By johnwook
I just set CD on DO k8s with github actions.
When I deploy to DO k8s, I get authentication to DO k8s with my API token, which looks like
doctl auth init -t ${{ secrets.DO_TOKEN}}
Although it works like a charm. Everytime I make a deployment, I can see my API token generating in the API token page(cloud.digitalocean.com/account/api/tokens), which means If there would 10 deployments a day, I would got 20 tokens a day.
Is it fine? or am I doing something wrong?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hello @johnwook
I might be wrong here because I’m not too familiar with GitHub actions. I think you should be able to add the secret in GitHub GUI as environment variable securely then reuse it in all the deployments.
We have a blog post which might help you in setting it up:
https://www.digitalocean.com/blog/how-to-deploy-to-digitalocean-kubernetes-with-github-actions/
Cheers,
Dikshith
Let me know if you’d like more detail, but I believe what I did was:
- Create a service account in my K8s cluster with exactly the permissions I wanted it to have (update deployments for example).
- Use that service account’s token for the GitHub action secret
That way you don’t have to give GitHub actions your global DO credentials.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.