Repository files navigation

name:'GitHub Action code snippet'on:pull_request:push:branches:      -'*'jobs:run-example-deployment:runs-on:ubuntu-22.04steps:      -uses:actions/checkout@v3      -uses:UnlyEd/github-action-deploy-on-vercel@latestwith:command:"vercel examples/static-deployment --confirm --debug --token ${{ secrets.VERCEL_TOKEN }}"env:VERCEL_TOKEN:${{ secrets.VERCEL_TOKEN }}      -run:"echo\"Found deployment url: ${{ env.VERCEL_DEPLOYMENT_URL }}\""

Source

You can use this action to deploy a Vercel project online through a GitHub action.

The action will return the url of the Vercel deployment(and store it as environment variable, too), it will also apply domain aliases if there are any configured in the Vercel config file (vercel.config by default).

This action works quite differently compared tovercel-action.

TL;DR:vercel-action is great if you don't need a lot of flexibility over thevercel deploy command.github-action-deploy-on-vercel is great if you need to run a custom command, such as anpm/yarn script.

vercel-action hides thevercel deploy command from you, and acts as a wrapper by providing its own API on top of it.

They simplify thevercel command by doing so. Unfortunately, they also reduce the flexibility available to the consumer (you).

In our case, we are dealing with multiple customers (B2B) which areall sharing the same code base.Thevercel-action was too limited and would have complicated our setup, because it requires additional information such asproject_id/org_id.

For most project, we believe usingvercel-action is enough, and we encourage you to use it, if you don't need to run a specialvercel deploy command.

You want to run a custom command that (amongst other things) performs a Vercel deployment and returns the URL of the Vercel deployment.

The URL of the deployment is often necessary to run follow-up actions, such as:

• Running End-to-End tests on the deployed site
• Running LightHouse tests on the deployed site
• Etc.

The below variables are available as outputs, but are alsoinjected as environment variables automatically.

• VERCEL_DEPLOYMENT_URL: Full Vercel deployment url (parsed from the deployment logs), e.g:https://xxx.vercel.app
• VERCEL_DEPLOYMENT_DOMAIN: Url without the protocol declaration, e.g:xxx.vercel.app
• VERCEL_ALIASES_ERROR:(optional) Vercel errors during domain aliasing
• VERCEL_ALIASES_CREATED: List of aliases created successfully, as a string separated by, for each alias
• VERCEL_ALIASES_CREATED_COUNT: Number of created aliases
• VERCEL_ALIASES_CREATED_FULL: List of aliases created successfully, as a JSON array containing the Vercel's response
• VERCEL_ALIASES_CREATED_URLS_MD: List of aliases created successfully, as a Markdown string separated by, for each alias
• VERCEL_ALIASES_FAILED_COUNT: Number of aliases that failed to be created
• VERCEL_ALIASES_FAILED_FULL: List of aliases that failed, as a JSON array containing the Vercel's response

Hint: You can use${{ env.VERCEL_DEPLOYMENT_URL }} in you GitHub Action to read the deployment URL, after the action has run.

name:'GitHub Action deploy example'on:pull_request:push:branches:      -'*'jobs:run-example-deployment:runs-on:ubuntu-22.04steps:      -uses:actions/checkout@v3# Extracts GitHub metadata (branch name, etc.)      -name:Expose GitHub slug/short variables# See https://github.com/rlespinasse/github-slug-action#exposed-github-environment-variablesuses:rlespinasse/github-slug-action@v3.x# See https://github.com/rlespinasse/github-slug-action      -uses:./with:# Deploys examples/static-deploymentcommand:"yarn deploy:example --token ${{ secrets.VERCEL_TOKEN }}"applyDomainAliases:truefailIfAliasNotLinked:false# Uses dynamically resolved additional aliases (e.g: one based on the current branch's name)# Uses alias that's longer than 63 chars to check if it gets shortened, because of RFC 1035 - See https://vercel.com/support/articles/why-is-my-vercel-deployment-url-being-shortened?query=url%20length#rfc-1035#  github-action-deploy-on-vercel-example-extra-alias-test-limit-alias-length.vercel.app > github-action-deploy-on-vercel-example-extra-alias-test-limit-a.vercel.app (shortened)# TODO Don't always use GITHUB_REF_SLUG (push) but GITHUB_HEAD_REF_SLUG when event is pull_request - See https://github.com/rlespinasse/github-slug-action/issues/71extraAliases:>-            github-action-deploy-on-vercel-example-${{ env.GITHUB_REF_SLUG }}.vercel.appenv:VERCEL_TOKEN:${{ secrets.VERCEL_TOKEN }}      -run:"echo\"Found deployment url: ${{ env.VERCEL_DEPLOYMENT_URL }}\""      -run:"echo\"Created ${{ env.VERCEL_ALIASES_CREATED_COUNT }} aliases\""      -run:"echo\"Created aliases: ${{ env.VERCEL_ALIASES_CREATED }}\""      -run:"echo\"Created aliases (full): ${{ env.VERCEL_ALIASES_CREATED_FULL }}\""      -run:"echo\"Alias markdown generated: ${{ env.VERCEL_ALIASES_CREATED_URLS_MD }}\""      -run:"echo\"Failed ${{ env.VERCEL_ALIASES_FAILED_COUNT }} aliases\""      -run:"echo\"Failed aliases (full): ${{ env.VERCEL_ALIASES_FAILED_FULL }}\""

Here are a few community-powered examples, those are usually advanced use-cases!

