> ## Documentation Index > Fetch the complete documentation index at: https://docs.mage.ai/llms.txt > Use this file to discover all available pages before exploring further. # GitHub Actions > Development (local) and production (cloud) using GitHub Actions. Mage supports GitHub Actions for CI/CD workflows. We have templates for deploying to [AWS ECS, GCP Cloud Run, and Azure](https://github.com/mage-ai/mage-ai/tree/master/templates/github_actions). Before you configure your action, follow the [Mage project setup instructions](/production/ci-cd/local-cloud/repository-setup). *** ## GitHub Actions setup 1. Create a new repository on GitHub. 2. Open your repository on GitHub, then click the tab labeled **Settings**. 3. Click the section labeled **Security** on the left hand side to expand it. 4. Click the link labeled **Actions**. 5. Click the button labeled **New repository secret** in the top right corner. 6. Follow the instructions below for your specific cloud provider: *** ## AWS 1. If you haven’t already, create a new AWS ECR repository. 2. You’ll need AWS credentials with the following policy permissions: ```json theme={"system"} { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "ecr:BatchCheckLayerAvailability", "ecr:CompleteLayerUpload", "ecr:GetAuthorizationToken", "ecr:InitiateLayerUpload", "ecr:PutImage", "ecr:UploadLayerPart", "ecs:DeregisterTaskDefinition", "ecs:DescribeClusters", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:RegisterTaskDefinition", "ecs:UpdateService", "iam:PassRole" ], "Resource": "*" } ] } ``` 3. In the field labeled **Name**, enter the value `AWS_ACCESS_KEY_ID`. 4. In the field labeled **Secret**, enter your AWS Access Key ID. 5. Click the button labeled **Add secret** to save. 6. Add a 2nd secret by clicking the button labeled **New repository secret** in the top right corner. 7. In the field labeled **Name**, enter the value `AWS_SECRET_ACCESS_KEY`. 8. In the field labeled **Secret**, enter your AWS Secret Access Key. 9. Click the button labeled **Add secret** to save. 10. Click on the tab labeled **Actions**. 11. On the left side, click the button labeled **New workflow**. 12. Find the link labeled **`set up a workflow yourself`** and click it. 13. Copy the contents from the GitHub Action YAML file for AWS at [templates/github\_actions/build\_and\_deploy\_to\_aws\_ecs.yml](https://github.com/mage-ai/mage-ai/blob/master/templates/github_actions/build_and_deploy_to_aws_ecs.yml), and paste it into the textarea. 14. Change the following values under the key labeled `env`: ```yaml theme={"system"} env: AWS_REGION: ... ECR_REPOSITORY: ... ECS_CLUSTER: ... ECS_SERVICE: ... ECS_TASK_DEFINITION: ... CONTAINER_NAME: ... ``` | Key | Description | Sample value | | --------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------ | | `AWS_REGION` | Region of your AWS ECS cluster. | `us-west-2` | | `CONTAINER_NAME` | Set this to the name of the container in the containerDefinitions section of your task definition. | `mage-data-production-container` | | `ECR_REPOSITORY` | The name of the AWS ECR repository you created to store your Docker images. | `mage-data` | | `ECS_CLUSTER` | The name of your AWS ECS cluster. | `mage-production-cluster` | | `ECS_SERVICE` | The name of your AWS ECS service. | `mage-production-ecs-service` | | `ECS_TASK_DEFINITION` | Go to your AWS ECS task definition for the above service. Click on the **JSON** tab on the task definition detail page. Copy the JSON string content and save it to a file in your root folder containing your Mage project. Use the path to that file as the value in this field. | `some_path/ecs-task-definition.json` | 1. Click the button labeled **Start commit** in the top right corner. 2. Click the button labeled **Commit new file**. 3. Every time you merge a pull request into the master branch, this GitHub Action will run, building a Docker image using your GitHub code, then updating AWS ECS to use the new image with the updated code. ## GCP 1. You’ll need to add these roles to the service account that you’ll be using to deploy Mage from GitHub: * Artifact Registry Read * Artifact Registry Writer * Cloud Run Admin * Service Account Token Creator * Service Account User 2. In the field labeled **Name**, enter the value `GCP_CREDENTIALS`. 