GitHub actions allows to make use of your GitHub-hosted code repositories for running custom scripts for testing, deployment, and much more.
- Before You Get Started (Some Caveats and Prerequisites)
- (Basically) How GitHub Actions Work
- How to set up the GitHub FTP Action
- Deploy Files to Unmanaged VPS Cloud Server With SCP (Added Security)
Before You Get Started (Some Caveats and Prerequisites)
Before you start this tutorial, you should already have the following resources up and running:
- A website project under Git version control
- A remote repository hosted at GitHub
The FTP (and SCP) GitHub actions you will be using trigger on “push,” meaning they are set to run when you push changes to your remote repository hosted at GitHub.
(Basically) How GitHub Actions Work
GitHub actions can seem confusing at first glance, but most of the complicated work has been done for you. The necessary GitHub actions for basic file deployment and publishing just require you to plug and play.
The configurations for your actions are held in a “yaml” file: main.yml in a “.github/workflows” directory.
Just create a “.github” directory in your project’s working directory, followed by a “workflows” directory beneath. Then create your main.yml file inside the “workflows” directory.
The directory structure will look like this:
<working-directory>/.github/workflows/main.yml
The GitHub actions take place on the GitHub server, not your InMotion Hosting server, and they are triggered by various git commands.
In the examples used in this article, the action is triggered on “push,” the git command to send your code to the repository.
GitHub Secrets
Have a secret to share? Or, rather not share? Of course you do. In order to deploy your files to a server, you will need some secret credentials. For example, in the FTP action, GitHub will take your FTP username and password and use them to log into the destination server.
But, your “yaml” file, which contains the action values, is available in your repository, which is a massive security hazard. GitHub has solved this dilemma by allowing you to add “secrets” to your repository that can be passed in as variables.
In the “yaml” configuration, you will be able to add secret key values that will act as placeholders for the real secret, which will only be accessible to you or anyone else who has access to your GitHub account.
For example:
ftp-password: ${{ secrets.FTP_PASSWORD }}
To add a “secret” to your repository, click the Settings tab and choose Secrets. These secrets apply only to the individual repository.
As always, security must be your first concern, so how you choose to manage your GitHub account will be critical to making sure these secrets are safe. To that end, GitHub allows you to set up 2-factor authentication; which will add another layer of security on top of your default username/password combination.
If you are interested in how to deploy files to your unmanaged VPS without using GitHub as a hosted service, check out our full guide on how to publish files to your server using Git.
Using The GitHub FTP Action
The “ftp-deploy” action is ideal for deploying files to your WordPress Hosting, shared hosting, or cPanel managed VPS accounts.
However, for cloud servers, the SCP method is recommended.
Edit the .github/workflows/main.yml file and place this code inside:
on: push name: Publish Website jobs: FTP-Deploy-Action: name: FTP-Deploy-Action runs-on: ubuntu-latest steps: - uses: actions/[email protected] with: fetch-depth: 2 - name: FTP-Deploy-Action uses: SamKirkland/[email protected] with: ftp-server: ftp://ftp.example.com:21/public_html ftp-username: userna5 ftp-password: ${{ secrets.FTP_PASSWORD }}
Note the following:
- The file path set for the “ftp-server” option lands in “public_html” directory; make sure to update this as necessary for your project, or leave it as is to drop your project files in that directory.
- The username “userna5” must be substituted with your correct cPanel or FTP username.
- Alternatively, you could use a GitHub secret for your username in the same fashion as the FTP password.
Before committing and pushing your code to the repository, make sure you have substituted all of the placeholder values, including “FTP_PASSWORD” secret.
Deploy Files to Unmanaged VPS Cloud Server With SCP (Added Security)
Using the “scp-action” action available from the GitHub website, SCP offers an extra layer of security with SSH keys.
By default, your InMotion Hosting cloud VPS does not allow root login via password authentication. SSH key authentication provides your only way in. In order to allow GitHub to copy files to your server, you will need to add your SSH private key and secure passphrase as a GitHub secret, and, optionally, your username (which would be “root” by default), hostname (or IP address).
Here is the “yaml” configuration for SCP:
name: scp files on: [push] jobs: build: name: Build runs-on: ubuntu-latest steps: - uses: actions/checkout@master - name: copy file via ssh password uses: appleboy/scp-action@master with: host: ${{ secrets.HOST }} username: ${{ secrets.USERNAME }} key: ${{ secrets.SSH2 }} passphrase: ${{ secrets.PASSPHRASE }} port: ${{ secrets.PORT }} source: "index.html,textfiles/*" target: "/var/www/html"
As with the FTP action, this action will trigger on the GitHub server when you push your changes to the repository.
Well done, you now know how to run GitHub actions for file deployment with both the FTP and SCP file transfer methods. Be sure to leave a comment or question if you have any issues or suggestions.
