Configure GitHub
This section discusses how you can configure Github to integrate with Duplo
Prerequisites
Follow these steps to interact with your Duplocloud Portal from GitHub Actions.
1. Create a Service Account
First you need a service account in your portal with the permissions.
Service AccountsAdding Tenant access for users
Tenant Access for Users
Setup Duplocloud in a Workflow
To get fully set up with Duplocloud and the underlying cloud provider you use, you get everything you need set up with duplocloud/actions. This action will install the CLI for duplocloud and the CLI for the underlying cloud. Finally, it will perform a safe login so subsequent steps can freely interact with DuploCloud or the cloud it manages.
Here is the most basic setup for any pipeline to get started.
jobs:
build:
runs-on: ubuntu-latest
env:
DUPLO_TOKEN: ${{ secrets.DUPLO_TOKEN }}
DUPLO_HOST: ${{ vars.DUPLO_HOST }}
DUPLO_TENANT: ${{ vars.DUPLO_TENANT }}
steps:
- name: Duplo Setup
uses: 12
with: # These are only needed for GCP and Azure
account-id: ${{ vars.CLOUD_ACCOUNT }}
credentials: ${{ secrets.CLOUD_CREDENTIALS }}
Configuring Environments for GitHub Actions
Github Environments are how you define different deployment environments for your workflows and how they differ from one another. Here, you define environment-specific variables and secrets. This allows you to parameterize and secure your workflows. We highly recommend using this feature, however it is paid and therefore optional since you may not have it.
The most common use case with Duplocloud is to match up one Tenant to one Environment. Imagine we have a tenant named dev01
, then you make a new environment in every repo, which will deploy to it named dev01
. Often, you may not even need to add any secrets or variables because we have already added the DUPLO_HOST
and DUPLO_TOKEN
at the repo level earlier, and you only need the name of the environment as the value for the DUPLO_TENANT
.

This shows how to configure a job to use an environment using an input and match it up to the tenant.
name: My Workflow
on:
workflow_dispatch:
inputs:
environment:
description: The environment to deploy to
type: environment
default: dev01
jobs:
build:
runs-on: ubuntu-latest
environment:
name: ${{ inputs.environment }}
env:
DUPLO_TOKEN: ${{ secrets.DUPLO_TOKEN }}
DUPLO_HOST: ${{ vars.DUPLO_HOST }}
DUPLO_TENANT: ${{ inputs.environment }}
steps:
- name: Duplo Setup
uses: 12
with: # These are only needed for GCP and Azure
account-id: ${{ vars.CLOUD_ACCOUNT }}
credentials: ${{ secrets.CLOUD_CREDENTIALS }}
The input type is environment
which only works on workflow_dispatch
because it provides a UI with a drop-down selector for choosing from the list of configured Github Environments. On any other event type, the environment input would be a type string
, and you pass in a name.

Retrieving a DuploCloud ID from a GitHub Actions script
Retrieve the Duplo Tenant ID from the duplocloud_tenant
in the Terraform data source using the syntax: `duplocloud_tenant.tenant1.id`
.
From inside a GitHub Actions workflow, use the DuploCloud Python client (duploctl
) to pull the Tenant ID. For more information, see the DuploCloud Python client documentation. To ensure the client is installed in the pipeline, you can use the command: pip install duplocloud-client
.
References:
The rest of this documentation will assume that you named the GitHub repository secret. DUPLO_TOKEN
.
Last updated
Was this helpful?