Deploying your application¶
You're now in a team, you've got access to the clusters, and now you're finally ready to deploy your application. This page describes the steps involved to deploy your application.
Deployment¶
Deployment is handled through NAIS Deploy.
You will need an API key that is associated with your team in order to authenticate with the deployment API.
This key is available for your tenant at https://deploy.<tenant-name>.cloud.nais.io
GitHub Actions¶
Performing a deploy can be done with our Github Action:
Example
...
jobs:
build:
...
deploy:
name: Deploy to naas
needs: build
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: nais/deploy/actions/deploy@v1
env:
DEPLOY_SERVER: deploy.<your tenant name>.cloud.nais.io:443
APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }}
CLUSTER: ${{ env.cluster }}
RESOURCE: nais.yaml
VARS: vars.json
VAR: image=${{ env.image-with-tag }}
where ${{ secrets.NAIS_DEPLOY_APIKEY }} is the deploy API key belonging to your team, stored as a secret in your GitHub repository.
CLI¶
If you want to deploy using another CI platform or from your own device:
Example
docker run -it --rm -v $(pwd):/nais /navikt/deployment:v1 \
/app/deploy \
--apikey="$NAIS_DEPLOY_APIKEY" \
--deploy-server="deploy.<your tenant name>.cloud.nais.io:443" \
--cluster="$CLUSTER" \
--owner="$OWNER" \
--repository="$REPOSITORY" \
--resource="/nais/path/to/nais.yaml" \
--vars="/nais/path/to/vars.json" \
--wait=true \
;
Complete Github Actions workflow example¶
Below is an example GitHub Action workflow that:
- Authenticates itself to your organization's own Artifact Registry
- Builds a Docker image
- Pushes the Docker image to the Artifact Registry
- Deploys the application to your clusters
Example
name: Build and deploy image
on:
push:
- main
env:
REGISTRY: europe-north1-docker.pkg.dev/<your management project>/nais-repository
NAME: ${{ github.repository }}
TEAM: <your team identifier/slug>
jobs:
build_and_push:
permissions:
contents: "read"
id-token: "write"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- id: "auth"
name: "Authenticate to Google Cloud"
uses: "google-github-actions/auth@v0.6.0"
with:
workload_identity_provider: "projects/<your org ID>/locations/global/workloadIdentityPools/<your tenant name>-identity-pool/providers/github-oidc-provider"
service_account: "gh-<your tenant name>@<your management project>.iam.gserviceaccount.com"
token_format: "access_token"
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
- name: Login to registry
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: "oauth2accesstoken"
password: "${{ steps.auth.outputs.access_token }}"
- name: Docker meta
id: metadata
uses: docker/metadata-action@v3
with:
images: ${{ env.REGISTRY }}/${{ env.NAME }}
# Docker tags based on the following events/attributes
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern=v{{version}}
type=semver,pattern=v{{major}}.{{minor}}
type=semver,pattern=v{{major}}
type=sha
type=sha,format=long
- name: Build and push
uses: docker/build-push-action@v2
with:
context: .
file: Dockerfile
push: true
tags: ${{ steps.metadata.outputs.tags }}
labels: ${{ steps.metadata.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
deploy:
name: Deploy to naas
needs: build_and_push
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: nais/deploy/actions/deploy@v1
env:
DEPLOY_SERVER: deploy.<your tenant name>.cloud.nais.io:443
APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }}
CLUSTER: <your cluster here>
RESOURCE: ./nais.yaml
VAR: IMAGE=${{ env.REGISTRY }}/${{ env.NAME }}:${{ github.sha }}
Last update:
March 13, 2023
Created: March 13, 2023
Created: March 13, 2023