Skip to content

Deploying your application

You're now in a team, you've got access to the clusters, and now you're finally ready to deploy your application. This page describes the steps involved to deploy your application.

Deployment

Deployment is handled through NAIS Deploy.

You will need an API key that is associated with your team in order to authenticate with the deployment API.

This key is available for your tenant at https://deploy.<tenant-name>.cloud.nais.io

GitHub Actions

Performing a deploy can be done with our Github Action:

Example
...
jobs:
  build:
    ...
  deploy:
    name: Deploy to naas
    needs: build
    if: github.ref == 'refs/heads/main'
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - uses: nais/deploy/actions/deploy@v1
      env:
        DEPLOY_SERVER: deploy.<your tenant name>.cloud.nais.io:443
        APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }}
        CLUSTER: ${{ env.cluster }}
        RESOURCE: nais.yaml
        VARS: vars.json
        VAR: image=${{ env.image-with-tag }}

where ${{ secrets.NAIS_DEPLOY_APIKEY }} is the deploy API key belonging to your team, stored as a secret in your GitHub repository.

CLI

If you want to deploy using another CI platform or from your own device:

Example
docker run -it --rm -v $(pwd):/nais /navikt/deployment:v1 \
  /app/deploy \
    --apikey="$NAIS_DEPLOY_APIKEY" \
    --deploy-server="deploy.<your tenant name>.cloud.nais.io:443" \
    --cluster="$CLUSTER" \
    --owner="$OWNER" \
    --repository="$REPOSITORY" \
    --resource="/nais/path/to/nais.yaml" \
    --vars="/nais/path/to/vars.json" \
    --wait=true \
    ;

Complete Github Actions workflow example

Below is an example GitHub Action workflow that:

  • Authenticates itself to your organization's own Artifact Registry
  • Builds a Docker image
  • Pushes the Docker image to the Artifact Registry
  • Deploys the application to your clusters

Example

name: Build and deploy image
on:
  push:
    - main

env:
  REGISTRY: europe-north1-docker.pkg.dev/<your management project>/nais-repository
  NAME: ${{ github.repository }}
  TEAM: <your team identifier/slug>

jobs:
  build_and_push:
    permissions:
      contents: "read"
      id-token: "write"
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - id: "auth"
        name: "Authenticate to Google Cloud"
        uses: "google-github-actions/auth@v0.6.0"
        with:
          workload_identity_provider: "projects/<your org ID>/locations/global/workloadIdentityPools/<your tenant name>-identity-pool/providers/github-oidc-provider"
          service_account: "gh-<your tenant name>@<your management project>.iam.gserviceaccount.com"
          token_format: "access_token"
      - name: Set up Docker Buildx
        id: buildx
        uses: docker/setup-buildx-action@v1
      - name: Login to registry
        uses: docker/login-action@v1
        with:
          registry: ${{ env.REGISTRY }}
          username: "oauth2accesstoken"
          password: "${{ steps.auth.outputs.access_token }}"
      - name: Docker meta
        id: metadata
        uses: docker/metadata-action@v3
        with:
          images: ${{ env.REGISTRY }}/${{ env.NAME }}
          # Docker tags based on the following events/attributes
          tags: |
            type=schedule
            type=ref,event=branch
            type=ref,event=pr
            type=semver,pattern=v{{version}}
            type=semver,pattern=v{{major}}.{{minor}}
            type=semver,pattern=v{{major}}
            type=sha
            type=sha,format=long
      - name: Build and push
        uses: docker/build-push-action@v2
        with:
          context: .
          file: Dockerfile
          push: true
          tags: ${{ steps.metadata.outputs.tags }}
          labels: ${{ steps.metadata.outputs.labels }}
          cache-from: type=gha
          cache-to: type=gha,mode=max
  deploy:
    name: Deploy to naas
    needs: build_and_push
    if: github.ref == 'refs/heads/main'
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - uses: nais/deploy/actions/deploy@v1
      env:
        DEPLOY_SERVER: deploy.<your tenant name>.cloud.nais.io:443
        APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }}
        CLUSTER: <your cluster here>
        RESOURCE: ./nais.yaml
        VAR: IMAGE=${{ env.REGISTRY }}/${{ env.NAME }}:${{ github.sha }}

Last update: November 29, 2023
Created: November 29, 2023