- Creating the Production Environment
- Configuring Deployment Protection Rules
- Adding Repository Secrets
- Defining Environment Variables
1. Create the Production Environment
- Navigate to your repository’s Settings → Environments.
- Click New environment.
- Enter
productionas the environment name and hit Create environment.
Environments let you control deployment workflows and apply protection rules per stage. For more details, see GitHub Environments.
2. Configure Deployment Protection Rules
Open the newly created production environment and apply these settings:| Rule Type | Configuration | Description |
|---|---|---|
| Wait timer | 1 minute | Delay before deployment begins. |
| Required approvals | 1 | Minimum number of reviewers. |
| Branch restrictions | main | Only workflows from main can deploy. |
a. Deployment Wait Timer
Set Wait timer to1 minute to introduce a brief delay before the job starts.
b. Required Reviewers
- Required approvals:
1 - Reviewers: Select up to 6 team members.
- (Optional) Disable Allow self approval to prevent deployers from approving their own workflows.
c. Branch Restrictions
Under Branch restrictions, choose only themain branch to ensure that only the approved branch can trigger production deployments.
3. Add Secrets
Store sensitive data as encrypted secrets in theproduction environment:
- In production, click New repository secret.
- Name:
KUBECONFIG - Value: Your base64-encoded kubeconfig content.
- Click Add secret.
Never commit raw kubeconfig files or credentials to your repository. Always use secrets to keep sensitive data secure.
4. Define Environment Variables
Specify variables your deployment workflow will consume:| Variable | Value |
|---|---|
namespace | production |
replicas | 5 |
Validate Your Setup
To confirm your configuration, trigger a GitHub Actions workflow that targets theproduction environment. Check the Environments tab in your workflow run for applied protection rules and secrets usage.