It's pretty easy to set up GitHub action with AWS EC2 for deployments using SSH key, follow these 3 breakdowns to implement the pipeline.
1. Generate SSH Key
cd ~/.ssh
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
Enter file name: "key_name"
ls
and list out files of the .ssh folder, you should be seeing "key_name" and "key_name.pub"
- Add public key to authroised keys ```sh
cat github-actions.pub >> ~/.ssh/authorized_keys
For detailed information on SSH Key generation process check this reference: https://zellwk.com/blog/github-actions-deploy/
## 2. Set Github Secrets
SSH_PRIVATE_KEY: private key that we created on ec2
HOST_NAME / IP_ADDRESS: Elastic IP or IP of EC2
USER_NAME: user name of the ec2 user.
## 3. Create a branch_name.yml ( for `dev` branch `dev.yml` ) file under .github/workflows
Update the dev to your branch name
```yml
name: Deploy
on:
push:
branches: [ dev ]
jobs:
Deploy:
name: Deploy to EC2
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Build & Deploy
env:
PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
HOSTNAME: ${{secrets.SSH_HOST}}
USER_NAME: ${{secrets.USER_NAME}}
run: |
echo "$PRIVATE_KEY" > private_key && chmod 600 private_key
ssh -o StrictHostKeyChecking=no -i private_key ${USER_NAME}@${HOSTNAME} '
# Now we have got the access of EC2 and we will start the deploy .
cd /home/ubuntu/<PROJECT_DIRECTORY> &&
git checkout dev &&
git fetch --all &&
git reset --hard origin/dev &&
git pull origin dev &&
sudo npm i &&
sudo npm run build &&
sudo pm2 stop ./dist/index.js &&
sudo pm2 start ./dist/index.js
'
Gist Ref: https://gist.github.com/raviagheda/c69ae5e884f4490b1af656dbd80c00dd
Enjoy!
If you are here it means you may have enjoyed reading this blog. Just follow me "Ravi Agheda" which will motivate to write more, and contribute to open source. You can make me a coffee☕️ . Small support comes a long way!
Top comments (3)
is this ci/cd?
when i commit and push code to github , will it directly change in ec2 ngnix?
Yes, Indeed.
Warning: Permanently added '***' (ED25519) to the list of known hosts.
debug1: check_host_key: hostkey not known or explicitly trusted: disabling UpdateHostkeys
debug1: ssh_packet_send2_wrapped: resetting send seqnr 3
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: ssh_packet_read_poll2: resetting read seqnr 3
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: private_key explicit
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug1: No credentials were supplied, or the credentials were unavailable or inaccessible
No Kerberos credentials available (default cache: FILE:/tmp/krb5cc_1001)
debug1: No credentials were supplied, or the credentials were unavailable or inaccessible
No Kerberos credentials available (default cache: FILE:/tmp/krb5cc_1001)
I can't login ssh with private key username host Can you help me?
debug1: Next authentication method: publickey
debug1: Trying private key: private_key
Load key "private_key": error in libcrypto
debug1: No more authentication methods to try.
@: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
Error: Process completed with exit code 255.