Deploy using github actions

Hi there,

i am trying to create a github action file wich tests and deploys web/api to a server. the Problem i am facing is, that i cannot really get the authentification going within the action file - only if i send the ssh pw inside the deploy.toml.

so in the action file i want to do something like this:

       - name: deploy to server
         run: yarn rw deploy baremetal production

but the Problem is, that there seems to be no way to put the ssh password into a github action secret without it beeing replaced by “***”

so i tried this:
sed -in "s/^password.*/password=$SERVER_PASSWORD/g" deploy.toml
in the action file (SERVER_PASSWORD) is a action secret, but it only results in a “***” bevause github replaces all visible secrets (kinda makes sense…)

What would be the way to go here? or is this basically not possible?

Any idea would be great! Thank you so much!

Hi @pcace thanks for your question. It is certainly possible. I suggest reading Encrypted secrets - GitHub Docs, Workflow syntax for GitHub Actions - GitHub Docs and Executing commands over SSH with GitHub Actions.

Those should provide you with enough to hopefully get unblocked. @rob might be a better resource for baremetal than myself if not.

I haven’t tried deploying from GitHub, but is there a way to tell GitHub to use a certain deploy key during the GitHub Action run? If you set a deploy key in your Settings, and then put that same key in the ~/.ssh/authorized_keys file on the server (and GitHub will let you use that key in during the Action) then it could log in without a password.

thanks @rob!

fwiw: that is essentially what


thanks for your help - i managed to make it work, but decided that i will deploy as a dockercontainer to my server (wich runs caprover).
that makes it way easier to configure and maintain.

1 Like

awesome! glad you got it working :raised_hands: