Github Actions

Use Onboardbse in your Github Actions

📘

This section assumes you already used Onboardbase CLI in your project, check the installation and setup sections.

📘

TIP

You can authenticate the CLI with Environment variables.
Supported environment variables are:

  • ONBOARDBASE_TOKEN - A service token
  • ONBOARDBASE_PROJECT - an onboardbase project name
  • ONBOARDBASE_ENVIRONMENT - an environment in the specified project

We recommend using our pre-configured github actions. If you prefer to do it on your own, please do continue below.

It is easier to create an Onboardbase configuration file during development through the onboardbase setup command, which is not the case most time for automated CI/CD processes.

In this guide, we will illustrate how to pull all your managed Onboardbase secrets into your Github CI/CD Actions that automatically authorize and set up with values from GitHub Configuration Secrets.

This section assumes you already used Onboardbase CLI in your project. Check the installation and setup sections.

Generate Service Token

Click on the Manage Organization from an admin account and generate two service tokens, one for staging and the other for production.

Go to your GitHub repository setting, and add new secrets STAGING_ONBOARDBASE_TOKEN and PRODUCTION_ONBOARDBASE_TOKEN with the new service tokens, respectively.

Access to a remote SSH server

This guide assumes you have SSH access to a remote server and also have access to the private key.

Add the private keys(staging and production servers) to your GitHub project secrets with the names PRODUCTION_SSH_KEY and STAGING_SSH_KEY, respectively.

Overall, to have the perfect configuration requirements, your CI process should have access to the following config variables:

  • STAGING_ONBOARDBASE_TOKEN
  • PRODUCTION_ONBOARDBASE_TOKEN
  • STAGING_ONBOARDBASE_SETUP
  • PRODUCTION_ONBOARDBASE_HOST
  • STAGING_SSH_KEY
  • PRODUCTION_SSH_KEY
  • STAGING_SSH_HOST
  • PRODUCTION_SSH_HOST

A sample workflow

# This is a workflow to deploy the api part of this project to docker

name: Deploy NodeJS App

on:
  push:
    branches:
      - "dev"

env:
  STAGING_ONBOARDBASE_SETUP: ${{ secrets.STAGING_ONBOARDBASE_SETUP }}
  STAGING_ONBOARDBASE_TOKEN: ${{ secrets.STAGING_ONBOARDBASE_TOKEN }}

jobs:
  setup-build-deploy:
    name: Setup, Build, and Deploy
    runs-on: ubuntu-latest
    steps:
      - name: Install Onboardbase
        run: |-
          wget https://onboardbase-cli.fra1.digitaloceanspaces.com/apt/onboardbase-latest.deb \
          sudo dpkg -i ./onboardbase-latest.deb \
          onboardbase --version
      - name: Setup Onboardbase
        run: |- 
          onboardbase config:set-token $STAGING_ONBOARDBASE_TOKEN \
          echo $STAGING_ONBOARDBASE_SETUP > .onboardbase.yml
      - name: Test Project
        run: yarn test
      - run: |-
          which rsync || ( apt-get update -y && apt-get install rsync -y ) \
          which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y ) \
          eval $(ssh-agent -s) \
          ssh-add <(echo "$STAGING_SSH_KEY") \
          mkdir -p ~/.ssh \
          echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config

      
      - name: Deploy
        run: |-
          ssh -o "StrictHostKeyChecking no" $STAGING_SSH_HOST "cd ~/app && git fetch && git checkout dev && git pull origin dev && yarn && rm -rf ./dist && yarn build && pm2 restart 'express-server'"

Test Pipeline

For the test pipeline to run successfully, we need to install Onboardbase CLI

The step before it installs, authenticates and setup the runner using the staging credentials so it can successfully read the secrets from the project and environment in the setup file.

- name: Install Onboardbase
  run: |-
    wget https://onboardbase-cli.fra1.digitaloceanspaces.com/apt/onboardbase.deb \
    sudo dpkg -i ./onboardbase.deb \
    onboardbase --version
- name: Setup Onboardbase
  run: |- 
    onboardbase config:set-token $STAGING_ONBOARDBASE_TOKEN \
    echo $STAGING_ONBOARDBASE_SETUP > .onboardbase.yml

Deployment

This CI/CD workflow file assumes you are using Onboardbase CLI to manage the environments already, please check one of our manage tutorial to set up a managed server.