I need manual approvers for GitHub Actions!!!! And I got them now :)
I love GitHub Actions, but holy moly, I really want manual approvers before I deploy into an environment!!!! My typical workflow would send my pull request to a dynamically provisioned PR specific staging environment and then to > test> staging > production. And I totally need manual approvers between environments!
Well, guess what. THEY’RE HERE!!!!!
GitHub Announces Deployment Features (Beta)
Yup, you heard it. GitHub just announced deployment features. You now get:
- Pipeline Visualization
- Required reviewers (manual approvers)
- Wait time before deployments start
- Environment specific secrets
How Do I Do This?
First, make sure you are part of the public beta (starting Dec 15th). Once in, go to your settings, and you’ll see a new
Environments tab. Go ahead and click on
For my sample/demo, I entered in the name of my environment
abelNodeDemoAppEnv.prod and then clicked
Next, I added required reviewers (manual approvers) to this environment by clicking the
Required reviewers checkbox and added both myself as a reviewer as well as my
approverteam (you can add a list of people and/or teams). Once done, don’t forget to click
Save protection rules.
Now I’m ready to edit my YAML. In my workflow definition, I have a job named
provisionProd where I provision the resources I need in Azure using ARM templates. After the provisionProd job, I have another job that deploys my app into the freshly provisioned environment (if it has already been provisioned and nothing has changed, this will result in a no-op).
I want manual approvers before I provision my prod environment so this is what my YAML now looks like:
provisionProd: name: Provision Prod runs-on: ubuntu-latest needs: functionalTestsStaging environment: name: abelNodeDemoAppEnv.prod url: https://abel-node-gh-accelerator.azurewebsites.net steps: # Checkout - name: Checkout uses: actions/checkout@v1 ...
Notice the lines
environment: name: abelNodeDemoAppEnv.prod url: https://abel-node-gh-accelerator.azurewebsites.net
Under environment, the name needs to match the environment that I created earlier (if it doesn’t match, Actions will automatically create the environment for you so watch your typing) and url is the url to my production app.
Now, when the workflow runs we get some super cool workflow visualization!
In parallel, I’m building my app and provisioning a personal staging environment. Then I’m deploying my app to my personal staging environment. And then I run a bunch of functional/automated UI tests against my personal staging environment.
And here, the workflow pauses. Before going on and provisioning my production environment in Azure, it waits for a manual approver. This is because we added the protection rule of having required reviewers for this environment.
Clicking on Review deployments brings up the
Review pending deployments dialog. Check the box to approve and I’ll also leave a comment. Now click
Approve and deploy
After the approval, the workflow picks back up, provisions/configures my production environment in Azure, deploys my app into prod and then runs functional tests against my prod environment!
I’ve been waiting for this and I’m super excited these deployment features have now made it to GitHub Actions. Approvals/environment protection is super necessary, specially in my bigger projects!
Check out the new beta deployment features! Play with them and let me know what you all think.