This Github action allows you to open or close an specific port in your DigitalOcean firewall. It's really useful for deploy in your instances from Github Actions, as they don't provide a list of IPs to add to your security groups.
Instructions
- You need to generate a personal access token from your DigitalOcean Applications & API page.
- Copy that token, and paste in the secrets of your repo.
- Create or update a workflow, adding the file
.github/workflows/doorkeeper.yml(more info about how to use Github Actions).
############################
## prepare your artifacts ##
############################
- name: Doorkeeper open
uses: patoroco/doorkeeper@master
with:
digitaloceanToken: ${{ secrets.DO_TOKEN }}
firewallName: "name_of_the_firewall"
actionToDo: "add"
dryRun: false
############################
## deploy to DigitalOcean ##
############################
- name: Doorkeeper close
uses: patoroco/doorkeeper@master
with:
digitaloceanToken: ${{ secrets.DO_TOKEN }}
firewallName: "name_of_the_firewall"
actionToDo: "remove"
dryRun: false
To check that everything is working as expected, you have to push these changes to your repo, and a new build in the Actions tab should be starting.
My Workflow
I'm using this workflow to allow to deploy to my small 5$ instance in digitalocean (I'm using dokku as the PaaS).
It's really easy to push a new commit, and wait for the automatic release :)
Submission Category
DIY Deployments
Yaml File or Link to Code
This is a github action, and all the code is available in my repo: https://github.com/patoroco/doorkeeper/
Additional Resources / Info
Feel free to collaborate with issues / PRs :)
Top comments (2)
Wouldn't SSH be a more secure option?
The deploy is done pushing the code to git over SSH, indeed.
The issue is that the SSH port shouldn't be always open to the Internet (the ideal would be to have a list of IPs to open that port for, but Github Actions doesn't provide you that list).