Heroku Git Transport Feature Retirement
- 2 minutes read - 261 wordsWe recently received an email from Heroku telling us that we would need to transition our deployments away from the ssh transport that we’ve been using on Semaphore CI to deploy our Elixir Phoenix app. The Semaphore deployment documentation only covers the ssh transport route. We needed to figure out how to move to the https deployments from our CI server. The instructions in the email were’t too helpful as those steps had already been taken in our project, the Semaphore solution replaces https with ssh for deployments. The real issue was how to authenticate to Heroku now that SSH was off the table.
Heroku uses an API key to authenticate their CLI actions, and that key is stored in a .netrc file in your home directory. The solution that we came up with was to upload the .netrc file as a secret to Semaphore and then use that in the pipeline configuration for the deployments. Here’s how it is used in the deployment yml file:
Add the file as a secret in the Semaphore Organization settings:
Modify the pipline file that does the deploy
# .semaphore/heroku.yml
version: v1.0
name: Heroku deployment
agent:
machine:
type: e1-standard-2
os_image: ubuntu1804
blocks:
- name: Deploy
task:
secrets:
- name: heroku-netrc
env_vars:
- name: HEROKU_REMOTE
value: https://git.heroku.com/<app-name>.git
jobs:
- name: Push code
commands:
- checkout --use-cache
- git remote add heroku $HEROKU_REMOTE
- git push heroku -f $SEMAPHORE_GIT_BRANCH:master
- heroku run -a <app-name> MIX_ENV=prod POOL_SIZE=2 mix ecto.migrate
- heroku dyno:restart -a <app-name>
Now you should be able to deploy to Heroku using your CI server!