Github Actions makes it easy for developers to automate software workflows like code deployment, running automated test suites and other CI/CD operations. The end goal of each workflow varies from case to case. We use it on daily basis for staging and production deployments. In this post, we will be going through the input parameters, code deployment flow and using encrypted secrets.
Jenkins vs Github Actions
Before Github Actions, we used tools like Jenkins for staging and production deployments. Jenkins setup needs significant infrastructure resources and maintenance by the DevOps team. With Github Actions, you don't need any infra setup. You just need to define workflow steps in a yml file.
Actions can run on any language, including Node.js, Ruby, Python, PHP and a lot more languages. Every action creates detailed logs that can be used to troubleshoot deploys in realtime while your actions are running. GitHub Actions have a very strong community of developers with several templates of prebuilt actions, examples, and workflows so you don’t have to start from scratch.
Workflow YML/YAML File Format
Each workflow is written in its own file and follows a yml syntax. File extension could be yml or yaml and the name of the file could be anything that the developer decides. All the workflow yml files must be placed under the “.github/workflows” directory of your repository.
Automatic Trigger of Github Actions
Github Actions is fully integrated into Github. GitHub Actions let you build, test, and deploy your code right from GitHub. There are specific activities called events that trigger an Action. For example, you can trigger an Action when new code is pushed to the repository or when a pull request is created or merged.
Production Deployment Workflow
In this article, I’m going to share how we are using github workflow for our production deployment. The way it works is that you create actions in your repositories by creating one or more yml files. Let's create “.github/workflows/production.yml” file which will do a production deployment. You need to commit this file in your repository.
Specify Input Parameters
You can create Github Actions with or without parameters. Following production.yml file expects 2 input parameters for deployment.
name: Production Deploy
on:
workflow_dispatch:
inputs:
branch:
description: 'Enter github branch name to be deployed'
required: true
default: 'master'
description:
description: 'Enter description about deployment'
required: true
default: 'New feature release'
workflow_dispatch allows users to provide input parameters. These parameters then can be used in deployment job steps. Here we are asking two input parameters from users:
- branch: Branch name to be deployed
- description: Description about deployment
Once you specify input parameters in yml file, you will see the workflow UI like below:
GitHub Workflow Jobs
Each workflow can have one or more jobs. Each job is identified by an ID label, a unique name that starts with a letter or underscore and contains only alphanumeric characters plus a hyphen or an underscore. Specifying ID is an optional field.
Each job will also have a series of steps and these are a sequence of tasks that you want the job to perform.
Append the following job content in ".github/workflows/production.yml" file. "Logging" and "actions/checkout@v3" job performs following steps respectively:
- Printing of input parameters
- Checkout branch specified by user in workflow UI
jobs:
deployment:
runs-on: ubuntu-latest
steps:
- name: Logging
run: |
echo "Deploying Branch : ${{ github.event.inputs.branch }}"
echo "Deployment Description: ${{ github.event.inputs.description }}"
echo "PWD: $(pwd)"
- uses: actions/checkout@v3
with:
ref: ${{ github.event.inputs.branch }}
path: web_app
Using Github Secrets in Actions
Github secrets play an important role in Github Actions. Github secrets are encrypted environment variables that you create in an organization or repository. You can learn more about github secrets here. The secrets that we create are available to use in workflows. Secrets can vary from project to project. Github secrets can be used in Action yml file as follows:
${{ secrets.P_W_HOST }}
As you can see below, using github secrets we are building and deploying code to the production server. Append the following content under jobs in ".github/workflows/production.yml" file to perform following:
- Create build - Building the code
- Copy file via scp action - Deploying the code to server using scp.
Your code is deployed in zip format on your production server. Now you can extract the code and perform application specific actions to complete the deployment process. That is out of scope of this blog as running application depends on project to project.
Conclusion
Github Actions have given a big boost to the open-source software community and to developers working on various side projects to automate flows without any additional configuration and infrastructure setup.