- I have the following servers: Ubuntu v22.04.1 (Linux) with LEMP (PHP v5.6 (I know it is old, but the legacy app requires it), MySQL v8.0.36, and Nginx).
- I also have a private GitHub repo with the app code I want to put on my Ubuntu server.
- I want to use Github Actions to connect to the Ubuntu server using SSH and to use SSH to connect to the private repo and pull the code every time the main branch acquires a push.
This is the code in my .yaml file that GitHub Actions uses to connect to the Ubuntu server and supposedly pull the GitHub repo code (this is the part I am struggling with).
# Workflow to deploy code to the Ubuntu LEMP server every time there's a push to the main branch.name: Deploy to Ubuntu Server# Control when the actions happen.on: # Triggers the workflow on push or pull request events but only for the main branch. push: branches: [ main ] pull_request: branches: [ main ] # Allows you to run this workflow manually from the Actions tab. workflow_dispatch:# A workflow run is made up of one or more jobs that can run sequentially or in parallel.jobs: # This workflow contains a single job called "deploy". deploy: name: Deploy # The type of runner that the job will run on. runs-on: ubuntu-latest # Steps represent a sequence of tasks that will be executed as part of the job. steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it. - name: Checkout code uses: actions/checkout@v4 ## Deploy using SSH to server - name: Execute remote SSH commands and deploy uses: appleboy/ssh-action@master with: host: ${{ secrets.REMOTE_IP }} username: ${{ secrets.REMOTE_USER }} key: ${{ secrets.SSH_PRIVATE_KEY }} port: ${{ secrets.SSH_PORT }} script: | cd ${{ secrets.REMOTE_PATH }} && git init && git pull origin main git@github.com:<username>/<repo-name>.git && git pull origin main && php cli/migrate.php -v -d && php cli/migrate.php -v && rm -Rf shared/cache && ln -nfs shared/cache files && rm -Rf Capfile && rm -Rf config/deploy* && rm -Rf .gitignore && rm -Rf .git && rm -Rf README.md && php cli/update_revision.php && php cli/update_crontab.php && mkdir -p shared/certs && mkdir -p shared/files && mkdir -p shared/cache && touch shared/config.php && if [ -d shared/pids ]; then rmdir shared/pids; fi && if [ -d shared/system ]; then rmdir shared/system; fi && if (crontab -l | grep -q LEAF_PRODUCTION=1); then echo /dev/null; else { crontab -l; echo "LEAF_PRODUCTION=1"; } | crontab -; fi && if (grep -q LEAF_PRODUCTION=1 ~/.profile); then echo /dev/null; else echo "export LEAF_PRODUCTION=1" >> ~/.profile; fiThe issue is with this part of the code
git pull origin main git@github.com:<username>/<repo-name>.git &&I need to use two sets of SHH keys.
- One set to connect to the Ubuntu server (I have put the public key inside the server and the private key is stored as a GitHub Secret key) This part of the code works.
- Another to connect to the private GitHub repo and clone the code there (basically the opposite, the private key is on the server, but the public key is stored as the private GitHub repo Deploy key).
Connecting to the Ubuntu server works, but I do not understand how I am supposed to provide the code with the second set of SHH keys to connect and clone the GitHub repo. The way the code is written now, it only uses the first set of SHH keys to connect to the Ubuntu server.