Continuous deployment is an essential part of modern web development. It allows developers to automatically deploy changes from a version control system to a live environment. This approach reduces manual errors and speeds up the development process, ensuring your website is always up-to-date with the latest code changes.

As a Kinsta user, you can use SSH to push changes directly to your server. With GitHub Actions, you can automate the entire deployment process, seamlessly deploying updates to your live site.

This article walks you through setting up continuous deployment for your WordPress site hosted on Kinsta using GitHub Actions. We cover everything from setting up your local environment to pushing changes to GitHub and automatically deploying them to your live site.

Prerequisites

Before you can set up continuous deployment for your WordPress site to Kinsta, there are a few things you need:

  1. Your WordPress site must already be hosted on Kinsta.
  2. You need to pull your site locally. You can either use DevKinsta or download a backup.
  3. A GitHub repository to store and push your site’s code.
  4. Basic knowledge of Git, like pushing code and using a .gitignore file.

Pulling your site locally and setting up GitHub

As a Kinsta user, the easiest way to access your WordPress site’s local files is by using DevKinsta. With just a few clicks, you can pull your site from the Kinsta server into DevKinsta, allowing you to work on your site locally.

To do this:

  1. Open DevKinsta and click Add site.
  2. Select the Import from Kinsta option. This will download everything about your site so you can access it locally for development.

Once your site is available locally, open the site’s folder in your preferred code editor. Before pushing the files to GitHub, add a .gitignore file in the root directory of your project to avoid uploading unnecessary WordPress core files, uploads, or sensitive information. You can use a standard .gitignore template for WordPress. Copy the template’s contents and save it.

Next, create a GitHub repository and push your site’s files to GitHub.

Setting up GitHub secrets for Kinsta

To automate deployment from GitHub to Kinsta, you’ll need some important SSH details, including your username, password, port, and IP address. Since these are sensitive, store them as GitHub secrets.

To add secrets in GitHub:

  1. Go to your repository on GitHub.
  2. Click on Settings > Secrets and variables > Actions > New repository secret.
  3. Add the following secrets:
    • KINSTA_SERVER_IP
    • KINSTA_USERNAME
    • PASSWORD
    • PORT

You can find these details on your site’s Info page in your MyKinsta dashboard.

SFTP/SSH info details in MyKinsta
SFTP/SSH info details in MyKinsta.

With this setup complete, you can now configure automatic deployment for your WordPress site.

Configuring your Kinsta server

Before automating the deployment process with GitHub Actions, you must configure your Kinsta server to receive and deploy code from your GitHub repository.

This involves two steps: creating a bare Git repository on your Kinsta server and setting up a post-receive hook to deploy the latest changes to your live site automatically.

1. Create a bare Git repository on Kinsta

A bare Git repository is a remote destination where GitHub will push your code. This repository doesn’t have a working directory — it’s a central repository designed to receive and store your code.

To do this, first SSH into your Kinsta server using the SSH terminal command available in your MyKinsta dashboard:

SSH terminal command MyKinsta.
SSH terminal command MyKinsta.

Next, navigate to the private folder on your server (or create it if it doesn’t already exist):

mkdir -p /www/your-site/private
cd /www/your-site/private

Here, replace your-site with the actual folder name for your site, which you can find in the path on your dashboard.

Kinsta live site path
Kinsta live site path.

Finally, create the bare Git repository:

git init --bare your-repo.git

For your-repo, you can use the name of your GitHub repository for consistency, but you can name it anything you like.

This bare repository will receive the code pushed from GitHub.

2. Set up the post-receive hook

Once your bare Git repository is ready, setting up a post-receive hook is next. This script will automatically deploy the code to your live site whenever new changes are pushed to the main branch in GitHub.

To do this, navigate to the hooks directory in your bare Git repository:

cd /www/your-site/private/your-repo.git/hooks

Create and edit the post-receive hook:

nano post-receive

Next, add the following script to the post-receive file. This script will check out the latest code into the public directory of your live site:

#!/bin/bash
TARGET="/www/your-site/public"
GIT_DIR="/www/your-site/private/your-repo.git"

while read oldrev newrev ref
do
    BRANCH=$(git rev-parse --symbolic --abbrev-ref $ref)

    if [[ $BRANCH == "main" ]];
    then
        echo "Ref $ref received. Deploying ${BRANCH} branch to production..."
        git --work-tree=$TARGET --git-dir=$GIT_DIR checkout -f
    else
        echo "Ref $ref received. Doing nothing: only the main branch may be deployed on this server."
    fi
done

The script above deploys code from just the main branch. The TARGET variable points to the directory where your live site’s files are located (/www/your-site/public). The GIT_DIR variable points to the bare Git repository.

Save and exit the file by pressing Ctrl + X, then Y, and Enter.

