Managing environments for deployment

You can create environments and secure those environments with deployment protection rules. A job that references an environment must follow any protection rules for the environment before running or accessing the environment's secrets.

누가 이 기능을 사용할 수 있나요?

Repository owners

Environments, environment secrets, and deployment protection rules are available in public repositories for all current GitHub plans. They are not available on legacy plans, such as Bronze, Silver, or Gold. For access to environments, environment secrets, and deployment branches in private or internal repositories, you must use GitHub Pro, GitHub Team, or GitHub Enterprise.

이 문서의 내용

Prerequisites

Creating an environment

개인 계정 리포지토리에서 환경을 구성하려면 리포지토리 소유자여야 합니다. 조직 리포지토리에서 환경을 구성하려면 admin 액세스 권한이 있어야 합니다.

  1. GitHub에서 리포지토리의 기본 페이지로 이동합니다.

  2. 리포지토리 이름 아래에서 설정을 클릭합니다. "설정" 탭이 표시되지 않으면 드롭다운 메뉴를 선택한 다음 설정을 클릭합니다.

    탭을 보여 주는 리포지토리 헤더의 스크린샷. "설정" 탭이 진한 주황색 윤곽선으로 강조 표시됩니다.

  3. 왼쪽 사이드바에서 환경을 클릭합니다.

  4. 새 환경을 클릭합니다.

  5. 환경의 이름을 입력한 다음 환경 구성을 클릭합니다. 환경 이름은 대/소문자를 구분하지 않습니다. 환경 이름은 255자를 초과하지 않아야 하며 리포지토리 내에서 고유해야 합니다.

  6. Optionally, specify people or teams that must approve workflow jobs that use this environment. For more information, see Deployments and environments.

    1. Select Required reviewers.
    2. Enter up to 6 people or teams. Only one of the required reviewers needs to approve the job for it to proceed.
    3. Optionally, to prevent users from approving workflows runs that they triggered, select Prevent self-review.
    4. Click Save protection rules.

  7. Optionally, specify the amount of time to wait before allowing workflow jobs that use this environment to proceed. For more information, see Deployments and environments.

    1. Select Wait timer.
    2. Enter the number of minutes to wait.
    3. Click Save protection rules.

  8. Optionally, disallow bypassing configured protection rules. For more information, see Deployments and environments.

    1. Deselect Allow administrators to bypass configured protection rules.
    2. Click Save protection rules.

  9. Optionally, enable any custom deployment protection rules that have been created with GitHub Apps. For more information, see Deployments and environments.

    1. Select the custom protection rule you want to enable.
    2. Click Save protection rules.

  10. Optionally, specify what branches and tags can deploy to this environment. For more information, see Deployments and environments.

    1. Select the desired option in the Deployment branches dropdown.

    2. If you chose Selected branches and tags, to add a new rule, click Add deployment branch or tag rule

    3. In the "Ref type" dropdown menu, depending on what rule you want to apply, click Branch or Tag.

    4. Enter the name pattern for the branch or tag that you want to allow.

      참고 항목

      이름 패턴은 분기나 태그에 대해 개별적으로 구성해야 합니다.

    5. Click Add rule.

  11. Optionally, add environment secrets. These secrets are only available to workflow jobs that use the environment. Additionally, workflow jobs that use this environment can only access these secrets after any configured rules (for example, required reviewers) pass. For more information, see Deployments and environments.

    1. Under Environment secrets, click Add Secret.
    2. Enter the secret name.
    3. Enter the secret value.
    4. Click Add secret.

  12. Optionally, add environment variables. These variables are only available to workflow jobs that use the environment, and are only accessible using the vars context. For more information, see Deployments and environments.

    1. Under Environment variables, click Add Variable.
    2. Enter the variable name.
    3. Enter the variable value.
    4. Click Add variable.

You can also create and configure environments through the REST API. For more information, see Deployment Environments에 대한 REST API 엔드포인트, GitHub Actions 비밀에 대한 REST API 엔드포인트, GitHub Actions 변수에 대한 REST API 엔드포인트, and 배포 분기 정책에 대한 REST API 엔드포인트.

Running a workflow that references an environment that does not exist will create an environment with the referenced name. If the environment is created from running implicit page builds (for example, from a branch or folder source), the source branch will be added as a protection rule to the environment. Otherwise, the newly created environment will not have any protection rules or secrets configured. Anyone that can edit workflows in the repository can create environments via a workflow file, but only repository admins can configure the environment.

Deleting an environment

개인 계정 리포지토리에서 환경을 구성하려면 리포지토리 소유자여야 합니다. 조직 리포지토리에서 환경을 구성하려면 admin 액세스 권한이 있어야 합니다.

Deleting an environment will delete all secrets and protection rules associated with the environment. Any jobs currently waiting because of protection rules from the deleted environment will automatically fail.

  1. GitHub에서 리포지토리의 기본 페이지로 이동합니다.

  2. 리포지토리 이름 아래에서 설정을 클릭합니다. "설정" 탭이 표시되지 않으면 드롭다운 메뉴를 선택한 다음 설정을 클릭합니다.

    탭을 보여 주는 리포지토리 헤더의 스크린샷. "설정" 탭이 진한 주황색 윤곽선으로 강조 표시됩니다.

  3. 왼쪽 사이드바에서 환경을 클릭합니다.

  4. Next to the environment that you want to delete, click .

  5. Click I understand, delete this environment.

You can also delete environments through the REST API. For more information, see 리포지토리에 대한 REST API 엔드포인트.

How environments relate to deployments

환경을 참조하는 워크플로 작업이 실행되면 환경 이름으로 설정된 environment 속성이 있는 배포 개체를 만듭니다. 워크플로가 진행됨에 따라 환경 이름으로 설정된 environment 속성, 환경의 URL로 설정된 environment_url 속성(워크플로에 지정된 경우), 작업의 상태로 설정된 state 속성이 있는 배포 상태 개체도 만듭니다.

You can access these objects through the REST API or GraphQL API. You can also subscribe to these webhook events. For more information, see 리포지토리에 대한 REST API 엔드포인트, 개체 (GraphQL API), or 웹후크 이벤트 및 페이로드.

Next steps

GitHub Actions provides several features for managing your deployments. For more information, see Deploying with GitHub Actions.