DevOps
CI/CD with Altostra and GitHub Actions
Integrating your Altostra projects with GitHub Actions
Originally published on Altostra.
CI/CD and Altostra
Altostra CLI is built for CI/CD — it uploads your images to your repository and deploys them to any environments you need. However, one of the topmost requests we’ve been getting from our users so far is a way to integrate Altostra with their existing CI/CD infrastructure. Their main culprit was the need to manually authenticate with Altostra’s services.
With the API Keys feature, you can use an API key that frees you from the need to periodically authenticate with Altostra’s services — just add your API key to your CI/CD workflow, and you’re free to automatically deploy, push, sync, and invalidate while the API key handles the authentication.
In this post we’ll learn how to add a simple GitHub actions CI/CD flow to a basic Altostra API service project.
You can read more about the basic API project here, and read more about GitHub Actions here.
Using Altostra API Key with GitHub Actions
Getting the Altostra API Key
First of all, we’ll need to get an API key from Altostra.
Go to the Account Settings page in the Altostra Web Console
- Click “Create Token”
- Give your token a meaningful name so you’ll recognize it later
- Keep your token somewhere safe — this is the last time you’ll see this token!
Creating a GitHub Action workflow
In your project, at the project root, create a new file called altostra-ci.yaml, under .github/workflows/altostra-ci.yaml
Copy-paste the following code to the file:
This GitHub Action workflow basically tells GitHub to run the “Alto Push” job whenever someone pushes to the mainbranch.
Each time it will checkout the code, install dependencies, config the Altostra CLI, and use the Altostra API key to push the latest version to the Altostra repository.
Handling the secret API Key
Now to what is usually the tricky part — how to safely use your API key without jeopardizing it.
Usually in CI/CD frameworks you’d have to store your secrets either on a secure server or in some kind of vault (like AWS Secrets Manager). However, GitHub has its own secrets service that allows you to store secrets per organization/repository (you can read more about it here).
Go to your GitHub repository, and:
- Click on “Settings”
- Select “Secrets” from the left side menu
- Click “New Secret”
- Name your secret
ALTO_API_KEY - Paste your secret into the input field.
Your secret is not visible to anyone — it can only be updated or deleted.
Let’s try it out!
Now that we have the API Key safely stored and connected to the GitHub workflow code, all we need to do is push a commit to our main.
On your project repo on GitHub, go to the “Action” Tab — you should see your first Altostra powered CI process running!
Now you can go back to your terminal and list your images:
Turning the CI to CI/CD
The move from CI to CI/CD is not trivial — it usually requires some kind of canary testing, automated integration, and sanity tests. If you already have these in place, deploying your code to Production (or any other env) is as simple as adding the following line to your GitHub Actions configuration after the pushstep:
Let’s see it in action:
First, we’ll add a hello endpoint to our API Gateway and a function to return Hello, Github Actions on GET request, and push it to main.
Then, let’s make sure the GitHub Action has triggered appropriately:
Once the deployment has been initiated, we can see it on the Altostra web console:
Now that everything is up, we can test our new endpoint with a basic curl request:
Voila! We add a feature to our code, pushed to git, and had it deployed to our Production env on AWS automatically!
Wrapping up
Using the new Altostra’s API keys librates you to integrate your Altostra projects with any CI/CD framework you work with. What we’ve seen here is a simple example of utilizing GitHub Actions to create a basic CI/CD process, but it can also be integrated with many more testing and deployment tools — from Docker images to canary testing.
