rotate credentials regularly
## Connections
- **Related Concepts**: GitHub Actions (parent technology), CI/CD Pipeline (general concept), VPS CI/CD Pipeline (specific implementation)
- **Broader Context**: DevOps Automation (methodology), Continuous Deployment (practice)
- **Applications**: Cloud to VPS Migration (practical scenario), Static Site Deployment (use case)
- **Components**: GitHub Secrets (security feature), GitHub Environments (isolation mechanism)
## References
1. GitHub Actions deployment documentation: https://docs.github.com/en/actions/deployment
#github-actions #deployment #ci-cd #devops
---
**Connections:**
-
---
**Sources:**
- From: Getting back to the EU from Google Cloud to Self-Hosted EU Infrastructure