You can integrate GitHub Actions with Replit by connecting your Repl to a GitHub repository, then creating workflow YAML files that trigger on push or pull request events. While Replit does not natively run GitHub Actions, you can use Actions to lint, test, and validate code pushed from Replit, and trigger redeployments via Replit's deployment webhooks or the Replit CLI.
Connect GitHub Actions CI/CD Pipelines to Your Replit Project
This tutorial shows you how to set up continuous integration using GitHub Actions for a project built in Replit. You will connect your Repl to GitHub, create workflow files that run tests and linting on every push, and optionally trigger Replit redeployments from your CI pipeline. This guide is for developers who want automated quality checks on code written in Replit before it reaches production.
Prerequisites
- A Replit account on Core or Pro plan
- A GitHub account with repository access
- A working Replit App with code you want to test
- Basic understanding of Git (commit, push, pull)
- Familiarity with YAML syntax
Step-by-step guide
Connect your Repl to a GitHub repository
Connect your Repl to a GitHub repository
Open your Replit project and navigate to the Git pane by clicking Tools in the left sidebar, then selecting Git. Click 'Connect to GitHub' and authorize Replit to access your GitHub account if you have not already. Create a new repository or select an existing one. Replit will push your current code to the repository. From this point on, every commit you make in Replit syncs to GitHub, and GitHub Actions workflows will trigger automatically.
Expected result: Your Replit project is linked to a GitHub repository. You can see the repository URL in the Git pane, and your code appears on GitHub.
Create the GitHub Actions workflow directory
Create the GitHub Actions workflow directory
In your Replit file tree, create the directory structure that GitHub Actions requires. Click the three-dot menu in the file tree and select 'Add folder.' Create a folder called .github, then inside it create another folder called workflows. GitHub automatically detects YAML files in this path and runs them as CI workflows. You may need to enable 'Show hidden files' in the file tree menu to see the .github directory after creating it.
Expected result: A .github/workflows/ directory exists in your project root, visible in the file tree when hidden files are shown.
Create a CI workflow file for testing and linting
Create a CI workflow file for testing and linting
Inside .github/workflows/, create a file called ci.yml. This workflow runs on every push and pull request to the main branch. It checks out your code, installs dependencies, runs your linter, and executes your test suite. The example below is for a Node.js project. Adjust the Node version and commands to match your stack. For Python projects, replace the npm commands with pip install and pytest.
1name: CI23on:4 push:5 branches: [main]6 pull_request:7 branches: [main]89jobs:10 test:11 runs-on: ubuntu-latest12 steps:13 - name: Checkout code14 uses: actions/checkout@v41516 - name: Set up Node.js17 uses: actions/setup-node@v418 with:19 node-version: '20'20 cache: 'npm'2122 - name: Install dependencies23 run: npm ci2425 - name: Run linter26 run: npm run lint2728 - name: Run tests29 run: npm testExpected result: After committing and pushing this file, GitHub Actions runs the workflow. Check the Actions tab on your GitHub repository to see the results.
Store secrets in GitHub for secure API access
Store secrets in GitHub for secure API access
If your tests or deployment scripts need API keys or tokens, store them as GitHub Secrets rather than hardcoding them. Go to your GitHub repository in the browser, click Settings, then Secrets and variables, then Actions. Click 'New repository secret' and add each secret with a name and value. These secrets are available in your workflow files as ${{ secrets.SECRET_NAME }}. Never store secrets in your workflow YAML files or in your Replit code.
1# Example: using a GitHub Secret in a workflow step2- name: Deploy to production3 env:4 REPLIT_TOKEN: ${{ secrets.REPLIT_TOKEN }}5 run: |6 curl -X POST https://your-deploy-webhook-url.replit.app/deploy \7 -H "Authorization: Bearer $REPLIT_TOKEN"Expected result: Your secrets are securely stored in GitHub and accessible to workflow steps without being exposed in code or logs.
Add a deployment trigger workflow
Add a deployment trigger workflow
Create a second workflow file called deploy.yml that triggers only when tests pass on the main branch. This workflow can hit a webhook endpoint on your Replit deployment or use the Replit API to trigger a redeploy. The example below uses a simple webhook approach where your deployed Replit app exposes a /deploy endpoint that pulls the latest code. This is useful when you want GitHub to be the source of truth and Replit to automatically pick up validated changes.
