Maintaining separate development and production apps in separate projects
is recommended, so that changes can be safely tested before going live.
1. Authenticating to Cerebrium
The GitHub Action workflow will use a Service Account key to authenticate to Cerebrium. Service Account keys are credentials that are not tied to an indivdual but to a specific service.- Go to the Cerebrium Dashboard and open the API Keys page.
- Click Create Service Account, name it
"GitHub Actions CI/CD"
, choose an expiry date, and click Create. - Copy the key generated for the new service account.

2. Define secrets in a GitHub environment
Store this key in a secret for use in GitHub Actions workflows.- Navigate to the GitHub repository → Settings → Environments
- Create environments named
"dev"
and/or"prod"
(Adjust to specific needs) - Inside each environment, add 2 secrets:
- Name:
CEREBRIUM_SERVICE_ACCOUNT_TOKEN
- Value: the key copied in the previous step
- Name:
CEREBRIUM_PROJECT_ID
- Value: your project ID
- Name:
🔒 Use secrets, not plain environment variables, to prevent leaking sensitive data in logs.

3. GitHub Actions Workflow
GitHub Actions use workflow files located in the.github/workflows/
directory of a repository. Create one to define a deployment process.
- Create a
.github/workflows
directory in the root of a new or existing GitHub repository - Within that directory, create a new file named
cerebrium-deploy.yml
- Paste the following YAML into the file:
- Deploy a production application on every push to master.
- Deploy a development app on pull requests to master or development branches.