# Name our workflow
name: Production Deployment
# Controls when the workflow will run
# Triggers the workflow on push or pull request events but only for the "prod" branch
branches: [ prod ]
# Allows you to run this workflow manually from the Actions tab
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Add production environment protection
environment: production
# Steps represent a sequence of tasks that will be executed as part of the job
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v4
# Set up SSH authentication using our private key
- name: Install SSH Key
uses: webfactory/ssh-agent@v0.7.0
ssh-private-key: ${{ secrets.PROD_SSH_KEY }}
# Add our server to known_hosts to prevent SSH security prompts
- name: Add Known Hosts
run: ssh-keyscan -H ${{ secrets.PROD_SERVER_IP }} >> ~/.ssh/known_hosts
# Connect to our server and run the update script
- name: Deploy
run: |
ssh ${{ secrets.PROD_SERVER_USER }}@${{ secrets.PROD_SERVER_IP }} '${{ secrets.PROD_DEPLOY_COMMAND }}'