Remming

Github Actions Are Cool

For some reason I kind of brushed off GitHub Actions when they were introduced and now I can’t feel but that I made a mistake. At least for simpler use cases they seem really easy to use, cheap, and fast to setup. All things I value greatly, both for personal and professional projects.

When I started to rewrite this website using Hugo I didn’t use a Git repository. I figured I would do the same as I do with all of my other personal notes. So I put them in my OneDrive. This wasn’t a mistake, nor did it cause any problems, but now that I actually wanted to start publishing frequent posts it started to feel sooooo cumbersome to write hugo deploy whenever I’ve made a change, not to mention that I must have AWS CLI tools installed and configured properly.

GitHub to the rescue! Thankfully private repositories are free nowadays and setting up the repository, committing, and pushing my changes took almost no time at all. Then all I needed to do to get the automatic builds working was to copy-paste a few lines of YAML from the internet, create a new AWS user that can invalidate the CloudFront cache and upload new files, and I was done.

The following day I realized that if I can make the GitHub action run automatically every day, I can publish new content automatically since Hugo is set to only build pages that have the publish date set in the past. Thankfully Actions supports cron schedules out-of-the-box, something I wish every CI system did. In total I think this took me less than 30 minutes to setup, debug, and test, and it’s yet to fail me. I now have high hopes for GitHub actions for more complicated use cases.

Below is the full YAML file for the GitHub Action and the JSON of the AWS policy—although I haven’t tested whether the ListBucket action is actually needed.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
name: Deploy to AWS with Hugo

on:
  schedule:
    - cron: "0 12 * * *"
  push:
    branches:
      - master

jobs:
  deploy:
    runs-on: ubuntu-18.04
    steps:
      - name: Checkout
        uses: actions/checkout@v2
        with:
          submodules: true  # Fetch Hugo themes (true OR recursive)
          fetch-depth: 0    # Fetch all history for .GitInfo and .Lastmod

      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: eu-west-1

      - name: Setup Hugo
        uses: peaceiris/actions-hugo@v2
        with:
          hugo-version: "0.72.0"

      - name: Hugo Build
        run: hugo --minify

      - name: Hugo Deploy
        run: hugo deploy --force --invalidateCDN
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "HugoDeploy",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:ListBucket",
                "cloudfront:CreateInvalidation"
            ],
            "Resource": [
                "arn:aws:cloudfront::<ACCOUNT NUMBER>:distribution/<DISTRIBUTION ID>",
                "arn:aws:s3:::<BUCKET NAME>",
                "arn:aws:s3:::*/*"
            ]
        }
    ]
}