DEV Community

Cover image for Deploying to GitHub Pages without extra dependencies
Denis
Denis

Posted on

Deploying to GitHub Pages without extra dependencies

There are a lot of articles already describing how to deploy you static website to GitHub Pages from GitHub Actions. Almost all of them suggest to use 3rd party Actions available on marketplace.

Some of them are extremely popular, like this one.
Some less, but still doing their job as you expect from them.

And long story short, you can just use them, it's pretty convenient to delegate this logic to something and avoid maintenance effort. However, you need to understand that it's a security implication and you pass your secret token of the repository to 3rd party code. Which in theory can contain some sneaky bug or even be malformed. Yeah, they're open source and you can check the code and validate it yourself, but.. would you?

I still don't get why GitHub doesn't provide out-of-the-box functionality to connect 2 of their services together, and why you need to look for extra packages rather than use some built-in feature, like in Travis..

On the other hand, deploying to GitHub Actions is pretty straightforward: you just need to push desired files to some branch in your repo, and that's basically it. Why to complicate things then and use untrusted javascript code for simply invoking git commit && git push? That's a fair question.

One of awesome GitHub Action features is that you can access your secret token without any extra effort. So you basically don't have to deal with git authentication in any way.

Combining this together, here's a snippet of a pipeline you can use to deploy static files from your repo to GitHub Pages:

It's simple, customisable, and most importantly, doesn't leak your secrets to anywhere.

Hope it helps!

Top comments (0)