Install

One click deployment

Overview

This guide helps you deploy the DIGIT platform using GitHub Actions on AWS with minimal steps.

Pre-Requisites

  • AWS Account (with admin access)

  • GitHub Organisation Account

  • IAM User with Access Key and Secret Key

  • Terraform uses ap-south-1 (for now, hardcoded)

  • SOPS for encrypting secrets

  • Use a private GitHub repo to secure sensitive data

Steps

1

Create AWS Access Credentials

If not already done:

  • Go to AWS Console → IAM → Users → Add user

  • Assign Admin access

  • Generate:

    • AWS_ACCESS_KEY_ID

    • AWS_SECRET_ACCESS_KEY

Example:

AWS_ACCESS_KEY_ID=A************FQ
AWS_SECRET_ACCESS_KEY=tqM************************+lfTt
AWS_REGION=ap-south-1
2

Setup GitHub Repository

  1. Fork the DevOps repository to your GitHub Org

    • Uncheck “Copy the master branch only”

  2. Enable GitHub Actions workflows for the repo

  3. Go to:

    • SettingsSecrets and VariablesActionsNew Repository Secret

    • Add the below secrets: (refer to the table below)

Name
Value

AWS_ACCESS_KEY_ID

<your_access_key>

AWS_SECRET_ACCESS_KEY

<your_secret_key>

AWS_REGION

ap-south-1

AWS_DEFAULT_REGION

ap-south-1

3

Clone & Checkout Code

git clone https://github.com/<your-org>/Citizen-Complaint-Resolution-System.git
cd Citizen-Complaint-Resolution-System
git checkout master
4

Generate SSH Key Pair

Use either of the two methods (for demo use only):

ssh-rsa AAAAB3NzaC1yc2EAAAADAQA*************************************HBFUNjyMLpFltqwbsA*************************************MaMhX7Ou3*************************************PWHKx*************************************oVTBWxloXFQy/XFU*************************************W/QVdgs5xp+P5hhZgm9WpdN3Cz*************************************clYmUHoPCPwKIqElX2DZzYGJc*************************************y4gR

Sample Private Key:

-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAue4+1*********************K7mGXRIv6enEP4lN/y9i287wsNBpg+IDGjIV************************************************************************************
+zrt79wBgG5vlGMoT1hysRDpxNNlDdimE6G8OHaCj6e5cwhXrMt1swKFUwVsZaFx
UMv1xVFU/OsrJ8v8***************************************************************** **********************Sd74a4d2h28pIEHNbrlvAVn7Zt9IDC
kgske+VBY+X0D2en1l8bt3Vdnn5xgcDQsPmp6GdoRfE2luJ6lAe+mdkCgYEA0wUj
tUHRH9sI3X86wZVREt*************************************************************** **********************************poTy6hNQr9IT2TsBckuN/qqockBR/j+iRap7lec3tJM
vdmMVP0Ed7GjBiSBVeHeHVg+Dt6+AqayWqU0hPkCgYB6o+bof7XnnsmBjvLVFO15
LlDiIZQFBtr7CriRDD2Nx************************************************************* ************************************TCaHk8CGmA+TXSKM9q7cTtMb6ythUQhZrpq 0EEY5TgQKBgQ*************************************************************8/PD+mT 5jFvon5Q==
-----END RSA PRIVATE KEY-----
5

Configure Infrastructure Inputs

Go to: Devops/infra-as-code/terraform/sample-aws/input.yaml

Fill values for:

Parameter
Description

cluster_name

Lowercase alphanumeric & hyphens only

ssh_key_name

Any alphanumeric string

public_ssh_key

Paste public key here

db_name

Alphanumeric

db_username

Alphanumeric

domain_name

Your domain (e.g. demo.digit.org)

terraform_state_bucket_name

Unique S3 bucket name

6

Configure Application Secrets

Go to: Devops/deploy-as-code/charts/environments/env-secrets.yaml

Update:

  • db_password

  • ssh_private_key under git-sync (maintain indentation)

Also, add the public key to your GitHub account (for code syncing).

7

Trigger Deployment

Push your changes to the master branch.

Then:

  • Go to GitHub → Actions tab

  • A workflow will auto-start

  • Watch logs to ensure successful deployment

8

Setup Kubeconfig

Ensure AWS CLI is configured:

aws configure --profile <profile_name>
export AWS_PROFILE=<profile_name>
aws configure list --profile <profile_name>

Then get the kubeconfig:

aws eks --region ap-south-1 update-kubeconfig --name <cluster_name>
kubectl config use-context <cluster_name>
kubectl get nodes
kubectl get pods -A
9

Domain Setup

To get the domain:

kubectl get svc ingress-nginx-controller -n backbone -o jsonpath='{.status.loadBalancer.ingress[0].hostname}'

Example output:

ae210873da6f.ap-south-1.elb.amazonaws.com

➡️ Add this as a CNAME record in your domain provider settings.

10

Log in to DIGIT

https://<your-domain>/employee

Log in using the username/password from env-secrets.yaml.

Clean Up (Uninstall DIGIT)

To destroy the infrastructure:

  1. Go to GitHub → Actions → DIGIT-Install workflow

  2. Click Run workflow

  3. In the input box, type: destroy

  4. Monitor the job status

✅ This will remove all DIGIT infrastructure via Terraform.

💡 Note: If using a different branch (e.g. digit-install), ensure it’s mentioned in the workflow YAML under branches: the section.

Summary

Step
What to Do

IAM Setup

Create IAM user with keys

GitHub Secrets

Add 4 AWS-related secrets

Key Generation

Create SSH key pair

Infra Inputs

Fill input.yaml with your values

App Secrets

Add db_password and SSH key

Deployment

Push changes → GitHub workflow

KubeConfig

Setup CLI and connect to cluster

Domain Mapping

Add CNAME to DNS

Cleanup

Use destroy in GitHub workflow

PreviousSetupNextGet Started

Last updated

Was this helpful?