DocsCore Concepts
Reference
How-to Guides
Troubleshooting
Feedback
How to deploy to Aptible with CI/CD
Overview
To make it easier to deploy on Aptible—whether you're migrating from another platform or deploying your first application—we offer integrations with several continuous integration services.
If your team is already using a Git-based deployment workflow, deploying your app to Aptible should be relatively straightforward.
Deploying with Git
Prerequisites
To deploy to Aptible via Git, you must have a public SSH key associated with your account. We recommend creating a robot user to manage your deployment:
- Create a
Robotscustom Aptible role in your Aptible organization. Grant it "Read" and "Manage" permissions for the environment where you would like to deploy. - Invite a new robot user with a valid email address (for example,
deploy@yourdomain.com) to theRobotsrole. - Sign out of your Aptible account, accept the invitation from the robot user's email address, and set a password for the robot's Aptible account.
- Generate a new SSH key pair to be used by the robot user, and don't set a password:
ssh-keygen -t ed25519 -C "your_email@example.com" - Register the SSH Public Key with Aptible for the robot user.
Configuring SSH
To deploy to Aptible via GitHub Actions, you must first create an encrypted secret for your repository with the following values:
- Name:
APTIBLE_GIT_SSH_KEY - Value: The contents of the SSH Private Key created in the previous step.
Configuring the Environment
You also need to set environment variables on your repository with the name of your Aptible environment and app, in APTIBLE_ENVIRONMENT and APTIBLE_APP, respectively. You can configure these the same way that the SSH key was added to the workflow, via workflow secrets on the GitHub Workflow.
Configuring the Workflow
Finally, you must configure the workflow to deploy your application to Aptible:
on:
push:
branches: [ main ]
env:
APTIBLE_ENVIRONMENT: ${{ secrets.APTIBLE_ENVIRONMENT }}
APTIBLE_APP: ${{ secrets.APTIBLE_APP }}
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- uses: webfactory/ssh-agent@v0.5.4
with:
ssh-private-key: ${{ secrets.APTIBLE_GIT_SSH_KEY }}
- name: Deploy to Aptible
run: |
ssh-keyscan beta.aptible.com >> ~/.ssh/known_hosts
git remote add aptible git@beta.aptible.com:${APTIBLE_ENVIRONMENT}/${APTIBLE_APP}.git
git push aptible ${GITHUB_SHA}:masterLet’s break down how this works. We begin by defining when the workflow should run (when a push is made to the main branch), and the environment variables we need (our Aptible environment and app names):
on:
push:
branches: [ main ]
env:
APTIBLE_ENVIRONMENT: ${{ secrets.APTIBLE_ENVIRONMENT }}
APTIBLE_APP: ${{ secrets.APTIBLE_APP }}Next, we run a pair of common steps that check out a shallow clone of our repository and configure the environment’s SSH agent using the private key we provided.
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- uses: webfactory/ssh-agent@v0.5.4
with:
ssh-private-key: ${{ secrets.APTIBLE_GIT_SSH_KEY }}Finally, we add our SSH private key to the workflow environment, configure a new remote for our repository on Aptible’s platform, and push our branch to Aptible:
steps:
. . .
- name: Deploy to Aptible
run: |
ssh-keyscan beta.aptible.com >> ~/.ssh/known_hosts
git remote add aptible git@beta.aptible.com:${APTIBLE_ENVIRONMENT}/${APTIBLE_APP}.git
git push aptible ${GITHUB_SHA}:masterFrom there, the procedure for a Dockerfile-based deployment remains the same!
Configuring SSH
To deploy to Aptible via CircleCI, add your SSH Private Key via the CircleCI Dashboard with the following values:
- Hostname:
beta.aptible.com - Private Key: The contents of the SSH Private Key created in the previous step.
Configuring the Environment
You also need to set environment variables on your project with the name of your Aptible environment and app, in APTIBLE_ENVIRONMENT and APTIBLE_APP, respectively. You can add these to your project using environment variables on the Circle CI dashboard.
