GitHub Actions Deployment

GitHub Actions is a continuous integration system provided by GitHub. We use GitHub Actions to deploy many sites to our hosting environments.

The following is a GitHub Actions definition file that will deploy from GitHub to Pantheon for each branch. If you push to a gbz-123 branch on GitHub, it will deploy to the gbz-123 branch on Pantheon. If you push to the master branch on GitHub, it will push to the master branch on Pantheon (the DEV environment). The script uses Kalamuna’s Organizational Secrets and Variables to handle the SSH keys and configuration so that future SSH key updates are made easily. This works for both Pantheon and Acquia.

Installation

In order to set it up…

Add a Repository Variable in your repository settings at https://github.com/REPO/settings/variables/actions named DEPLOY_REPO that points to which git repository you would like it to push to . The git repository to deploy to can be found in your web host…
1. Pantheon: Look at the Pantheon Dashboard, and click on “Clone with Git”
  
  Maybe obvious, but since the pantheon command that you see in the image, also contains the git clone part at the beginning and the <name-of-the-repository> at the end, you want to make sure to strip them out. A correct repo address should look something like this:
  ssh://codeserver.dev.a0303130-7e6d-48fa-ac23-7dc5b5fe1d92@codeserver.dev.a0303130-7e6d-48fa-ac23-7dc5b5fe1d92.drush.in:2222/~/repository.git
2. Acquia: Look at your Acquia Dashboard, and click “Overview”. Move your eyes over to “Git URL”
Add the Git Repository as a “DEPLOY_REPO” variable on the Variables screen at https://github.com/REPO/settings/variables/actions . For example: https://github.com/kalamuna/gbz4/settings/variables/actions
Copy the following YAML script to `.github/workflows/build-and-deploy.yml`

# Kalamuna GitHub Actions Deployment
#
# This will deploy from GitHub to a git repository through GitHub Actions.
#
# 1. Add a DEPLOY_REPO variable to your GitHub Actions variables
#    https://github.com/kalamuna/REPO/settings/secrets/actions
#
# 2. Add this build-and-deploy.yml file to a .github/workflows folder
#
# 3. Ensure all build steps are represented

name: Build and Deploy
on: push
# TODO: Avoid pushing Pantheon repo bloat by only pushing branches if they have a pull request, or branches that are like GBZ-1234.

jobs:
  build:
    runs-on: ubuntu-latest
    steps:

    # Verify the DEPLOY_REPO Repository variable exists
    - name: Verify DEPLOY_REPO
      if: "${{ vars.DEPLOY_REPO == '' }}"
      run: echo "Add a DEPLOY_REPO Repository Variable at https://github.com/$GITHUB_REPOSITORY/settings/variables/actions for where to deploy to." && exit 1

    - name: Checkout
      uses: actions/checkout@v3
      with:
        fetch-depth: 0

    # Running PHP and Composer is only required when it's not Pantheon.
    # - name: PHP
    #   uses: shivammathur/setup-php@v2
    #   with:
    #     php-version: "8.1.11"

    # - name: Composer
    #   uses: ramsey/composer-install@v2
    #   with:
    #     composer-options: "--prefer-dist --ignore-platform-reqs"
    
    # TODO: Add Terminus integration?

    # Node.js steps not needed on Pantheon.
    # TODO: Automate determining whether the site is Pantheon?
    - name: Node.js - Check if Required
      id: nodejsrequired
      uses: andstor/file-existence-action@v2
      with:
        files: "package.json"

    - name: Node.js - Configure
      uses: actions/setup-node@v3
      if: steps.nodejsrequired.outputs.files_exists == 'true'
      with:
        node-version: 16
        cache: 'npm'
        cache-dependency-path: package-lock.json

    - name: Node.js - Install
      run: npm ci
      if: steps.nodejsrequired.outputs.files_exists == 'true'

    - name: Node.js - Test
      run: npm test
      if: steps.nodejsrequired.outputs.files_exists == 'true'

    - name: Commit
      run: |
          git config --global user.name "${{ vars.KALABOT_GIT_NAME }}"
          git config --global user.email "${{ vars.KALABOT_GIT_EMAIL }}"
          mv -f .gitignore-deploy .gitignore
          find web -type d -name .git -print0|xargs -0 rm -rf
          find docroot -type d -name .git -print0|xargs -0 rm -rf
          git add .
          git commit -m "Built $GITHUB_REPOSITORY from: $GITHUB_SHA
              All code changes should be committed to: https://github.com/$GITHUB_REPOSITORY
              Any commits made directly to this Pantheon repository will be overwritten."

    - name: Configure SSH
      uses: shimataro/ssh-key-action@v2
      with:
        key: ${{ secrets.KALABOT_SSH_KEY }}
        config: ${{ vars.KALABOT_SSH_CONFIG }}
        known_hosts: unnecessary

    - name: Deploy
      env:
        deploy_repo: '${{ vars.DEPLOY_REPO }}'
      run: |
        git remote add deploy $deploy_repo
        git push --force deploy HEAD:refs/heads/${GITHUB_REF##*/}

Make sure that the repo contains .gitignore-deploy file.
as seen in the build-and-deploy.yaml above, we are copying the contents of .gitignore-deploy to .gitignore here: mv -f .gitignore-deploy .gitignore so make sure that that file is present in the repo. The content of the file depends on the type of project that you are setting up and usually is a 1:1 match to the .gitginrore unless we add some special host-related stuff to it.

Deploy Tags in New Relic

TODO

Demonstrations

The following sites are actively using this…

511
GBZ

WordPress

For WordPress sites, you can use the GitHub Actions WordPress script over at Deploying WordPress to WP Engine with GitHub Actions