Skip to content

Repository containing workflow templates and other guidelines

Notifications You must be signed in to change notification settings


Folders and files

Last commit message
Last commit date

Latest commit



77 Commits

Repository files navigation


Repository containing workflow templates and other guidelines


Build & Deploy via GitHub Actions

1. Dockerize your Application

Create a Dockerfile for all your services that you want to deploy.

2. Setup Build and Push Docker Image Workflow


We want to maintain a consistent workflow for our docker images across all repositories and maintain it at a central place. Therefore, we provide a workflow that you can call in your repository without the need to copy the workflow file!

Create a new GitHub Actions workflow file (e.g., .github/workflows/build-and-push.yml) in your repository with the following content:

name: Build and Push Docker Image

on: # Adjust the triggers, conditions, etc. to your needs, see examples below
    branches: [main]

  # You can also build and push multiple images in parallel using a matrix (see examples)
    uses: ls1intum/.github/.github/workflows/build-and-push-docker-image.yml@main
      image-name: ls1intum/<repository-name>/<your-image-name> # Defaults to the repository name = <owner>/<repository-name>
      docker-file: path/to/your/Dockerfile # Defaults to Dockerfile
    secrets: inherit


3. Create a Docker Compose File

Include the images from the registry and have IMAGE_TAG as a placeholder for the image tag that you want to deploy, i.e. latest, pr-233, etc. A name for the compose file could be

    image: "<repository-name>/<your-image-name>:${IMAGE_TAG}"
      - SECRET_1=${SECRET_1}
      - VAR_1=${VAR_1}
      - VAR_2=${VAR_2}

4. Setup Deploy Docker Compose Workflow

name: Deploy to Development

  workflow_dispatch: # For manual triggers via the GitHub Actions UI
        type: string
        description: "Image tag to deploy (default: pr-<number> if PR exists, latest for default branch)"

    uses: ls1intum/.github/.github/workflows/deploy-docker-compose.yml@main
      environment: Development # Replace with your environment 
      docker-compose-file: "./" # Path to your docker-compose file
      main-image-name: ls1intum/<image-name> # For checking if images with image tag exist
      image-tag: ${{ inputs.image-tag }}
      env-file-name: .env.test1 # (Optional) Path to the .env file, defaults to .env
      remove-volumes: false # (Optional) Remove volumes after stopping the services
    secrets: inherit


5. Setup Deployment User on Virtual Machine

Prerequisites: VM exists at VM_HOST and is accessible via SSH

  1. SSH into the VM: ssh <your-user>@<VMHost>
  2. Create new user called github_deployment with: sudo adduser github_deployment --disabled-password, you can leave all fields empty
  3. Check if docker is installed: sudo docker info, if not install with these instructions
  4. Add github_deployment to the docker group: sudo usermod -aG docker github_deployment
  5. Create the deployment directory /opt/github and give github_deployment access: sudo mkdir /opt/github && sudo chown github_deployment:github_deployment /opt/github
  6. Switch to github_deployment user: sudo su github_deployment
  7. Generate a new SSH key on VM: ssh-keygen -t ed25519 -C "github_deployment@<VMHost>", leave passphrase empty
  8. Copy the public key to the authorized keys: cat /home/github_deployment/.ssh/ > /home/github_deployment/.ssh/authorized_keys
  9. Copy the private key to your clipboard: cat /home/github_deployment/.ssh/id_ed25519

6. Setup GitHub Secrets, Variables, and Other Settings

  1. Go to your repository settings:
  2. Click Environments then New environment, if not already created
  3. Setup the following secret:
    • VM_SSH_PRIVATE_KEY: Paste the private key from the VM
  4. Setup the following variables:
    • VM_HOST: The hostname of the VM, without protocol (e.g.,
    • VM_USERNAME: github_deployment, the user you created on the VM
  5. Set required reviewers (people or teams) that should approve the workflow run before it can be deployed to the environment. Note: Approval is needed if you are reading a protected environment
  6. Add your sensitive secrets to Environment secrets and your insensitive variables to Environment variables
    • Caution: Variables will be visible in the logs, secrets will be automatically censored by GitHub

7. Deploy

  1. Go to the Actions tab in your repository
  2. Click on the Deploy to Development workflow
  3. Click on Run workflow and enter the image tag you want to deploy, leave empty for default (pr-<number> if PR exists, latest for default branch)
  4. Wait for the workflow to finish, approve the deployment if required


Repository containing workflow templates and other guidelines






No packages published