15 nov

Jennifer and I are working on figuring out how to use GitHub actions to deploy to our dev and prod servers. Here are some notes from what we’ve tried and figured out.

notes

Tried a new GitHub action that focuses on connecting to a server via SSH (using either a password or a private key), could not get it to connect, even using a password instead of the private key… our firewall must really be blocking it, kept timing out before it could complete the handshake

Establishing a SSH connection to ***. ⚠️ The GitHub Action couldn't connect to ***. Error: Timed out while waiting for handshake

Found this public IP address action, which does indeed list to public IP address of the container. The docs claim “This action allows you to whitelist the runner’s address and remove it once the pipeline finishes” buuuuut how? https://github.com/haythem/public-ip

Could we maybe VPN from the container?? https://github.com/marketplace/actions/connect-vpn

We are not alone in being upset about the dynamic IP list: https://github.community/t/whitelist-github-workflow/16077/9

After thinking about my plan to use the PHP deploy/github web hook we currently use, I actually don’t think that’s going to work… the testing/building will happen inside the container, but the deploy stuff happens in the repo. The build is compiled in /.nuxt directory, but that is git-ignored, so it legit doesn’t exist in GitHub and therefore cannot be deployed via web hook 
We’d have to set it up to run tests in the container before being allowed to deploy to the server (all normal and fine). Once it hits the server, it could build and restart pm2, but that means all the code has to live on the server, which I was hoping to avoid