Deploy from GitHub Actions
Mint an API token in the dashboard, set SUPERJOLT_TOKEN as a repo secret, drop in a workflow that uses getsuperjolt/deploy-action. The action streams remote stdout live to the workflow log.
Use getsuperjolt/deploy-action to deploy code from any GitHub repo to a Superjolt VM. The action calls Superjolt’s HTTP API directly with a bearer token — no SSH key in secrets, no agent install on the runner.
1. Mint an API token
Open the dashboard → Settings → API keys → Create. Copy the sj_live_… token (it’s only shown once).
In your GitHub repo: Settings → Secrets and variables → Actions → New repository secret:
- Name:
SUPERJOLT_TOKEN - Value: paste the token
Token creation is dashboard-only by design. A leaked bearer can’t mint shadow tokens.
2. Add the workflow
Create .github/workflows/deploy.yml:
name: Deploy
on:
push:
branches: [main]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: getsuperjolt/deploy-action@v1
with:
token: ${{ secrets.SUPERJOLT_TOKEN }}
vm: web # name (resolved) or vm-…
upload: ./dist # file or directory
upload_to: /root/app
command: |
cd /root/app && npm ci --omit=dev && pm2 reload all || pm2 start npm -- start
Push to main. The action resolves web → vm-…, uploads ./dist to /root/app, runs the command. Stdout/stderr stream live to the workflow log as the remote command produces them — useful for watching npm install progress on a multi-minute deploy. Non-zero exit fails the step.
Troubleshooting 524 errors. If your workflow ends with
error: failed to make HTTP request: 524mid-deploy, you’re pinned tov1.0.x. The old action used a single synchronous HTTP call that the edge proxy cuts at ~100s. Bump to@v1.1.0+(or just@v1, which now points at the live-stream build) to fix it.
Inputs
| input | required | default | notes |
|---|---|---|---|
token | ✅ | — | Bearer from your dashboard. |
vm | ✅ | — | Name or id. Ambiguous names → 404. |
project | first project | Omit if the tenant has one project. | |
upload | — | File → inline base64 (≤16 MiB). Directory → tar + presigned PUT. | |
upload_to | /root/app | Absolute path on the VM. | |
command | — | Runs after upload. | |
workdir | upload_to | Working directory for the command. |
Version pinning
uses: getsuperjolt/[email protected] # immutable semver (recommended)
uses: getsuperjolt/deploy-action@<full-sha> # most secure
uses: getsuperjolt/deploy-action@v1 # moving major tag (convenient, mutable)
Activity feed
Every API call from the action sends User-Agent: superjolt-action/…. Audit rows from CI deploys carry metadata.source = 'github-actions', so the dashboard activity feed renders a “via GitHub Actions” badge — easy to tell apart from human or agent actions.
Plain SSH instead
If you prefer rsync, appleboy/ssh-action, or docker compose pull over SSH, see Deploy via SSH. One-time setup: register your public key, call enable_ssh on the VM, then connect with the printed ssh root@… command.
Resources
- GitHub Marketplace listing — versions, examples, install snippet
- Action source — issues, releases, contributing