How to use GitHub Actions environments for staged deployments
environments, environment protection rules, required reviewers, wait timer, environment secrets, staging vs production, deployment approval
What are Environments?
GitHub Environments model deployment targets (staging, production) with protection rules. A job referencing an environment pauses until all protection rules are satisfied.
Defining Environments
Create environments in Settings → Environments. Add protection rules: required reviewers (specific GitHub users must approve), wait timer (mandatory delay before deploy runs), or branch restrictions (only certain branches can deploy).
Using Environments in Workflows
jobs:
deploy-staging:
runs-on: ubuntu-latest
environment: staging
steps:
- run: echo "Deploying to staging"
deploy-production:
runs-on: ubuntu-latest
needs: deploy-staging
environment:
name: production
url: https://myapp.com
steps:
- run: echo "Deploying to production"The deploy-production job will pause at the environment gate and send a review request to the required reviewers. Only after approval does the job execute. Environment secrets are separate from repository secrets — values in the production environment override identically named repository secrets, allowing different API keys per environment.