Github Actions
Use Onboardbse in your Github Actions
This section assumes you already used Onboardbase CLI in your project, check the installation and setup sections.
TIP
You can authenticate the CLI with Environment variables.
Supported environment variables are:
ONBOARDBASE_TOKEN
- A service tokenONBOARDBASE_PROJECT
- an onboardbase project nameONBOARDBASE_ENVIRONMENT
- an environment in the specified project
We recommend using our pre-configured github actions. If you prefer to do it on your own, please do continue below.
It is easier to create an Onboardbase configuration file during development through the onboardbase setup
command, which is not the case most time for automated CI/CD processes.
In this guide, we will illustrate how to pull all your managed Onboardbase secrets into your Github CI/CD Actions that automatically authorize and set up with values from GitHub Configuration Secrets.
This section assumes you already used Onboardbase CLI in your project. Check the installation and setup sections.
Generate Service Token
Click on the Manage Organization from an admin account and generate two service tokens, one for staging and the other for production.
Go to your GitHub repository setting, and add new secrets STAGING_ONBOARDBASE_TOKEN
and PRODUCTION_ONBOARDBASE_TOKEN
with the new service tokens, respectively.
Access to a remote SSH server
This guide assumes you have SSH access to a remote server and also have access to the private key.
Add the private keys(staging and production servers) to your GitHub project secrets with the names PRODUCTION_SSH_KEY
and STAGING_SSH_KEY
, respectively.
Overall, to have the perfect configuration requirements, your CI process should have access to the following config variables:
STAGING_ONBOARDBASE_TOKEN
PRODUCTION_ONBOARDBASE_TOKEN
STAGING_ONBOARDBASE_SETUP
PRODUCTION_ONBOARDBASE_HOST
STAGING_SSH_KEY
PRODUCTION_SSH_KEY
STAGING_SSH_HOST
PRODUCTION_SSH_HOST
A sample workflow
# This is a workflow to deploy the api part of this project to docker
name: Deploy NodeJS App
on:
push:
branches:
- "dev"
env:
STAGING_ONBOARDBASE_SETUP: ${{ secrets.STAGING_ONBOARDBASE_SETUP }}
STAGING_ONBOARDBASE_TOKEN: ${{ secrets.STAGING_ONBOARDBASE_TOKEN }}
jobs:
setup-build-deploy:
name: Setup, Build, and Deploy
runs-on: ubuntu-latest
steps:
- name: Install Onboardbase
run: |-
wget https://onboardbase-cli.fra1.digitaloceanspaces.com/apt/onboardbase-latest.deb \
sudo dpkg -i ./onboardbase-latest.deb \
onboardbase --version
- name: Setup Onboardbase
run: |-
onboardbase config:set-token $STAGING_ONBOARDBASE_TOKEN \
echo $STAGING_ONBOARDBASE_SETUP > .onboardbase.yml
- name: Test Project
run: yarn test
- run: |-
which rsync || ( apt-get update -y && apt-get install rsync -y ) \
which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y ) \
eval $(ssh-agent -s) \
ssh-add <(echo "$STAGING_SSH_KEY") \
mkdir -p ~/.ssh \
echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
- name: Deploy
run: |-
ssh -o "StrictHostKeyChecking no" $STAGING_SSH_HOST "cd ~/app && git fetch && git checkout dev && git pull origin dev && yarn && rm -rf ./dist && yarn build && pm2 restart 'express-server'"
Test Pipeline
For the test pipeline to run successfully, we need to install Onboardbase CLI
The step before it installs, authenticates and setup the runner using the staging credentials so it can successfully read the secrets from the project and environment in the setup file.
- name: Install Onboardbase
run: |-
wget https://onboardbase-cli.fra1.digitaloceanspaces.com/apt/onboardbase.deb \
sudo dpkg -i ./onboardbase.deb \
onboardbase --version
- name: Setup Onboardbase
run: |-
onboardbase config:set-token $STAGING_ONBOARDBASE_TOKEN \
echo $STAGING_ONBOARDBASE_SETUP > .onboardbase.yml
Deployment
This CI/CD workflow file assumes you are using Onboardbase CLI to manage the environments already, please check one of our manage tutorial to set up a managed server.
Updated 8 months ago