Deploying with SSH using GitHub Actions

Shortly after I had started the work on nerdhood.de I built a deployment pipeline. The build script (.sh) for my Laravel application was easy but triggering the deployment itself turned out to be more difficult than expected. In the end I something built with two AWS Lambda function, SNS, an S3 bucket for a private key and using the serverless framework. But this is another story.

Before I built the deployment pipeline I had signed up for GitHub Actions. Yesterday I got confirmed and today I replaced my AWS pipeline with a few lines of YAML.

First of all, Action’s HCL syntax will be deprecated with end of September 2019. Most of the available examples are written in HCL. Porting from HCL to YAML is straight forward.

The second important thing is, that you have to enter your secrets, e.g. my SSH deployment key, in your GitHub’s project Settings > Secrets. If you secret is named SSH_DEPLOYMENT_KEY you can reference its content later by using ${{ secrets.SSH_DEPLOYMENT_KEY }}.

I ended up with these YAML to trigger my shell script with SSH:

name: CI
on: [push]

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
    - name: Deploy to nerdhood.de
      uses: appleboy/ssh-action@master
      env:
        USERNAME: my_username
        HOST: my_host
        SCRIPT: ~/deployment.sh
        KEY: ${{ secrets.SSH_DEPLOYMENT_KEY }}