leejunkim

github actions for clouddeploy

2 min read

  • Why Did You Add GitHub Actions?

    • I wanted to show that I understand DevOps principles like CI/CD. Even though I could deploy manually from my machine, setting up GitHub Actions makes the process repeatable, consistent, and scalable — especially if the app grows or if other teammates are working on it.
    • It also helps reduce human error and speeds up deployments after every push.

  • benefits

    • Consistency: Always deploys the latest version on push — no forgetting to deploy.
    • Team readiness: Teammates don’t need your local setup or AWS CLI — they can just push to main.
    • Professional touch: Recruiters love seeing automation, even in small projects.
    • Audit trail: You can see deployment logs in GitHub — helpful for debugging.
    • Prepares for the future: If you later want to build & test before deploy (like React/Next), it fits right in.

  • Testing: Before deploying, the team might want to run automated tests (e.g., link checking, basic layout tests) to ensure the build is valid. GitHub Actions provides a framework to integrate these tests into the workflow. If tests fail, the deployment can be prevented.

name: Deploy to AWS S3
 
on:
  push:
    branches:
      - main
env:
  AWS_REGION: us-east-1
 
permissions:
  id-token: write
  contents: read
 
jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repo
        uses: actions/checkout@v3
 
      - name: Set up Node.js
        uses: actions/setup-node@v2
        with:
          node-version: "18"
 
      - name: Install dependencies
        run: npm install
 
      - name: "Configure AWS Credentials"
        uses: aws-actions/configure-aws-credentials@v4.1.0
        with:
          role-to-assume: arn:aws:iam::904233092874:role/GitHubAction-AssumeRoleWithAction
          role-session-name: GitHub_to_AWS_via_OIDC
          aws-region: ${{ env.AWS_REGION }}
 
      - name: Deploy to S3
        run: node backend/deploy.js
        working-directory: ./
  • secrets.AWS_ACCESS_KEY_ID, secrets.AWS_SECRET_ACCESS_KEY
    • Settings > General >Secrets and Variables > Actions > Add Repository secrets
- name: "Configure AWS Credentials"
        uses: aws-actions/configure-aws-credentials@v4.1.0
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: us-east-1
  • authenticates Github Actions to AWS, so that the deploy script that’s run later (node src/deploy.js) can actually access the S3 bucket
    • GIthub Actions runs on a temporary server (runner) which has no access to your AWS account unless you explicitly give it credentials
  • without this the deploy script wouldn’t be able to connect to AWS at all

Graph View

Backlinks