Automating Laravel Vapor Deployments with GitHub Actions

Manually triggering deployments from a local machine works for solo projects, but a professional workflow demands automation. Laravel Vapor integrates seamlessly with GitHub Actions to ensure that every push to your production branch triggers a fresh build. This approach eliminates human error, provides a centralized log of deployment history, and allows for automated testing before the code ever reaches your serverless environment.

Prerequisites

Before you start, ensure you have a Laravel project already initialized with a vapor.yml file. You will need owner or administrative access to both your GitHub repository and your Laravel Vapor dashboard. Familiarity with YAML syntax is helpful for customizing your workflow triggers.

Key Libraries & Tools

• Laravel Vapor CLI: The tool that handles the heavy lifting of packaging and uploading your application.
• GitHub Secrets: A secure vault for storing sensitive credentials like API tokens.
• shivammathur/setup-php: A popular GitHub Action used to configure the PHP environment in the runner.

Code Walkthrough: The Workflow File

To automate your deployment, create a file at .github/workflows/deploy.yml. This file defines the execution environment and the steps required to ship your code.

name: Deploy to Vapor
on:
  push:
    branches: [master]

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2

      - name: Setup PHP
        uses: shivammathur/setup-php@v2
        with:
          php-version: 8.0

      - name: Install Vapor CLI
          run: composer global require laravel/vapor-cli

      - name: Deploy Environment
        run: vapor deploy production
        env:
          VAPOR_API_TOKEN: ${{ secrets.VAPOR_API_TOKEN }}

In this snippet, we define a trigger that watches the master branch. The runner installs the Laravel Vapor globally via Composer and then executes the deploy command. We inject the sensitive VAPOR_API_TOKEN using the ${{ secrets }} syntax to keep it out of our source code.

Syntax Notes and Best Practices

Always use GitHub Actions for your API tokens. Hardcoding these is a massive security risk. Remember that Laravel Vapor tokens eventually expire; you must rotate them in your GitHub settings to prevent pipeline failures. You can also add a test step before the deploy step to ensure that your PHPUnit suite passes before the deployment begins.

Tips & Gotchas

If your deployment fails, check the Actions tab in GitHub. The console output mimics your local terminal, providing line-by-line feedback. A common mistake is forgetting to install dependencies; ensure your workflow includes composer install if your deployment process requires specific vendor files not handled by the Vapor build process.