• Next Right Now(Disclosure: We're the author!)
  • PR - "Using this action helped us reduce a lot ofbash code which was hardly testable." -Next Right Now core contributors

Learn how to enable logging, from within thegithub-action-store-variable action.

Our GitHub Action is written using the GitHub Actionsnativecore.debug API.

Therefore, it allows you to enable logging whenever you need to debugwhat's happening within our action.

To enable debug mode, you have to set aGitHub Secret, such as:

• ACTIONS_STEP_DEBUG of valuetrue

Please seethe official documentation for more information.

Enabling debugging usingACTIONS_STEP_DEBUG will also enable debugging for all other GitHub Actions you use that are using thecore.debug API.

We gladly accept PRs, but please open an issue first, so we can discuss it beforehand.

Changelog

We follow Semantic Versioning. (major.minor.patch)

Our versioning process is completely automated, any changes landing on themain branch will trigger a newrelease.

• MAJOR: Behavioral change of the existing API that would result in a breaking change.
  • E.g: Removing an input, or changing the output would result in a breaking change and thus would be released as a new MAJOR version.
• Minor: Behavioral change of the existing API that wouldnot result in a breaking change.
  • E.g: Adding an optional input would result in a non-breaking change and thus would be released as a new Minor version.
• Patch: Any other change.
  • E.g: Documentation, tests, refactoring, bug fix, etc.

The examples above use an auto-updated major version tag (@v1).It is also possible to use the@latest tag. (RC stands for "Release candidate", which is similar to a Beta version)

While those options can be useful, we intend to give some "production-grade" best practices.

• Do NOT use@latest for production, ever. While only "supposed-to-be-stable" versions will be taggedas@latest, it could harbor bugs nonetheless.
• You can use auto-upgrading major version, such as@v1 or@v1.2, but this is not always the best practice, see ourexplanations below.

Here are a few useful options you can use to pin a more-or-less specific version of our GitHub Action, alongside some "production-grade" best practices.

• @{COMMIT-SHA}, e.g:@1271dc3fc4c4c8bc62ba5a4e248dac95cb82d0e3, recommended for all production-grade apps, it's theonly truly safe way to pinpoint a version that cannot change against your will (SAFEST)
• @{MAJOR}-{MINOR}-{PATCH}, e.g:@v1.2.31, while not as safe as theCOMMIT-SHA way, it's what most people use (SAFER)
• @{MAJOR}, e.g:@v1, can be used on production, but we do not advise to do so (SAFE-ISH)
• @{MAJOR}-rc, e.g:@v1-rc,reserved for development mode, useful when debugging on a specific prereleaseversion (UNSAFE)
• @{MAJOR}.{MINOR}, e.g:@v1.2, can be used on production, but we do not advise to do so (SAFE-ISH)
• @{MAJOR}.{MINOR}-rc, e.g:@v1.2-rc,reserved for development mode, useful when debugging on a specificprereleaseversion (UNSAFE)
• @latest,reserved for development mode, useful when debugging (UNSAFE)

"But, what is the issue with the@{MAJOR}-{MINOR}-{PATCH} way to pin a specific version"?

Well, if this repository gets hacked by a 3rd party,they can easily change all Git tags to a different commit,which could contain malicious code.

That's whypinning a specific commit SHA is the only truly safe option. This way, the code you're usingcannot bechanged against your will.

Most people won't care about this and will use a MAJOR version tag instead anyway, such as@v1. It's common, but notoften the best practice.

It all comes down to the risks you're ready to take, and it's up to you to decide what's best in your situation.

MIT

See our policy.

This project is being authored by:

• [Unly] Ambroise Dhenain (Vadorequest)(active)
• Hugo Martin (Demmonius)(active)

Unly is a socially responsible company, fighting inequality and facilitating access to higher education.Unly is committed to making education more inclusive, through responsible funding for students.

We provide technological solutions to help students find the necessary funding for their studies.

We proudly participate in many TechForGood initiatives. To support and learn more about our actions to make education accessible, visit :

• https://twitter.com/UnlyEd
• https://www.facebook.com/UnlyEd/
• https://www.linkedin.com/company/unly
• Interested to work with us?

Tech tips and tricks from our CTO on ourMedium page!