Configuring the Deployment
Finally, you must configure the Circle CI project to deploy your application to Aptible:
version: 2.1
jobs:
git-deploy:
docker:
- image: debian:latest
filters:
branches:
only:
- circle-deploy
steps:
# Add your private key to your repo: https://circleci.com/docs/2.0/configuration-reference/#add-ssh-keys
- checkout
- run:
name: Git push and deploy to Aptible
command: |
apt-get update && apt-get install -y git openssh-client
ssh-keyscan beta.aptible.com >> ~/.ssh/known_hosts
git remote add aptible git@beta.aptible.com:$APTIBLE_ENVIRONMENT/$APTIBLE_APP.git
git push aptible $CIRCLE_SHA1:master
workflows:
version: 2
deploy:
jobs:
- git-deployLet’s break down how this works. We begin by defining when the deployment should run (when a push is made to the circle-deploy branch):
jobs:
git-deploy:
docker:
- image: debian:latest
filters:
branches:
only:
- circle-deployThe most important part of this configuration is the value of the command key under the run step. Here we add our SSH private key to the Circle CI environment, configure a new remote for our repository on Aptible’s platform, and push our branch to Aptible:
jobs:
git-deploy:
# # #
steps:
- checkout
- run:
name: Git push and deploy to Aptible
command: |
apt-get update && apt-get install -y git openssh-client
ssh-keyscan beta.aptible.com >> ~/.ssh/known_hosts
git remote add aptible git@beta.aptible.com:$APTIBLE_ENVIRONMENT/$APTIBLE_APP.git
git push aptible $CIRCLE_SHA1:masterFrom there, the procedure for a Dockerfile-based deployment remains the same!
Configuring SSH
To deploy to Aptible via Travis CI, add your SSH Private Key via the Travis CI repository settings with the following values:
- Name:
APTIBLE_GIT_SSH_KEY - Value: The base64-encoded contents of the SSH Private Key created in the previous step.
⚠️ Warning
The SSH private key added to the Travis CI environment variable must be base64-encoded.
Configuring the Environment
You also need to set environment variables on your project with the name of your Aptible environment and app, in APTIBLE_ENVIRONMENT and APTIBLE_APP, respectively. You can add these to your project using environment variables on the Travis CI dashboard.
Configuring the Deployment
Finally, you must configure the Travis CI project to deploy your application to Aptible:
language: generic
sudo: true
services:
- docker
jobs:
include:
- stage: push
if: branch = travis-deploy
addons:
ssh_known_hosts: beta.aptible.com
before_script:
- mkdir -p ~/.ssh
# to save it, cat <<KEY>> | base64 and save that in secrets
- echo "$APTIBLE_GIT_SSH_KEY" | base64 -d > ~/.ssh/id_rsa
- chmod 0400 ~/.ssh/id_rsa
- eval "$(ssh-agent -s)"
- ssh-add ~/.ssh/id_rsa
- ssh-keyscan beta.aptible.com >> ~/.ssh/known_hosts
script:
- git remote add aptible git@beta.aptible.com:$APTIBLE_ENVIRONMENT/$APTIBLE_APP.git
- git push aptible $TRAVIS_COMMIT:masterLet’s break down how this works. We begin by defining when the deployment should run (when a push is made to the travis-deploy branch) and where we are going to deploy (so we add beta.aptible.com as a known host):
# # #
jobs:
include:
- stage: push
if: branch = travis-deploy
addons:
ssh_known_hosts: beta.aptible.comThe Travis CI configuration then allows us to split our script into two parts, with the before_script configuring the Travis CI environment to use our SSH key:
# Continued from above
before_script:
- mkdir -p ~/.ssh
# to save it, cat <<KEY>> | base64 and save that in secrets
- echo "$APTIBLE_GIT_SSH_KEY" | base64 -d > ~/.ssh/id_rsa
- chmod 0400 ~/.ssh/id_rsa
- eval "$(ssh-agent -s)"
- ssh-add ~/.ssh/id_rsa
- ssh-keyscan beta.aptible.com >> ~/.ssh/known_hostsFinally, our script block configures a new remote for our repository on Aptible’s platform, and pushes our branch to Aptible:
# Continued from above
script:
- git remote add aptible git@beta.aptible.com:$APTIBLE_ENVIRONMENT/$APTIBLE_APP.git
- git push aptible $TRAVIS_COMMIT:masterFrom there, the procedure for a Dockerfile-based deployment remains the same!