1name: Deploy23on:4 workflow_run:5 workflows: [CI]6 types: [completed]7 branches: [main]89jobs:10 deploy:11 runs-on: ubuntu-latest12 if: ${{ github.event.workflow_run.conclusion == 'success' }}13 steps:14 - name: Trigger Replit redeploy15 run: |16 curl -X POST "${{ secrets.REPLIT_DEPLOY_WEBHOOK }}" \17 -H "Content-Type: application/json" \18 -H "Authorization: Bearer ${{ secrets.DEPLOY_SECRET }}" \19 -d '{"ref": "main", "triggered_by": "github_actions"}'Expected result: When you push to main and all tests pass, the deploy workflow automatically triggers a redeployment of your Replit app.
Set up a webhook endpoint in your Replit app
Set up a webhook endpoint in your Replit app
For the deployment trigger to work, your Replit app needs an endpoint that handles the webhook. Add a simple route that validates the authorization header and triggers a git pull or application restart. Store the DEPLOY_SECRET in Replit's Secrets tool (Tools sidebar, then Secrets) so it matches the value in GitHub Secrets. This creates a secure handshake between GitHub Actions and your Replit deployment.
1// Express.js webhook endpoint example2const express = require('express');3const { execSync } = require('child_process');4const app = express();56app.post('/deploy', (req, res) => {7 const token = req.headers.authorization?.split(' ')[1];8 if (token !== process.env.DEPLOY_SECRET) {9 return res.status(401).json({ error: 'Unauthorized' });10 }11 try {12 execSync('git pull origin main', { stdio: 'inherit' });13 res.json({ status: 'deployed', timestamp: new Date().toISOString() });14 } catch (error) {15 res.status(500).json({ error: 'Deploy failed' });16 }17});1819app.listen(3000, '0.0.0.0', () => {20 console.log('Server running on port 3000');21});Expected result: Your Replit app has a /deploy endpoint that accepts webhook calls from GitHub Actions, pulls the latest code, and confirms successful deployment.
Commit, push, and verify the pipeline
Commit, push, and verify the pipeline
With everything in place, make a small change to your code in Replit, commit it via the Git pane, and push to GitHub. Switch to your GitHub repository in the browser and click the Actions tab. You should see the CI workflow running. Once it completes successfully, the Deploy workflow should trigger automatically. Check the workflow logs for any errors and verify your Replit app is serving the updated code.
Expected result: The CI workflow shows green checkmarks for all steps. If the deploy workflow is configured, your Replit app is automatically updated with the latest code.
Complete working example
1name: CI23on:4 push:5 branches: [main]6 pull_request:7 branches: [main]89jobs:10 lint-and-test:11 runs-on: ubuntu-latest12 strategy:13 matrix:14 node-version: [18, 20]15 16 steps:17 - name: Checkout code18 uses: actions/checkout@v41920 - name: Set up Node.js ${{ matrix.node-version }}21 uses: actions/setup-node@v422 with:23 node-version: ${{ matrix.node-version }}24 cache: 'npm'2526 - name: Install dependencies27 run: npm ci2829 - name: Run linter30 run: npm run lint31 continue-on-error: false3233 - name: Run unit tests34 run: npm test -- --coverage35 env:36 CI: true3738 - name: Upload coverage report39 if: matrix.node-version == 2040 uses: actions/upload-artifact@v441 with:42 name: coverage-report43 path: coverage/44 retention-days: 74546 deploy:47 needs: lint-and-test48 runs-on: ubuntu-latest49 if: github.ref == 'refs/heads/main' && github.event_name == 'push'50 steps:51 - name: Trigger Replit deploy52 run: |53 RESPONSE=$(curl -s -o /dev/null -w "%{http_code}" \54 -X POST "${{ secrets.REPLIT_DEPLOY_WEBHOOK }}" \55 -H "Content-Type: application/json" \56 -H "Authorization: Bearer ${{ secrets.DEPLOY_SECRET }}" \57 -d '{"ref": "main"}')58 if [ "$RESPONSE" != "200" ]; then59 echo "Deploy webhook returned $RESPONSE"60 exit 161 fi62 echo "Deploy triggered successfully"Common mistakes when using GitHub Actions with Replit
Why it's a problem: Putting API keys directly in the workflow YAML file instead of using GitHub Secrets
How to avoid: Go to your GitHub repo Settings > Secrets and variables > Actions. Add secrets there and reference them as ${{ secrets.NAME }} in your workflow.
