Skip to main content
Configure a Continuous Integration or Continuous Deployment system (CI/CD) to automatically deploy a new version of an app to production/development when a branch is pushed or workflow triggered. This guide sets up a CI/CD pipeline using GitHub Actions and Cerebrium’s Service Accounts.
Maintaining separate development and production apps in separate projects is recommended, so that changes can be safely tested before going live.

1. Authenticating to Cerebrium

The GitHub Action workflow uses a Service Account key to authenticate to Cerebrium. Service Account keys are credentials tied to a specific service, not an individual.
  1. Go to the Cerebrium Dashboard and open the API Keys page.
  2. Click Create Service Account, name it "GitHub Actions CI/CD", choose an expiry date, and click Create.
  3. Copy the key generated for the new service account.
Cerebrium API Keys dashboard

2. Define secrets in a GitHub environment

Store this key in a secret for use in GitHub Actions workflows.
  1. Navigate to the GitHub repository → Settings → Environments
  2. Create environments named "dev" and/or "prod" (Adjust to specific needs)
  3. Inside each environment, add 2 secrets:
    • Name: CEREBRIUM_SERVICE_ACCOUNT_TOKEN
    • Value: the key copied in the previous step
    • Name: CEREBRIUM_PROJECT_ID
    • Value: your project ID
🔒 Use secrets, not plain environment variables, to prevent leaking sensitive data in logs.
GitHub

3. GitHub Actions Workflow

GitHub Actions use workflow files in the .github/workflows/ directory. Create one to define the deployment process.
  1. Create a .github/workflows directory in the root of a new or existing GitHub repository
  2. Within that directory, create a new file named cerebrium-deploy.yml
  3. Paste the following YAML into the file:
name: Cerebrium Deployment
on:
  push:
    branches:
      - master
  workflow_dispatch:
    inputs:
      environment:
        description: "Environment"
        type: choice
        options:
          - "dev"
          - "prod"
        required: true
        default: "dev"
  pull_request:
    branches:
      - master
      - development

jobs:
  deployment:
    runs-on: ubuntu-latest
    environment: ${{ github.event.inputs.environment || (github.ref == 'refs/heads/master' && 'prod') || 'dev' }}
    env:
      ENV: ${{ github.event.inputs.environment || (github.ref == 'refs/heads/master' && 'prod') || 'dev' }}
      CEREBRIUM_SERVICE_ACCOUNT_TOKEN: ${{ secrets.CEREBRIUM_SERVICE_ACCOUNT_TOKEN }}
      CEREBRIUM_PROJECT_ID: ${{ secrets.CEREBRIUM_PROJECT_ID }}
    steps:
      - uses: actions/checkout@v4.0
      - uses: actions/setup-python@v5.0
        with:
          python-version: "3.10"

      - name: Install Cerebrium
        run: pip install cerebrium

      - name: Set Cerebrium Project ID
        run: cerebrium project set ${{ secrets.CEREBRIUM_PROJECT_ID }}

      - name: Deploy App
        run: cerebrium deploy
Once committed, this workflow will automatically:
  • Deploy a production application on every push to master.
  • Deploy a development app on pull requests to master or development branches.
Monitor workflow runs in the “Actions” tab of the repository on GitHub.