Zero-downtime deployments with GitHub Actions
Spin is compatible with any CI/CD that can build Docker images and run SSH commands on a remote server. In this guide, we cover the tools available to help make your deployments through GitHub Actions easier.
Important concepts
Zero-downtime deployments highly depend on your configuration with Docker. For a zero-downtime deployment to work, there are many things that need to align in order for this to happen:
- A properly configured reverse proxy (like Traefik) and/or load balancer must be configured
- This reverse proxy or load balancer must be able to access your container via the Docker Swarm Service
- Container health checks must be implemented
- Health checks must have an accurate definition of "healthy"
- Services must gracefully shut down
- Container update configurations must be properly set for Docker Swarm
- A CI/CD runner must be configured to build a container, upload it to a registry, and have SSH access to trigger a deployment procedure
Spin's official templates provide containers that are ready for zero-downtime deployments out of the box.
Spin's GitHub Actions
We provide GitHub Actions that are designed to work with Spin's structure for deployments.
- serversideup/docker-build-action - A simplified syntax to build and publish your Docker images with GitHub Actions.
- serversideup/docker-swarm-deploy-github-action - A simplified syntax to deploy to Docker Swarm Mode via GitHub Actions.
Each GitHub Action has it's own documentation on how you can implement it into your workflow.
Security Considerations
Be aware that you're taking a sensitive deployment key, putting that into GitHub actions, and allowing SSH connections from anywhere to connect to your production server. If you want to further harden your server, you may consider:
- Deploying your own Self-hosted GitHub Runner
- Locking down SSH access to your server from specific IP addresses