0

How to copy my GitHub secrets (env) file to my server path using ssh deploy method?

The .env file created by GitHub action is not being uploaded to my Ubuntu server.

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
Saran raj
  • 11
  • 2
  • Please clarify your specific problem or provide additional details to highlight exactly what you need. As it's currently written, it's hard to tell exactly what you're asking. – Community May 10 '23 at 18:35

1 Answers1

0

"[...] to my server": that would assume your server is reachable through internet by GitHub itself (and its GitHub Actions runner servers)

But if it is reachable, then:

  • Generate an SSH key pair on your local machine, dedicated for that one usage (that way, you can revoke it easily, without touching any other key, including your default ones)

    ssh-keygen -t rsa -b 4096 -C "your_email@example.com" -P "" -f ~/.ssh/keyToCopy

    This will create a public and private key pair. The public key will be placed in ~/.ssh/keyToCopy.pub and the private key in ~/.ssh/keyToCopy.

  • Copy your public key to your Ubuntu server:

    ssh-copy-id -i ~/.ssh/keyToCopy username@your_server_ip

    This will append your public key to the ~username/.ssh/authorized_keys file on your server, allowing you to log in with your private key.

Then, using the appleboy/scp-action, create a GitHub Actions workflow file in your repository (e.g., .github/workflows/deploy.yml).
It will create the .env (see "How do I use an env file with GitHub Actions?") from your GitHub secrets. And copy it to the server.

name: Deploy to server

on:
  push:
    branches:
      - main

jobs:
  deploy:
    runs-on: ubuntu-latest

    steps:
    - name: Checkout repository
      uses: actions/checkout@v2

    - name: 'Create env file'
      run: |
        echo "${{ secrets.ENV_FILE }}" > .env

    - name: Copy .env file to server using SCP
      uses: appleboy/scp-action@master
      with:
        host: ${{ secrets.SERVER_IP }}
        username: ${{ secrets.SERVER_USER }}
        key: ${{ secrets.SSH_PRIVATE_KEY }}
        source: ".env"
        target: ${{ secrets.SERVER_PATH }}

Add the following secrets to your GitHub repository:

  • SSH_PRIVATE_KEY: Your private SSH key, here the one from ~/.ssh/keyToCopy
  • SERVER_USER: Your Ubuntu server username
  • SERVER_IP: Your Ubuntu server IP address
  • SERVER_PATH: The target directory on your server where you want to copy the .env file
  • ENV_FILE: your .env file content

To add these secrets, go to your GitHub repository's Settings tab, then click on Secrets in the left sidebar, and click on "New repository secret" to add each secret.

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250