Previously, we used GitHub Actions to configure automated deployment for Hugo. Today, I’ll mainly document how to set up deployment to Tencent Cloud via SSH using GitHub Actions.

Since wnote.com uses DNS-based intelligent routing—serving GitHub Pages for overseas users and a containerized environment on a Tencent Cloud host for users in mainland China—it’s necessary to integrate GitHub Actions with Tencent Cloud.

Configuring Secrets Here, we primarily configure the SSH-related credentials for Tencent Cloud:

github-action secrets

We configure the following secrets:

Adding Tencent Cloud Deployment to the Workflow Configuration File

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91

name: Deploy Hugo site to Pages

on:
  # Runs on pushes targeting the default branch
  push:
    branches: ["master"]

  # Allows you to run this workflow manually from the Actions tab
  workflow_dispatch:

# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
permissions:
  contents: read
  pages: write
  id-token: write

# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
concurrency:
  group: "pages"
  cancel-in-progress: false

# Default to bash
defaults:
  run:
    shell: bash

jobs:
  # Build job and Deploy hugo to pages
  build-deploy:
    runs-on: ubuntu-latest
    env:
      HUGO_VERSION: 0.121.0
    steps:
      - name: Install Hugo CLI
        run: |
          wget -O ${{ runner.temp }}/hugo.deb https://github.com/gohugoio/hugo/releases/download/v${HUGO_VERSION}/hugo_extended_${HUGO_VERSION}_linux-amd64.deb \
          && sudo dpkg -i ${{ runner.temp }}/hugo.deb          

      - name: Install Dart Sass
        run: sudo snap install dart-sass

      - name: Checkout
        uses: actions/checkout@v4
        with:
          submodules: recursive

      - name: Build with Hugo
        env:
          HUGO_CACHEDIR: ${{ runner.temp }}/hugo_cache
          HUGO_ENVIRONMENT: production
        run: |
          hugo \
            --minify \
            --baseURL "https://wnote.com/"
            #--baseURL "${{ steps.pages.outputs.base_url }}/"          

      - name: Upload artifact
        uses: actions/upload-pages-artifact@v3
        with:
          path: ./public
          
      - name: Deploy to GitHub Pages
        uses: peaceiris/actions-gh-pages@v4
        with:
          deploy_key: ${{ secrets.ACTIONS_DEPLOY_KEY }}
          external_repository: wzdushu/wzdushu.github.io
          publish_dir: ./public
          publish_branch: master
          cname: wnote.com
          commit_message: ${{ github.event.head_commit.message }}

      - name: Deploy to Tencent Cloud
        uses: easingthemes/ssh-deploy@v5.1.0
        with:
          SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
          ARGS: "-avzr --delete"
          SSH_CMD_ARGS: "-o StrictHostKeyChecking=no"
          SOURCE: "public/"
          REMOTE_HOST: ${{ secrets.TENCENT_REMOTE_HOST }}
          REMOTE_PORT: ${{ secrets.TENCENT_REMOTE_PORT }}
          REMOTE_USER: ${{ secrets.TENCENT_REMOTE_USR }}
          TARGET: ${{ secrets.TENCENT_REMOTE_TARGET }} # /opt/wwwroot/xxx
          EXCLUDE: "/dist/, /node_modules/"
          SCRIPT_BEFORE: |
            whoami
            ls -al            
          SCRIPT_AFTER: |
            whoami
            ls -al
            echo $RSYNC_STDOUT

github-action secrets

At this point, the GitHub Actions workflow for deploying to Tencent Cloud via SSH is complete.