Python: Deploy with GitHub Actions

How to deploy your Python code using GitHub Actions

👋 Welcome to the Stackhero documentation!

Stackhero offers a ready-to-use Python cloud solution that provides a host of benefits, including:

  • Deploy your application in seconds with a simple git push.
  • Use your own domain name and benefit from the automatic configuration of HTTPS certificates for enhanced security.
  • Enjoy peace of mind with automatic backups, one-click updates, and straightforward, transparent, and predictable pricing.
  • Get optimal performance and robust security thanks to a private and dedicated VM.

Save time and simplify your life: it only takes 5 minutes to try Stackhero's Python cloud hosting solution!

GitHub Actions allows you to automate tasks, such as deploying your Python code to production servers.

In this guide, you will learn how to securely and reliably use GitHub Actions to deploy your Python code to both staging and production environments.

To achieve this, you will maintain two branches: staging and production. Code pushed to these branches will automatically be deployed to the corresponding Stackhero instance.

Having a staging instance is not mandatory. You can follow this guide and have just one production instance. However, to ensure smooth deployments and be fully confident when deploying to production, it is strongly recommended to maintain both a staging and a production instance. This practice is an industry standard and a sound approach that can help you avoid numerous issues.

Before you begin, ensure you have a GitHub account with a repository hosting your code.

Creating the Python services

Visit your Stackhero dashboard and create two Stackhero services, one for staging and one for production. For clarity, you might consider renaming these services to "Production" and "Staging".

Don't have a Stackhero account yet? You can sign up in just two minutes for free and then create your Python cloud services with just a few clicks.

Example of production and staging servicesExample of production and staging services

Configure SSH keys

SSH keys allow GitHub Actions to securely connect to your Python service for code deployment. This step is essential for protecting your Stackhero services.

On your computer, generate new SSH keys by running:

ssh-keygen -C "" -f /tmp/ssh_key -N ""

Set the public key

First, retrieve the public key you just generated:

cat /tmp/ssh_key.pub

Then, in Stackhero's dashboard, select your "production" Python service and click on the "Configure" button.

Get service settingsGet service settings

Follow these steps:

  1. In SSH public keys, click on Add a public key.
  2. In Description, enter GitHub Action.
  3. In Key, paste the public key you copied from your computer.

Add public keyAdd public key

Set the private key

Navigate to your GitHub project page and click on Settings, then on Environments. Select New environment.

Configuring GitHub environmentsConfiguring GitHub environments

In the Name field, type "production" and confirm.

Setting the environmentSetting the environment

Click on the No restriction button and choose Selected branches and tags.

Setting environment restrictionsSetting environment restrictions

Next, click on Add deployment branch or tag rule, enter "production" in the Name pattern field, and click on Add rule.

Setting environment branchSetting environment branch Setting environment branchSetting environment branch

In the Environment secrets section, click on Add secret.

Add secretAdd secret

Now, retrieve the private key you generated earlier:

cat /tmp/ssh_key

In the secret setup, use STACKHERO_SSH_PRIVATE_KEY as the Name and paste the private key as the Value.

Setting the SSH private key secretSetting the SSH private key secret

Then, in the Environment variables section, click on Add variable.

Setting variablesSetting variables

Enter STACKHERO_ENDPOINT as the Name and paste your Python service endpoint as the Value. You can find this endpoint in your Stackhero dashboard.

Setting the endpoint variableSetting the endpoint variable

If you have customised your service's domain name, use the customised version instead of xxxxxx.stackhero-network.com.

Delete the generated keys

For security reasons, remove the SSH keys from your computer as you will no longer need them:

rm /tmp/ssh_key /tmp/ssh_key.pub

Configure the GitHub Actions workflow

In your Git repository, create a directory called .github/workflows if it does not already exist. Then create a file named deploy-to-stackhero.yml in that directory.

# File: .github/workflows/deploy-to-stackhero.yml

name: Deploy to Stackhero
run-name: Deploy branch "${{ github.ref_name }}" to Stackhero

on:
  push:
    # List of branches that will trigger the deploy action following a git push.
    # Do not forget to create an environment corresponding to the branch name in GitHub (in "Settings"/"Environments").
    # Then add the corresponding secret "STACKHERO_SSH_PRIVATE_KEY" and variable "STACKHERO_ENDPOINT" in this environment.
    branches: [ "production", "staging" ]

jobs:
  Deploy:
    environment: ${{ github.ref_name }}
    runs-on: ubuntu-latest
    steps:
    - uses: stackhero-io/github-actions-deploy-to-stackhero@v1
      with:
        # The secret "STACKHERO_SSH_PRIVATE_KEY" and the variable "STACKHERO_ENDPOINT" should be defined in the corresponding branch environment on GitHub under "Settings"/"Environments".
        ssh_private_key: ${{ secrets.STACKHERO_SSH_PRIVATE_KEY }}
        endpoint: ${{ vars.STACKHERO_ENDPOINT }}

Commit these changes by running:

git add -A .
git commit -m "Add GitHub Actions to deploy to Stackhero"

Then create a production branch:

git checkout -b production

Lastly, push your changes to GitHub:

git push --set-upstream origin production

This command pushes your code to the GitHub production branch and triggers GitHub Actions to deploy the code to your Stackhero instance.

To check the deployment, visit the GitHub project page and click on Actions.

GitHub Actions that deployed to productionGitHub Actions that deployed to production

Congratulations, you can now automatically deploy your code to production using GitHub Actions!

Creating the staging environment

Setting up the staging environment is very similar to configuring the production environment. Simply repeat the steps above, replacing production with staging.

After setting up the environment, create a staging branch:

git checkout -b staging

Then push your staging branch to GitHub:

git push --set-upstream origin staging

GitHub Actions will automatically deploy your staging branch to the Python instance designated for staging.

Going further

It is a good practice to protect the production and staging branches to prevent direct pushes. With this setup, pull requests must be created for the staging branch and merged by team members with the appropriate rights. Once validated on the staging platform, the pull request can be merged into the production branch by the same authorised individuals.

This approach enhances security by ensuring that only approved changes are deployed and improves reliability by testing new features on the staging platform before they reach production.

Other articles for Python