3. In the field labeled **Secret**, enter the JSON string containing your GCP service account credentials. It should look something like this: `json { "type": "service_account", "project_id": "mage-123456", "private_key_id": "...", "private_key": "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----\n", "client_email": "mage@mage-123456.iam.gserviceaccount.com", "client_id": "...", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "token_uri": "https://oauth2.googleapis.com/token", "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/mage%40mage-123456.iam.gserviceaccount.com" } ` 4. Click the button labeled **Add secret** to save. 5. Click on the tab labeled **Actions**. 6. On the left side, click the button labeled **New workflow**. 7. Find the link labeled **`set up a workflow yourself`** and click it. 8. Copy the contents from the GitHub Action YAML file for GCP at [templates/github\_actions/build\_and\_deploy\_to\_gcp\_cloud\_run.yml](https://github.com/mage-ai/mage-ai/blob/master/templates/github_actions/build_and_deploy_to_gcp_cloud_run.yml), and paste it into the textarea. 9. Change the following values under the key labeled `env`: ```yaml theme={"system"} env: GAR_LOCATION: ... GOOGLE_CLOUD_RUN_SERVICE_NAME: ... IMAGE: ... PROJECT_ID: ... REPOSITORY: ... ``` | Key | Description | Sample value | | ------------------------------- | ------------------------------------------------------------------------------------------- | ------------- | | `GAR_LOCATION` | Region that Mage is already deployed in. | `us-east1` | | `GOOGLE_CLOUD_RUN_SERVICE_NAME` | The name of your Google Cloud Run service. Go to the Google Cloud Run dashboard to find it. | `mage-data` | | `IMAGE` | The name of the Docker image you pushed to the above GCP Artifact Registry. | `mageai` | | `PROJECT_ID` | Project ID of where you launched Mage using Terraform. | `mage-123456` | | `REPOSITORY` | The name of your GCP Artifact Registry that is storing your Docker image. | `mageprod` | 10. Click the button labeled **Start commit** in the top right corner. 11. Click the button labeled **Commit new file**. 12. Every time you merge a pull request into the master branch, this GitHub Action will run, building a Docker image using your GitHub code, then updating Google Cloud Run to use the new image with the updated code. ## Azure Mage can be deployed to Azure using GitHub Actions. Our template for deploying to an Azure Container instance is located [here](https://github.com/mage-ai/mage-ai/blob/master/templates/github_actions/build_and_deploy_to_azure_container_instance.yml) and based off the "GitHub Workflow" option in Azure's docs. To configure this workflow, you will need to add the following secrets to your GitHub repo: | Key | Description | | | | | ----------------------- | -------------------------------------------------------------------------------------- | - | - | - | | `AZURE_CREDENTIALS` | The entire JSON output from the service principal creation step | | | | | `REGISTRY_LOGIN_SERVER` | The login server name of your registry (all lowercase). Example: myregistry.azurecr.io | | | | | `REGISTRY_USERNAME` | The clientId from the JSON output from the service principal creation | | | | | `REGISTRY_PASSWORD` | The clientSecret from the JSON output from the service principal creation | | | | | `RESOURCE_GROUP` | The name of the resource group you used to scope the service principal | | | | We recommend [Microsoft's Guide](https://learn.microsoft.com/en-us/azure/container-instances/container-instances-github-action?tabs=userlevel#configure-github-workflow) for obtaining these credentials via the Azure CLI. Microsoft also has templates that are similar to ours— we use the `Service ID Principal` method for authentication, but you can check Microsoft's docs for the [`OpenID Connect`](https://learn.microsoft.com/en-us/azure/container-instances/container-instances-github-action?tabs=openid#save-credentials-to-github-repo) method. Alternatively, you can use the `az container app up` command in the [Deploy to Azure](https://github.com/Azure/deploy-to-azure-cli-extension) extension in the Azure CLI. This command streamlines creation of the GitHub workflow and deployment steps.