Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Automate function deployments

Automated deployments are required by programming practices like continuous deployment. This page describes the necessary requirements for integrating STACKIT Functions into your Continuous Deployment pipeline.

Authorize the pipeline

  1. Create a service account for your deployment pipeline. Give it a descriptive name, such as “functions-deployment-pipeline”
  2. Assign the “Functions Admin” role to the newly-created service account so it can access the Functions API.
  3. Create a service account key. Copy it in JSON format.
  4. Add the service account key to your pipeline as a secret. The exact location for configuring pipeline secrets will differ depending on your Continuous Integration / Continunous Deployment (CI/CD) pipeline provider. For example, in Forgejo (and thus STACKIT Git), you can find repository pipeline secrets under Repository > Settings > Actions > Secrets; in GitHub, secrets can be found in Repository > Settings > Secrets and Variables > Actions; and in Azure DevOps, secrets are specified in Pipelines > Library > Variable Groups or Pipelines > Pipeline > Edit > Variables
  5. Add registry credentials to your pipeline as a secret. You would need credentials for pushing images to the container registry of your choice; typically, the username and a password of an automated account. As mentioned above, the exact method for configuring pipeline secrets will differ depending on the pipeline provider you use.

Use the STACKIT Functions CLI in your pipeline

The way you configure your pipeline will depend on the exact Continuous Integration / Continunous Deployment (CI/CD) pipeline provider you use.

  1. Install the Functions CLI as one of the steps of the pipeline.

    With GitHub Actions or Forgejo Actions, you can add the following step inside of jobs.*.steps:

    - name: Install the STACKIT Functions CLI
  run: |
    curl https://raw.githubusercontent.com/stackitcloud/sfn-cli/refs/heads/main/install-sfn.sh | bash

  2. Use the sfn auth login command with the service account key, in a later step.

    With GitHub Actions or Forgejo Actions, you can add the following step inside of jobs.*.steps:

    - name: Log in to STACKIT Functions
  env:
    PROJECT_ID: "<your project ID here>"
  run: |
    $HOME/.local/bin/sfn auth login --service-account=${{ secrets.SERVICE_ACCOUNT }}

  3. Use the Deploy command.

    With GitHub Actions or Forgejo Actions, you can add the following step inside of jobs.*.steps:

    - name: Deploy to STACKIT Functions
  env:
    # Used by the sfn CLI as registry credentials:
    FUNC_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
    FUNC_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
  run: |
    $HOME/.local/bin/sfn function deploy