kamal + github actions

readme.md

Example of Kamal deployment from Github Actions.

Add your applications .env variables to the Github repo as a repository secret, you can find this under the repo settings => secrets and variables => actions

https://github.com/username/repo_name/settings/secrets/actions

you are going to need an ssh private key that your deployment server is aware of (add public key to servers .ssh/authorized_keys) and add the ssh private key as a repo secret

create action workflows

.github/workflows/deploy.yml

heroku style, push code trigger kamal deploy you can extend the workflow to include testing and deploy based on test results

name: CD

on:
  push:
    branches:
      - main

jobs:
  Deploy:
    if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
    runs-on: ubuntu-latest

    env:
      DOCKER_BUILDKIT: 1
      RAILS_ENV: production
      RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}
      KAMAL_REGISTRY_PASSWORD: ${{ secrets.KAMAL_REGISTRY_PASSWORD }}
      KAMAL_REGISTRY_USERNAME: ${{ secrets.KAMAL_REGISTRY_USERNAME }}

    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: 3.2.2
          bundler-cache: true

      - name: Install dependencies
        run: |
          gem install specific_install
          gem specific_install https://github.com/basecamp/kamal.git 

      - uses: webfactory/ssh-agent@v0.7.0
        with:
          ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}

      - name: Set up Docker Buildx
        id: buildx
        uses: docker/setup-buildx-action@v2
    
      - name: Run deploy command
        run: kamal deploy

optional kamal workflow

this this workflow you can run kamal arbitrary commands from the github actions panel, when running the workflow manually it will ask for a command input thats executed inside the action.

.github/workflows/kamal.yml

name: KAMAL Command

on:
  workflow_dispatch:
    inputs:
      command:
        description: "KAMAL command to run"
        default: "kamal app details"

jobs:
  Command:
    runs-on: ubuntu-latest

    env:
      RAILS_ENV: production
      RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}
      KAMAL_REGISTRY_PASSWORD: ${{ secrets.KAMAL_REGISTRY_PASSWORD }}
      KAMAL_REGISTRY_USERNAME: ${{ secrets.KAMAL_REGISTRY_USERNAME }}

    steps:
      - name: Checkout
        uses: actions/checkout@v3
      
      - uses: webfactory/ssh-agent@v0.7.0
        with:
          ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}

      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: 3.2.2
      
      - name: Install dependencies
        run: |
          gem install specific_install
          gem specific_install https://github.com/basecamp/kamal.git main

      - name: Run KAMAL command
        run: ${{ github.event.inputs.command }}

Here is the final workflow I ended up with:

name: Deploy
concurrency:
  group: production
  cancel-in-progress: true
on:
  push:
    branches:
      - main
jobs:
  deploy:
    runs-on: ubuntu-latest
    env:
      DOCKER_BUILDKIT: 1
      RAILS_ENV: production
      RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}
      KAMAL_REGISTRY_PASSWORD: ${{ secrets.KAMAL_REGISTRY_PASSWORD }}
      KAMAL_REGISTRY_USERNAME: ${{ secrets.KAMAL_REGISTRY_USERNAME }}
    steps:
      - uses: actions/checkout@v4
      - uses: ruby/setup-ruby@v1
        with:
          ruby-version: 3.3.0
          bundler-cache: true
      - run: gem install kamal
      - uses: webfactory/ssh-agent@v0.9.0
        with:
          ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
      - uses: docker/setup-buildx-action@v3
      - run: kamal lock release
      - run: kamal redeploy