appleboy/ssh-actions

Shortly after I had started the work on nerdhood.de I built a deployment pipeline. The bash-based build script for my Laravel application was easy but triggering the deployment itself turned out to be more difficult than expected. In the end I built something with two AWS Lambda function, SNS, an S3 bucket for a private key and using the serverless framework. But this is another story.

Before I built the – totally over-engineered – AWS deployment pipeline I had signed up for GitHub Actions. Luckily for me I got confirmed yesterday and today I replaced my AWS pipeline with a few lines of YAML.

First of all, GitHub Action’s HCL syntax will be deprecated with end of September 2019. Most of the available examples out there are still written in HCL. Porting existing HCL scripts to YAML is straight forward.

The second important thing is, that you have to enter your secrets/your private SSH key your GitHub’s project Settings > Secrets. If your secret is named SSH_DEPLOYMENT_KEY you can reference its content later by using ${{ secrets.SSH_DEPLOYMENT_KEY }} inside the GitHub Action worfklow file.

There are a already a few GitHub Action’s for SSH connections. I chose appleboy/ssh-action because it has the most options at the moment and you can pass environment variables from the workflow to the SSH script.

I ended up with this YAML file to trigger my shell script with SSH:

name: CI
on: [push]

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
    - name: Deploy to nerdhood.de
      uses: appleboy/ssh-action@master
      env:
        USERNAME: my_username
        HOST: my_host
        SCRIPT: ~/deployment.sh
        KEY: ${{ secrets.SSH_DEPLOYMENT_KEY }}

Categories: CI/CDDevOps