GitHub Actions templates for deploying to Astro from private networks
If you don’t have access to the Astronomer deploy action because you can’t access the public internet from your GitHub repository, use one of the following private network templates to deploy to Astro.
Read the following sections to choose the right template for your use case. If you have one Deployment and one environment on Astro, use the single branch implementation. If you have multiple Deployments that support development and production environments, use the multiple branch implementation. If your team builds custom Docker images, use the custom image implementation.
You can configure your CI/CD pipelines to deploy a full project image or your dags directory. To learn more about CI/CD on Astro, see Choose a CI/CD strategy.
If you use a self-hosted runner to execute jobs from GitHub Actions, the Astro CLI’s config.yaml file, which stores default deploy details, might be shared across your organization and hence multiple CI/CD pipelines. To reduce the risk of accidentally deploying to the wrong Deployment, ensure the following:
- Add
ASTRO_API_TOKENto your repository and include a check in your GitHub workflow to verify that it exists. - Use Deployment API tokens, which are scoped only to one Deployment, instead of Workspace or Organization API tokens.
- Specify
deployment-idordeployment-namein your action. For example,astro deploy <deployment-id>orastro deploy -n <deployment-name>. - Add the command
astro logoutat the end of your workflow to ensure that your authentication token is cleared from theconfig.yamlfile.
Prerequisites
- An Astro project hosted in a GitHub repository.
- An Astro Deployment.
- A Deployment API token, Workspace API token, or Organization API token.
- Access to GitHub Actions.
Setup
Single branch
Multiple branch
Custom Image
To automate code deploys to a Deployment using GitHub Actions, complete the following setup in a Git-based repository that hosts an Astro project:
- Set the following as GitHub secrets:
ASTRO_API_TOKEN: The value for your Workspace or Organization API token.
- In your project repository, create a new YAML file in
.github/workflowsthat includes the following configuration. When you make a commit to a specified branch, this workflow sets your Deployment API credentials as environment variables, installs the latest version of the Astro CLI, checks to see if yourdagsfolder has changes, and then either completes a full code deploy or a dag-only code deploy.