Add GitHub Actions workflow for Dokku deployments by VinneyJ · Pull Request #3 · CodeForAfrica/VI

VinneyJ · 2026-04-20T11:53:33Z

Summary

replace the old EC2 SSH deployment workflow with a Dockerfile-based CI and Dokku deploy pipeline
validate the app image before deployment using Docker Buildx and a smoke import check
add automatic DEV deploys from main and a manual, environment-gated PROD deploy path

Notes

this PR only includes changes to .github/workflows/deploy.yml
dev and prod GitHub Environments should provide DOKKU_HOST, DOKKU_APP_NAME, and DOKKU_SSH_PRIVATE_KEY
PROD should use required reviewers in the prod environment if approval is desired

maquchizi · 2026-04-30T08:28:58Z

@@ -18,14 +19,13 @@
    SECRET_KEY = "(@lhxdh^3z1aea9xjny21q^0crno_h48*3!y7en!g#x(5^*zad"


I know this isn't part of the changes you've made but this whole block is unnecessarily convoluted. It could simply be:

SECRET_KEY = os.getenv('DJANGO_SECRET_KEY', '(@lhxdh^3z1aea9xjny21q^0crno_h48*3!y7en!g#x(5^*zad')

Perhaps we need a separate review of the codebase.

Also @hanna-tes Please confirm that this isn't the actual secret key used in prod.

Hi @maquchizi it is the actual secret key i hv it in env but i forgot to remove it here and just use the .getenv 🤭

Yeah pls do if u have some time kindly review the codebase @VinneyJ @maquchizi i really appreciate that it will help a lot.

Now that this key has been exposed, let's make sure that it is changed immediately.

…ions - Simplify SECRET_KEY to use os.getenv with empty string fallback - Replace manual image versioning with docker/metadata-action@v6 - Bump dokku/github-action from v1.9.0 to v1.10.0 - Update all GitHub Actions to latest major versions

VinneyJ added 8 commits April 20, 2026 14:52

Add GitHub Actions workflow for Dokku deploys

9527cba

Fix GitHub Actions disk exhaustion during validation

f60cd34

Deploy Dokku from Docker Hub image

28e28b8

Use a single Docker Hub to Dokku deployment flow

593a506

Enable deployment workflow test branch

215fe33

Build deployment image on ARM runner

9858faa

Allow deployment test from workflow PR branch

21a55c1

Set default Docker Hub image repository

cfe2f38

VinneyJ had a problem deploying to prod April 21, 2026 12:52 — with GitHub Actions Failure

VinneyJ had a problem deploying to prod April 21, 2026 12:56 — with GitHub Actions Failure

Add semantic version tags for Docker images

459d2c0

VinneyJ had a problem deploying to prod April 21, 2026 13:00 — with GitHub Actions Failure

VinneyJ had a problem deploying to prod April 21, 2026 13:04 — with GitHub Actions Failure

Load Dokku deploy key without ssh-agent

48045ea

VinneyJ had a problem deploying to prod April 21, 2026 13:12 — with GitHub Actions Failure

VinneyJ had a problem deploying to prod April 21, 2026 13:17 — with GitHub Actions Failure

Validate Dokku deploy key before SSH

a535b5f

VinneyJ had a problem deploying to prod April 21, 2026 13:29 — with GitHub Actions Failure

VinneyJ had a problem deploying to prod April 21, 2026 13:33 — with GitHub Actions Failure

VinneyJ had a problem deploying to prod April 21, 2026 13:52 — with GitHub Actions Failure

Use base64 encoded Dokku deploy key

583b81e

VinneyJ had a problem deploying to prod April 21, 2026 14:03 — with GitHub Actions Failure

VinneyJ had a problem deploying to prod April 21, 2026 14:08 — with GitHub Actions Failure

VinneyJ had a problem deploying to prod April 21, 2026 19:05 — with GitHub Actions Failure

Support base64 or multiline Dokku deploy key

333d118

VinneyJ had a problem deploying to prod April 21, 2026 19:35 — with GitHub Actions Failure

VinneyJ had a problem deploying to prod April 21, 2026 19:38 — with GitHub Actions Failure

Use Dokku action for ARM image deployment

e10170c

VinneyJ had a problem deploying to prod April 21, 2026 19:46 — with GitHub Actions Failure

Simplify Dokku image deploy workflow

d32b506

VinneyJ had a problem deploying to prod April 21, 2026 20:37 — with GitHub Actions Failure

VinneyJ temporarily deployed to prod April 22, 2026 18:44 — with GitHub Actions Inactive

Read runtime settings from environment

2ea126d

VinneyJ had a problem deploying to prod April 22, 2026 19:09 — with GitHub Actions Error

Fix Django template backend setting

5e0c835

VinneyJ had a problem deploying to prod April 22, 2026 19:10 — with GitHub Actions Failure

Add whitenoise runtime dependency

c87dd19

VinneyJ temporarily deployed to prod April 22, 2026 19:18 — with GitHub Actions Inactive

Use non-manifest static files storage

9884535

VinneyJ temporarily deployed to prod April 22, 2026 19:28 — with GitHub Actions Inactive

Collect static files in Docker image

e243bda

VinneyJ temporarily deployed to prod April 22, 2026 20:19 — with GitHub Actions Inactive

VinneyJ requested a review from a team April 24, 2026 08:57

maquchizi requested changes Apr 30, 2026

View reviewed changes

kilemensi reviewed Apr 30, 2026

View reviewed changes

Comment thread .github/workflows/deploy.yml Outdated

VinneyJ added 2 commits May 5, 2026 13:17

Remove redundant Python setup and compileall steps from workflow

47c6721

VinneyJ had a problem deploying to prod May 5, 2026 10:43 — with GitHub Actions Failure

Fix deploy_docker_image to pass single tag to Dokku

0b6eaa2

VinneyJ had a problem deploying to prod May 5, 2026 10:57 — with GitHub Actions Failure

Revert deploy_docker_image to use steps.meta.outputs.tags

06fda2b

VinneyJ had a problem deploying to prod May 5, 2026 11:02 — with GitHub Actions Failure

VinneyJ requested a review from maquchizi May 8, 2026 06:35

maquchizi approved these changes May 8, 2026

View reviewed changes

VinneyJ merged commit 608d983 into main May 8, 2026
1 check failed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add GitHub Actions workflow for Dokku deployments#3

Add GitHub Actions workflow for Dokku deployments#3
VinneyJ merged 24 commits into
mainfrom
chore/dokku-github-actions

VinneyJ commented Apr 20, 2026

Uh oh!

maquchizi Apr 30, 2026

Uh oh!

maquchizi Apr 30, 2026

Uh oh!

hanna-tes May 7, 2026

Uh oh!

hanna-tes May 7, 2026

Uh oh!

maquchizi May 7, 2026

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

		@@ -18,14 +19,13 @@
		SECRET_KEY = "(@lhxdh^3z1aea9xjny21q^0crno_h483!y7en!g#x(5^zad"

Conversation

VinneyJ commented Apr 20, 2026

Summary

Notes

Uh oh!

maquchizi Apr 30, 2026

Choose a reason for hiding this comment

Uh oh!

maquchizi Apr 30, 2026

Choose a reason for hiding this comment

Uh oh!

hanna-tes May 7, 2026

Choose a reason for hiding this comment

Uh oh!

hanna-tes May 7, 2026

Choose a reason for hiding this comment

Uh oh!

maquchizi May 7, 2026

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants