Skip to content

Build and deploy with Github Actions

This how-to guide shows you how to build and deploy your application using Github Actions and the NAIS deploy action.

Prerequisites

Authorize your Github repository for deployment

  1. Open NAIS Console in your browser and select your team.
  2. Select the Repositories tab
  3. Input your repository (organization/repository) and press Add.

Create a Github workflow

Note

If you require a more advanced workflow, or already have one: copy the relevant parts from the example below.

.github/workflows/main.yml

name: Build and deploy
on:
  push:
    branches:
      - main
jobs:
  build_and_deploy:
    name: Build, push and deploy
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    steps:
      - uses: actions/checkout@v4
      - name: Build and push image and SBOM to OCI registry
        uses: nais/docker-build-push@v0
        id: docker-build-push
        with:
          team: <MY-TEAM> # Replace
          identity_provider: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }} # Provided as Organization Secret
          project_id: ${{ vars.NAIS_MANAGEMENT_PROJECT_ID }} # Provided as Organization Variable
      - name: Deploy to NAIS
        uses: nais/deploy/actions/deploy@v2
        env:
          CLUSTER: <MY-CLUSTER> # Replace
          RESOURCE: .nais/app.yaml #, topic.yaml, statefulset.yaml, etc.
          VAR: image=${{ steps.docker-build-push.outputs.image }}
          TELEMETRY: ${{ steps.docker-build-push.outputs.telemetry }}
          DEPLOY_SERVER: deploy.nav.cloud.nais.io:443 

This example workflow is a minimal example that builds, signs, and pushes your container image to the image registry. It then deploys the app.yaml, injecting the image tag from the previous step.

When this file is pushed to the main branch, the workflow will be triggered and you are all set.

Google Artifact Registry (GAR)

The nais/docker-build-push GitHub action builds and pushes images to the Google Artifact Registry (GAR).

This is a registry managed by NAIS and is the recommended way to store your container images for use in workloads on NAIS.

We keep the last 10 versions for each image regardless of age. Versions older than 90 days are automatically deleted.