How I Deployed My Python Bot to EC2 with CI/CD Using GitHub Actions

CI/CDGithub

February 18, 2024

In the world of Telegram bots, two primary operation modes exist: Long Poll and Webhook. The key difference lies in how they interact with the server to receive updates. Long Polling is a process where the bot consistently checks (or "listens") for user messages by making regular requests to the Telegram server. It's always "up," awaiting new messages. On the other hand, Webhooks inform the bot of new messages through direct notifications from the server to a specified URL, eliminating the need for constant polling. Webhooks are efficient for real-time applications but require a publicly accessible web server, making Long Polling a simpler choice for many developers due to its ease of setup and use.

I recently embarked on creating a Telegram bot to solve a daily dilemma: choosing what to eat for lunch near my workplace. Opting for a Long Poll telegram bot for its simplicity, the next challenge was ensuring my lunch kakis (buddies) could access it anywhere, necessitating cloud deployment.

Why GitHub Actions?

GitHub Actions wasn't my initial go-to for deployment. My first attempt involved Google Cloud Build and Deploy, lured by the promise of free credits and positive reviews. However, Google's health checks, which verify service availability by sending requests to an open port, were incompatible with the Long Poll bot's architecture, which doesn't listen on a port in a traditional server manner. This realization led me to deploy the bot on an EC2 instance, which, while eliminating health check issues, introduced the tediousness of manual deployments.

Transitioning to GitHub Actions revolutionized this process. It allowed me to automate deployments through a simple push to my deployment branch, transforming deployment from a chore into an exciting, seamless task.

Creating a GitHub Workflow

Setting up a GitHub workflow is straightforward, even for those who are venturing into CI/CD for the first time. GitHub's user-friendly interface offers the flexibility to either start from scratch or use the existing templates, making it an ideal environment for newcomers to get acquainted with workflow automation.

To create a workflow, simply go to your repository on GitHub, click on the "Actions" tab, and then click "New workflow." You can choose from predefined workflow templates or create your own by selecting "set up a workflow yourself." This action generates a .github/workflows directory in your repository with a YAML file where you can define your workflow steps.

Here's a simplified version of my GitHub workflow setup:

name: Deploy to EC2
on:
  push:
    branches:
      - releases/production

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2

      - name: Deploy to EC2
        uses: appleboy/ssh-action@master
        with:
          host: ${{ secrets.EC2_HOST }}
          username: ${{ secrets.EC2_USER }}
          key: ${{ secrets.EC2_SSH_KEY }}
          script: |
            # Check if the container exists
            if [ $(docker ps -a -q -f name=my-bot | wc -l) -gt 0 ]; then
              echo "Container exists, stopping and removing..."
              docker stop my-bot
              docker rm my-bot
            fi
            # Pull latest changes, rebuild and run the Docker container
            cd my-telegram-bot/
            git pull
            docker build -t my-bot-image .
            docker run --rm -d --name my-bot my-bot-image

Securing Deployment with GitHub Secrets

A crucial aspect of automating deployment is ensuring the security of sensitive information. GitHub Secrets offers a straightforward way to safeguard your data, such as server SSH keys and user credentials. These secrets are encrypted and only revealed to GitHub Actions runners during the workflow execution, making it a secure method for automating deployments, even in public repositories.

To add secrets to your repository, navigate to the repository's Settings, then to the Secrets section, where you can add new secrets that your GitHub Actions workflows can use. Here, you can input the names and values of your secrets, such as EC2_HOST, EC2_USER, and EC2_SSH_KEY. This approach ensures that your sensitive deployment information remains secure while enabling automated processes.

This project, though simple, has significantly streamlined my deployment process, making it more convenient and efficient. . This small but meaningful advancement is a stepping stone in my ongoing exploration of technology. I look forward to diving further into this field and discovering more ways to refine and improve my processes.