Configuring SSH
To deploy to Aptible via GitLab CI, add your SSH Private Key via the GitLab CI dashboard with the following values:
- Key:
APTIBLE_GIT_SSH_KEY - Value: The base64-encoded contents of the SSH Private Key created in the previous step.
⚠️ Warning
The SSH private key added to the GitLab CI environment variable must be base64-encoded.
Configuring the Environment
You also need to set environment variables on your project with the name of your Aptible environment and app, in APTIBLE_ENVIRONMENT and APTIBLE_APP, respectively. You can add these to your project using project variables on the GitLab CI dashboard.
Configuring the Deployment
Finally, you must configure the GitLab CI pipeline to deploy your application to Aptible:
image: debian:latest
git_deploy_job:
only:
- gitlab-deploy
before_script:
- apt-get update && apt-get install -y git
# taken from: https://docs.gitlab.com/ee/ci/ssh_keys/
- 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )'
- eval $(ssh-agent -s)
# to save it, cat <<KEY>> | base64 and save that in secrets
- echo "$DEMO_APP_APTIBLE_GIT_SSH_KEY" | base64 -d | tr -d '
' | ssh-add -
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
script:
- |
ssh-keyscan beta.aptible.com >> ~/.ssh/known_hosts
git remote add aptible git@beta.aptible.com:$DEMO_APP_APTIBLE_ENVIRONMENT/$DEMO_APP_APTIBLE_APP.git
git push aptible $CI_COMMIT_SHA:masterLet’s break down how this works. We begin by defining when the deployment should run (when a push is made to the gitlab-deploy branch), and then we define the before_script that will configure SSH in our job environment:
# . . .
before_script:
- apt-get update && apt-get install -y git
# taken from: https://docs.gitlab.com/ee/ci/ssh_keys/
- 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )'
- eval $(ssh-agent -s)
- echo "$DEMO_APP_APTIBLE_GIT_SSH_KEY" | base64 -d | tr -d '
' | ssh-add -
- mkdir -p ~/.ssh
- chmod 700 ~/.sshFinally, our script block configures a new remote for our repository on Aptible’s platform, and pushes our branch to Aptible:
# Continued from above
script:
- |
ssh-keyscan beta.aptible.com >> ~/.ssh/known_hosts
git remote add aptible git@beta.aptible.com:$DEMO_APP_APTIBLE_ENVIRONMENT/$DEMO_APP_APTIBLE_APP.git
git push aptible $CI_COMMIT_SHA:masterFrom there, the procedure for a Dockerfile-based deployment remains the same!
Deploying with Docker
Prerequisites
To deploy to Aptible with a Docker image via a CI integration, you should create a robot user to manage your deployment:
- Create a
Robotscustom Aptible role in your Aptible organization. Grant it "Read" and "Manage" permissions for the environment where you would like to deploy. - Invite a new robot user with a valid email address (for example,
deploy@yourdomain.com) to theRobotsrole. - Sign out of your Aptible account, accept the invitation from the robot user's email address, and set a password for the robot's Aptible account.
Some of the below instructions and more information can also be found on the Github Marketplace page for the Deploy to Aptible Action.
Configuring the Environment
To deploy to Aptible via GitHub Actions, you must first create encrypted secrets for your repository with Docker registry and Aptible credentials:
DOCKERHUB_USERNAMEandDOCKERHUB_TOKEN- The credentials for your private Docker registry (in this case, DockerHub).
APTIBLE_USERNAMEandAPTIBLE_PASSWORD- The credentials for the robot account created to deploy to Aptible.
Configuring the Workflow
Additionally, you will need to set some environment variables within the GitHub Actions workflow:
IMAGE_NAME- The Docker image you wish to deploy from your Docker registry.
APTIBLE_ENVIRONMENT- The name of the Aptible environment acting as the target for this deployment.
APTIBLE_APP- The name of the app within the Aptible environment we are deploying with this workflow.
