GitHub action that brings automatic Fly.io deployments to your Nx workspace.
This action will manage deployments to Fly.io of your Nx workspace applications.
Fits perfectly with Nx Pre-deploy Action for multi-tenant setups.
[!NOTE] Architecture, multi-tenant setup, and configuration See: DEPLOYMENT.md
Each deployable app requires:
github.json- Deployment configuration in app root (optional postgres settings)- Fly.io configuration - One of the following:
fly.{environment}.toml(e.g.,fly.production.toml,fly.preview.toml)fly.toml(default)- For existing apps: remote configuration will be automatically fetched and used
During deployment, the action uses this priority order:
- Existing apps: Saves and uses remote configuration from Fly.io
- New apps: Looks for environment-specific config (e.g.,
fly.production.toml) - New apps: Falls back to
fly.toml - No config found: Deployment is skipped
Tip
To disable deployment for an app, remove or rename its Fly configuration file (e.g., rename to fly.local.toml for manual deployments).
Applications without a github.json file will be skipped during deployment.
[!NOTE] github.json schema, field descriptions, and examples See: Per-App Configuration in DEPLOYMENT.md
This action is designed to run after the fly-build-action and the nx-pre-deploy-action. The apps and environment inputs are typically the outputs from nx-pre-deploy-action, and images from fly-build-action.
deploy:
needs: [pre-deploy, build]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# Install dependencies, build the action...
- name: Install Fly CLI
uses: superfly/flyctl-actions/setup-flyctl@master
- name: Deploy to Fly
uses: ./packages/fly-deployment-action
with:
fly-api-token: ${{ secrets.FLY_API_TOKEN }}
token: ${{ secrets.GITHUB_TOKEN }}
apps: ${{ needs.pre-deploy.outputs.apps }}
environment: ${{ needs.pre-deploy.outputs.environment }}
app-details: ${{ needs.pre-deploy.outputs.app-tenants }}
images: ${{ needs.build.outputs.images }}Environment is determined by the GitHub event (or overridden via the environment input):
- Pull requests →
preview - Push to main →
production
Environment variables provided to deployed apps: DEPLOY_ENV, APP_NAME, PR_NUMBER, TENANT_ID
[!NOTE] Environment detection logic and affected apps analysis
See: Nx Pre-deploy Action
See action.yaml for descriptions of the inputs.
Provide a JSON object that maps app names to their deployment configurations. This supports both multi-tenant deployments and multi-deployment scenarios (e.g., multiple environments). This is typically the output from the Nx Pre-deploy Action.
[!NOTE] Setting up multi-tenant configuration in Infisical See: Multi-tenant Setup Guide
Structure:
{
"web": [
{
"tenant": "acme",
"env": { "PUBLIC_URL": "https://acme.example.com" },
"secrets": { "API_KEY": "sk_acme_..." }
},
{
"tenant": "globex",
"env": { "PUBLIC_URL": "https://globex.example.com" },
"secrets": { "API_KEY": "sk_globex_..." }
}
],
"cms": [{ "tenant": "acme" }]
}Behavior:
- Each app is deployed once per deployment configuration
- Apps get unique names:
<base-app-name>-<tenant-id>(e.g.,cdwr-web-acme,cdwr-web-globex) - The
TENANT_IDenvironment variable is set for each deployment - Config merging: Global
env/secretsare merged with deployment-specific config (deployment wins) - If no
app-tenantsprovided, apps deploy once with only global config
Example usage:
- name: Deploy
uses: ./packages/fly-deployment-action
with:
app-details: ${{ needs.pre-deploy.outputs.app-tenants }}
env: |
GLOBAL_VAR=shared-value
secrets: |
SHARED_SECRET=xyzIn this example, GLOBAL_VAR and SHARED_SECRET are available to all deployments, but deployment-specific values take precedence if they have the same key.
Note: The tenant field is optional. You can provide env/secrets without a tenant for multi-deployment scenarios (e.g., different configurations for staging/production).
Global secrets passed to all deployed applications as Fly secrets. These are merged with deployment-specific secrets from app-details (deployment-specific takes precedence).
Provide the secrets as multiline key/value strings.
- uses: ./packages/fly-deployment-action
with:
secrets: |
SECRET_KEY1=secret-value1
SECRET_KEY2=secret-value2Note
The same pattern applies to the env input.
See action.yaml for descriptions of the outputs.
