Setting Up Automatic Github Deployment in cPanel

Required Information

You will need to have a few things pulled up for the following steps:

The WHM — NOT Root WHM — account dashboard pulled up for the user
The main Github repository page for the project.
Your project directory (either in the IDE or filesystem).

Additionally, you will have had to enabled SSH access when preparing the cPanel server environment.

Enabling Server → Github SSH Communication

In order to get cPanel to talk to private Github repositories, we need to register SSH keys and update ~/.ssh/config with a custom configuration specific to this repository. This is a process with a few gotchas, and so we provide an easy to run shell script.

Under the account’s cPanel Dashboard, click on Terminal.

Run the following command to initiate the guided configurator:

wget -q https://integratedwebworks.com/scripts/git-ssh-setup.sh -O - | sh

When it asks for your Github repository URL, you will want to paste the HTTPS browser URL of your repository's main page (example: https://github.com/integratedwebworks/skeleton-website-framework)
The script will generate several values that you will need to register on your repository:
- GITHUB DEPLOYMENT KEY needs to be registered under your repository Settings → Deploy keys. It does NOT require write access.
- Several REPOSITORY SECRET keys will be listed afterward. You need to register these under your repository Settings -Secrets and variables -Actions. Be sure to match the key label exactly (example: SSH_PORT)

Adding the Github Workflow To Your Project

We will need to create a workflow file that Github can parse for automation tasks. It will leverage the repository secrets we used in the previous step. This example includes a success and failure notification for slack, and will automatically attempt to deploy over SSH anytime the main branch receives updates.

Open your local project and create the file .github/workflows/ssh-deploy.yml
Paste the contents of the example below into the file and commit it to you repository (make sure that the script listed in the deploy job does everything your project requires):

ssh-deploy.yml

on:
  workflow_dispatch: # allows you to run the workflow manually
  push:
    branches:
      - main
name: SSH Deployment

jobs:
  deploy:
    name: 🎉 Deploy website via SSH
    runs-on: ubuntu-latest
    steps:
      - name: run ssh commands
        uses: appleboy/ssh-action@v1.0.3
        with:
          host: ${{ secrets.SSH_HOST }}
          username: ${{ secrets.SSH_USERNAME }}
          key: ${{ secrets.SSH_PRIVATE_KEY }}
          port: ${{ secrets.SSH_PORT }}
          script: |
            `# setup repository paths`
            export CLONE_URL=${{ secrets.SSH_REPOSITORY }};
            export REPOSITORY_PATH="$HOME/repositories/${{ github.repository_owner }}-${{ github.event.repository.name }}";
            export TARGET_PATH="$HOME/@symfony"; mkdir -p $TARGET_PATH;

            `# clone or update repository`
            if [ ! -d $REPOSITORY_PATH ]; then git clone $CLONE_URL $REPOSITORY_PATH; else cd $REPOSITORY_PATH && git pull; fi;

            `# checkout the correct branch`
            cd $REPOSITORY_PATH && git checkout main;

            `# copy website files from the repository`
            cp -r $REPOSITORY_PATH/* $TARGET_PATH -f;

            `# install dependencies with composer`
            cd $TARGET_PATH && export APP_ENV=prod APP_DEBUG=0 && composer install --no-dev --optimize-autoloader

            `# generate the database if it isnt already`
            php bin/console doctrine:database:create --if-not-exists

            `# generate the jwt keys`
            php bin/console lexik:jwt:generate-keypair

            `# synchronize codebase to database & clear caches`
            php bin/console app:sync
            php bin/console cache:clear

  slackNotificationSuccess:
    # https://github.com/marketplace/actions/slack-notify
    name: Slack Notification (Success)
    needs: [deploy]
    if: success()
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Slack Notification
        uses: rtCamp/action-slack-notify@v2
        env:
          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
          SLACK_COLOR: '#00ff00'
          SLACK_ICON: https://integratedwebworks.com/bundle/favicons/main/favicon-48x48.png?v=4650a00f7557adecae8d99c191eb04c0
          SLACK_USERNAME: 'DevOps Winston / Automation'
          SLACK_TITLE: 🚀 ${{ github.repository }}

  slackNotificationFailure:
    # https://github.com/marketplace/actions/slack-notify
    name: Slack Notification (Failure)
    needs: [deploy]
    if: failure()
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Slack Notification
        uses: rtCamp/action-slack-notify@v2
        env:
          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
          SLACK_COLOR: '#ff0000'
          SLACK_ICON: https://integratedwebworks.com/bundle/favicons/main/favicon-48x48.png?v=4650a00f7557adecae8d99c191eb04c0
          SLACK_USERNAME: 'DevOps Winston / Automation'
          SLACK_TITLE: ❌ ${{ github.repository }}

🚀 Done!

Anytime your main branch receives an update through commit, pull request, or otherwise, Github will now log into your cPanel server over SSH and deploy the changes.

You can diagnose issues with your automations by viewing them on your Github repository under the Actions tab.

Happy product launch!