COMPOSER_AUTH: JSON Composer auth for October Gateway- Registry username/password or cloud registry token
- Production SSH/deploy token, if deploy is triggered from CI
Example COMPOSER_AUTH value:
{"http-basic":{"gateway.octobercms.com":{"username":"account@example.com","password":"october-license-key"}}}For the single-server flow used by this kit, see Bitbucket Pipelines Deployment. It deploys over SSH, builds images on the server and sends Telegram notifications.
For the same single-server SSH flow in GitLab, see GitLab CI/CD Deployment. Copy gitlab-ci.example.yml to .gitlab-ci.yml, configure protected CI/CD variables and let GitLab connect to the server over SSH.
name: Build production images
on:
push:
branches:
- main
jobs:
build:
runs-on: ubuntu-latest
env:
IMAGE_TAG: ${{ github.sha }}
APP_IMAGE: ghcr.io/example/october-app
NGINX_IMAGE: ghcr.io/example/october-nginx
steps:
- uses: actions/checkout@v4
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: docker/setup-buildx-action@v3
- name: Build app image
run: |
docker build \
--secret id=composer_auth,env=COMPOSER_AUTH \
--target app \
-t "$APP_IMAGE:$IMAGE_TAG" .
env:
COMPOSER_AUTH: ${{ secrets.COMPOSER_AUTH }}
- name: Build nginx image
run: |
docker build \
--target nginx \
-t "$NGINX_IMAGE:$IMAGE_TAG" .
- name: Push images
run: |
docker push "$APP_IMAGE:$IMAGE_TAG"
docker push "$NGINX_IMAGE:$IMAGE_TAG"- Build
appimage. - Build
nginximage from the same source revision. - Push both images.
- Pull on the server.
- Run
./scripts/deploy.shon the server.
The helper script runs october:migrate --force explicitly, signals queue and scheduler workers, then updates containers. On a single VPS, CI can pass DEPLOY_BLUE_GREEN_ENABLED=1 after Caddy is configured to serve normal traffic from 127.0.0.1:8080 and use 127.0.0.1:8081 only as a handle_errors fallback; this starts and smoke-checks the secondary web stack before the primary stack is recreated.