Finally, make the script executable so it can run automatically after each push:

chmod +x post-receive

At this point, the post-receive hook is ready to deploy code automatically whenever changes are pushed to the main branch in your GitHub repository.

3. Generate and add a GitHub personal access token (PAT)

Since GitHub no longer supports password-based authentication, you must use a PAT to authenticate when pushing code to GitHub via SSH. This token will allow GitHub to accept your pushes securely.

To generate the token:

  1. Go to your GitHub account and click on your profile picture, then select Settings.
  2. On the left sidebar, click Developer settings.
  3. Click Personal access tokens > Tokens (classic).
  4. Click Generate new token, and give it a name (e.g., “Kinsta Deployment Token”).
  5. Under Select scopes, check repo (for full control of private repositories).
  6. Click Generate token, and copy the token. (You won’t be able to see it again.)

Next, run the following command to add your GitHub repository as a remote, replacing placeholders with your actual details:

git remote add origin https://your-username:[email protected]/your-username/your-repo.git

Replace:

  • your-username with your GitHub username.
  • YOUR_PERSONAL_ACCESS_TOKEN with the token you just generated.
  • your-repo with the name of your GitHub repository.

Creating the GitHub Actions workflow for automatic deployment

Now that your WordPress site is on your local machine, pushed to GitHub, and you have set up the necessary GitHub Secrets, it’s time to create a GitHub Actions workflow. This workflow deploys changes to Kinsta automatically whenever you push to the main branch.

To automate the deployment, you’ll create a YAML file that defines how the deployment will happen. Here’s how to set it up:

  1. Create a new directory called .github/workflows in your GitHub repository.
  2. Inside this directory, create a new file called deploy.yml.
  3. Add the following content to the deploy.yml file:
name: Deploy to Kinsta

on:
  push:
    branches:
      - main

jobs:
  deploy:
    runs-on: ubuntu-latest

    steps:
      # Setup Node.js
      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '20.x'

      # Checkout the latest code from your repository
      - name: Checkout code
        uses: actions/[email protected]

      # Deploy to Kinsta via SSH
      - name: Deploy via SSH
        uses: appleboy/[email protected]
        with:
          host: ${{ secrets.KINSTA_SERVER_IP }}
          username: ${{ secrets.KINSTA_USERNAME }}
          password: ${{ secrets.PASSWORD }}
          port: ${{ secrets.PORT }}  # Optional, default is 22
          script: |
            cd /www/your-site/private/your-repo.git  # Navigate to the bare Git repository on Kinsta
            git --work-tree=/www/your-site/public --git-dir=/www/your-site/private/your-repo.git fetch origin main  # Fetch the latest changes from GitHub
            git --work-tree=/www/your-site/public --git-dir=/www/your-site/private/your-repo.git reset --hard origin/main  # Deploy changes to the live site

A closer look at this workflow

Here’s a breakdown of the workflow:

  • Trigger: The workflow is triggered every time code is pushed to the main branch of your GitHub repository.
  • Jobs: The workflow contains one job called deploy, which runs on an Ubuntu virtual machine (ubuntu-latest).
  • Checkout code: This step uses the actions/[email protected] action to pull the latest code from your GitHub repository.
  • Deploy via SSH: The appleboy/ssh-action is used to securely connect to your Kinsta server via SSH using the secrets you configured (server IP, username, password, and port). The script within this step runs the following commands:
    • cd /www/your-site/private/your-repo.git: Navigates to the bare Git repository on your Kinsta server.
    • git fetch origin main: Fetches the latest changes from the main branch in your GitHub repository.
    • git reset --hard origin/main: Applies those changes by updating the live site in the public directory where WordPress is hosted.

Testing the workflow

Once you’ve set up the workflow, you can test it by pushing a small change to your GitHub repository’s main branch. Each time you push a change, GitHub Actions automatically triggers the deployment, pulling the latest version of your code and deploying it to your live site on Kinsta.

You can monitor the status of your deployment by going to the Actions tab in your GitHub repository. If the workflow encounters errors, you’ll see detailed logs to help you troubleshoot and fix the issues.

Summary

By setting up continuous deployment for your WordPress site using GitHub Actions, you automate your development workflow, ensuring that every change pushed to GitHub is automatically deployed to your live site on Kinsta.

It also allows you to integrate additional workflows into the pipeline, such as testing and formatting using the @wordpress/scripts package.

What are your thoughts on this process? Is there something else you’d like us to explain, or have you experienced any errors while following this guide? Please share your questions or feedback in the comment section below!

Joel Olawanle Kinsta

Joel is a Frontend developer working at Kinsta as a Technical Editor. He is a passionate teacher with love for open source and has written over 300 technical articles majorly around JavaScript and it's frameworks.