Why it's a problem: Forgetting that Replit workspace secrets do not carry over to the CI environment
How to avoid: Any environment variables your tests need must be set either in GitHub Secrets or as env values in the workflow YAML. Replit Secrets are only available inside the Replit workspace.
Why it's a problem: Using 'npm install' instead of 'npm ci' in the CI workflow, causing inconsistent dependency versions
How to avoid: Replace 'npm install' with 'npm ci'. This installs exact versions from package-lock.json and is faster in CI environments.
Why it's a problem: Not binding the Replit server to 0.0.0.0, causing the webhook endpoint to be unreachable
How to avoid: Change app.listen(3000) to app.listen(3000, '0.0.0.0'). Replit requires binding to all interfaces, not just localhost.
Why it's a problem: Creating the workflow file in the wrong directory path
How to avoid: The path must be exactly .github/workflows/filename.yml. GitHub Actions only detects workflows in this specific directory structure.
Best practices
- Always use 'npm ci' instead of 'npm install' in CI workflows for faster, deterministic dependency installation
- Store all sensitive values (API keys, deploy tokens) in GitHub Secrets, never in workflow files or code
- Use the workflow_run trigger for deployment jobs so they only execute after tests pass
- Test your CI workflow on a branch first before merging to main to avoid breaking the pipeline
- Add a timeout-minutes value to jobs to prevent runaway builds from consuming Actions minutes
- Keep Replit Secrets and GitHub Secrets in sync when using the same API keys in both environments
- Use matrix builds to test against multiple Node.js or Python versions simultaneously
- Add status badges to your README so collaborators can see pipeline health at a glance
Still stuck?
Copy one of these prompts to get a personalized, step-by-step explanation.
I have a Node.js project on Replit connected to GitHub. Help me create a GitHub Actions workflow that runs ESLint and Jest tests on every push to main, and triggers a redeployment of my Replit app when tests pass. Include the YAML file and a webhook endpoint for the Replit app.
Set up a GitHub Actions CI pipeline for this project. Create .github/workflows/ci.yml that runs linting and tests on push. Add a /deploy webhook endpoint to the Express server that pulls latest code from GitHub when called. Store the deploy secret in Replit Secrets.
Frequently asked questions
No. GitHub Actions run on GitHub's servers (ubuntu-latest, windows-latest, or macos-latest runners), not inside Replit. Replit pushes code to GitHub, and GitHub Actions processes it independently. The results appear in the Actions tab on your GitHub repository.
No. GitHub Actions is free for public repositories with generous limits. Private repositories get 2,000 free minutes per month on the GitHub Free plan, which is enough for most small to medium projects.
There is no native integration to view Actions results in Replit. Check the Actions tab on your GitHub repository in a browser. You can also add a GitHub status badge to your README that shows the current pipeline status.
Yes. Prompt Replit Agent with: 'Create a GitHub Actions CI workflow that runs my tests on every push to main. Create the .github/workflows/ci.yml file.' Agent v4 can create the workflow file, though you will still need to configure GitHub Secrets manually in the GitHub web interface.
If tests fail, the deploy workflow will not trigger (assuming you used the workflow_run conditional). The failed workflow appears with a red X in the GitHub Actions tab. Fix the failing tests in Replit, commit, and push again to re-trigger the pipeline.
Yes. Since Replit syncs with GitHub bidirectionally, pushing to the connected GitHub repository from Actions automatically updates the Repl. However, this does not trigger a redeployment. For automated redeployment, the webhook approach described in this tutorial is the most reliable method.
Yes. The RapidDev engineering team specializes in setting up production-grade CI/CD pipelines that connect Replit projects to GitHub Actions with automated testing, staging environments, and deployment triggers. This is especially helpful for teams that need multi-environment workflows beyond what a single Repl supports.
Talk to an Expert
Our team has built 600+ apps. Get personalized help with your project.
Book a free consultation