Configuring the Workflow
Finally, you must configure the workflow to deploy your application to Aptible:
on:
push:
branches: [ main ]
env:
IMAGE_NAME: user/app:latest
APTIBLE_ENVIRONMENT: "my_environment"
APTIBLE_APP: "my_app"
jobs:
deploy:
runs-on: ubuntu-latest
# Allow multi platform builds.
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
# Allow use of secrets and other advanced docker features.
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
# Log into Docker Hub
- name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
# Build image using default dockerfile.
- name: Build and push
uses: docker/build-push-action@v3
with:
push: true
tags: ${{ env.IMAGE_NAME }}
- name: Deploy to Aptible
uses: aptible/aptible-deploy-action@v1
with:
username: ${{ secrets.APTIBLE_USERNAME }}
password: ${{ secrets.APTIBLE_PASSWORD }}
environment: ${{ env.APTIBLE_ENVIRONMENT }}
app: ${{ env.APTIBLE_APP }}
docker_img: ${{ env.IMAGE_NAME }}
private_registry_username: ${{ secrets.DOCKERHUB_USERNAME }}
private_registry_password: ${{ secrets.DOCKERHUB_TOKEN }}From there, you can review our resources for Direct Docker Image Deployments!
Configuring the Environment
You also need to set environment variables on your project with the name of your Aptible environment and app, in APTIBLE_ENVIRONMENT and APTIBLE_APP, respectively. You can add these to your project using environment variables on the Travis CI dashboard.
To define how the Docker image is built and deployed, you’ll need to set a few additional variables:
APTIBLE_USERNAMEandAPTIBLE_PASSWORD- The credentials for the robot account created to deploy to Aptible.
APTIBLE_DOCKER_IMAGE- The name of the Docker image you wish to deploy to Aptible.
If you are using a private registry to store your Docker image, you also need to specify credentials to be passed to Aptible:
APTIBLE_PRIVATE_REGISTRY_USERNAME- The username of the account that can access the private registry containing the Docker image.
APTIBLE_PRIVATE_REGISTRY_PASSWORD- The password of the account that can access the private registry containing the Docker image.
Configuring the Deployment
Finally, you must configure the workflow to deploy your application to Aptible:
language: generic
sudo: true
services:
- docker
jobs:
include:
- stage: build-and-test
script: |
make build
make test
- stage: push
if: branch = main
script: |
# login to your registry
docker login \
-u $APTIBLE_PRIVATE_REGISTRY_EMAIL \
-p $APTIBLE_PRIVATE_REGISTRY_PASSWORD
# push your docker image to your registry
make push
# download the latest aptible cli and install it
wget https://omnibus-aptible-toolbelt.s3.amazonaws.com/aptible/omnibus-aptible-toolbelt/latest/aptible-toolbelt_latest_debian-9_amd64.deb && \
dpkg -i ./aptible-toolbelt_latest_debian-9_amd64.deb && \
rm ./aptible-toolbelt_latest_debian-9_amd64.deb
# login and deploy your app
aptible login \
--email "$APTIBLE_USERNAME" \
--password "$APTIBLE_PASSWORD"
aptible deploy \
--environment "$APTIBLE_ENVIRONMENT" \
--app "$APTIBLE_APP"Let’s break down how this works. The script for the build-and-test stage does what it says on the label: It builds our Docker image as runs tests on it, as we’ve defined in a Makefile.
Then, script from the push stage pushes our image to the Docker registry:
# login to your registry
docker login \
-u $APTIBLE_PRIVATE_REGISTRY_EMAIL \
-p $APTIBLE_PRIVATE_REGISTRY_PASSWORD
# push your docker image to your registry
make pushFinally, it installs the Aptible CLI in the Travis CI build environment, logs in to Aptible, and deploys your Docker image to the specified envrionment and app:
# download the latest aptible cli and install it
wget https://omnibus-aptible-toolbelt.s3.amazonaws.com/aptible/omnibus-aptible-toolbelt/aptible-toolbelt-latest_amd64.deb && \
dpkg -i ./aptible-toolbelt-latest_amd64.deb && \
rm ./aptible-toolbelt-latest_amd64.deb
# login and deploy your app
aptible login \
--email "$APTIBLE_USERNAME" \
--password "$APTIBLE_PASSWORD"
aptible deploy \
--environment "$APTIBLE_ENVIRONMENT" \
--app "$APTIBLE_APP"From there, you can review our resources for Direct Docker Image Deployments!
How to deploy to Aptible with CI/CD
