ci: update SSH action version and enhance deployment script#5
ci: update SSH action version and enhance deployment script#5
Conversation
There was a problem hiding this comment.
Pull request overview
This PR updates the GitHub Actions deployment workflow to improve SSH-based deployments by pinning the SSH action version and making the remote deploy path configurable via script variables.
Changes:
- Bumped
appleboy/ssh-actionfromv1tov1.0.3. - Added
set -eand introducedREPO_NAME/APP_DIR/BRANCHvariables in the remote deployment script. - Changed the deployment directory to
/srv/apps/$REPO_NAMEand ensured it is created.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # Configuration | ||
| REPO_NAME="orcta-stack" | ||
| APP_DIR="/srv/apps/$REPO_NAME" | ||
| BRANCH="${{ github.ref_name }}" |
There was a problem hiding this comment.
BRANCH is defined from github.ref_name but never used in the script. This adds confusion about what is actually being deployed; either use it (e.g., to check out/pull the correct branch on the server) or remove it.
| BRANCH="${{ github.ref_name }}" |
| # Create app directory if it doesn't exist | ||
| mkdir -p "$APP_DIR" | ||
| cd "$APP_DIR" | ||
|
|
There was a problem hiding this comment.
The script now creates and cds into $APP_DIR, but it doesn't ensure that required deployment files (e.g. docker-compose.prod.yml referenced later) exist in that directory. On a fresh host (or if the directory is empty), the subsequent docker compose -f docker-compose.prod.yml ... commands will fail; consider adding a guard with a clear error (or cloning/pulling the repo into $APP_DIR as part of the script).
| # Ensure required deployment file exists | |
| if [ ! -f docker-compose.prod.yml ]; then | |
| echo "Error: docker-compose.prod.yml not found in $APP_DIR. Ensure the deployment repository is cloned and files are present before running this workflow." | |
| exit 1 | |
| fi |
| APP_DIR="/srv/apps/$REPO_NAME" | ||
| BRANCH="${{ github.ref_name }}" | ||
|
|
||
| # Create app directory if it doesn't exist | ||
| mkdir -p "$APP_DIR" | ||
| cd "$APP_DIR" |
There was a problem hiding this comment.
Switching the deploy path to /srv/apps/... assumes the SSH user has permission to create/write there. If ${{ secrets.VPS_USER }} is not root (or doesn’t have the right ACLs), mkdir -p "$APP_DIR" will fail; consider using a path that matches the user's permissions, or explicitly using sudo after confirming the runner user can elevate.
This pull request updates the deployment workflow to improve reliability and flexibility during SSH-based deployments. The most important changes include updating the action version, adding error handling, and making the deployment directory configurable.
Deployment workflow improvements:
appleboy/ssh-actionto versionv1.0.3for improved stability and compatibility.set -eto the deployment script to ensure the process stops on errors, preventing partial deployments.REPO_NAME,APP_DIR,BRANCH) to make the deployment directory and branch dynamic and easier to manage./srv/apps/$REPO_NAMEand ensured it is created if it does not exist, improving flexibility for different environments.