--- title: Deploy app components in a CD pipeline description: Learn how to set up Shopify CLI for use in a CI/CD pipeline. source_url: html: 'https://shopify.dev/docs/apps/launch/deployment/deploy-in-ci-cd-pipeline' md: 'https://shopify.dev/docs/apps/launch/deployment/deploy-in-ci-cd-pipeline.md' --- # Deploy app components in a CD pipeline Availability This CI/CD deployment method is only available for Partner organization accounts, as it uses CLI authentication tokens that can only be generated from the [Partner Dashboard](https://partners.shopify.com/current/settings). This method is not available for apps owned by Merchant organizations, including: * Apps created by merchants through the [Dev Dashboard](https://shopify.dev/docs/beta/next-gen-dev-platform/dev-dashboard) in a merchant organization. * Apps created by merchants directly in Shopify admin. If you have app configuration and extensions that you want to deploy to Shopify regularly, then you can integrate Shopify CLI into your CI/CD pipeline to programmatically deploy your app components using the `deploy` command. Note that the `deploy` command deploys everything in your project at once. You can't deploy only some extensions. You also can't deploy your app configuration on its own. Caution The `shopify app config push` Shopify CLI command is no longer supported. If you're using this command in your workflow, follow [these steps](https://shopify.dev/docs/apps/build/cli-for-apps/app-configuration#migrate-from-config-push) to update app configuration with the `deploy` command. *** ## What you'll learn In this tutorial, you'll learn how to set up your CI/CD pipeline to deploy your app programmatically. To do so, you'll gather the information necessary to run Shopify CLI commands, and then add a step to your CI/CD pipeline that installs Shopify CLI and deploys your app components. *** ## How it works Caution Any extensions that aren't present in the environment you're deploying from are removed. Your app configuration and all extensions are versioned together as a single [app version](https://shopify.dev/docs/apps/launch/deployment/app-versions). When you run the [`deploy` command](https://shopify.dev/docs/api/shopify-cli/app/app-deploy) using [Shopify CLI](https://shopify.dev/docs/api/shopify-cli), an app version is created and released. You can revert to a previous app version at any time. Releasing an app version replaces the current active version that's served to stores that have your app installed. It might take several minutes for app users to be upgraded to the new version. Note If you want to create a version, but want to avoid releasing it to users, then run the `deploy` command with a `--no-release` flag. You can release the unreleased app version using Shopify CLI's [`release`](https://shopify.dev/docs/api/shopify-cli/app/app-release) command, or through the Dev Dashboard. *** ## Requirements * You're a [Partner organization owner](https://help.shopify.com/partners/dashboard/account-access). * [Scaffold an app that uses Shopify CLI 3.0 or higher](https://shopify.dev/docs/apps/build/scaffold-app). *** ## Step 1: Create a production app configuration file If you don't already have an [app configuration file](https://shopify.dev/docs/apps/build/cli-for-apps/app-configuration) for the production copy of your app, then use the `app config link` command to create or link to an existing app. ## Terminal ```terminal shopify app config link ``` Learn more about [creating and linking app configurations](https://shopify.dev/docs/apps/build/cli-for-apps/manage-app-config-files). *** ## Step 2: Generate a CLI authentication token You can create a new CLI authentication token through the [Partner Dashboard](https://partners.shopify.com/current/settings). Tokens are managed at the Partner organization level. You can have only two CLI authentication tokens for your Partner organization. If you want to create more than two authentication tokens, then you need to delete an existing authentication token. ### Generate a CLI authentication token in the Partner Dashboard 1. From your [Partner Dashboard](https://partners.shopify.com/current/settings/), navigate to **Settings** > **CLI token**, and then click **Manage tokens**. 2. From the **Token expiration** drop-down list, select an expiration for the token. 3. Click **Generate token**. 4. In the **Tokens** section, click the **Copy** button to copy the access token to your clipboard. This token value will be passed as a parameter in your [Shopify CLI automation](#step-3-integrate-shopify-cli-into-your-pipeline). For security reasons, the token is only visible immediately after it's created. If you lose your token, then you need to delete your existing token and then generate a new token. *** ## Step 3: Integrate Shopify CLI into your pipeline After you retrieve your deployment variables and CLI authentication token, you can integrate Shopify CLI into your continuous deployment pipeline using your CI/CD provider. The CD pipeline step should install [Shopify CLI](https://shopify.dev/docs/api/shopify-cli). To deploy to Shopify programmatically using your CD pipeline step, include the following: * An environment variable that contains the authentication token [that you generated](#step-2-generate-a-cli-authentication-token) in the Partner Dashboard. Info Where possible, you should protect the authentication token value by masking it or storing it as a secret. * The name of your app configuration file that you [created](#step-1-create-a-production-app-configuration-file). * A step that sets up Node.js and installs your project's Node dependencies. The package manager that you use should match your project's lockfile. * If you're using GitHub Actions, then you can use [actions/setup-node](https://github.com/actions/setup-node). * If you're using CircleCI, then you can use [circleci/node](https://circleci.com/developer/orbs/orb/circleci/node). * Steps that install [the other dependencies for your project](#additional-project-dependencies). * A step that runs the CLI `deploy` command with the `--config` and `--allow-updates` flags set. ### Link commits to app versions You can link a source control commit to an app version by adding the [`--source-control-url=`](https://shopify.dev/docs/api/shopify-cli/app/app-deploy#flags) flag to the `deploy` command. The link that you provide appears in the details page for the app version in the Dev Dashboard. This information allows team members to easily view the corresponding source commit or revision for an app version. To learn how to use this flag to provide a GitHub commit URL for an app version in your CI/CD workflow, refer to [examples](#examples). ### Controlling extension and configuration deployment The `--allow-updates` and `--allow-deletes` flags on the `app deploy` and `app release` commands control the allowed changes to your app configuration and extensions in non-interactive terminal sessions. * **`--allow-updates`**: Lets you deploy new app configuration and extensions, and update existing ones. * **`--allow-deletes`**: Lets you delete app configuration and extensions. Caution Deleting app configuration and extensions also deletes related data on stores that have your app installed. To avoid accidentally deleting store data, use only the `--allow-updates` flag in your default CI/CD workflow. Use the `--allow-deletes` flag or its equivalent environment variable (`SHOPIFY_FLAG_ALLOW_DELETES`) only for manual workflow runs when you need to delete configuration or extensions. ### Additional project dependencies The dependencies that are required to deploy your app extension depend on the technologies that you use to build the extension. Below are examples of common additional dependencies you'll need: | App extension type | Additional dependencies | | - | - | | Extensions that use [Shopify Functions](https://shopify.dev/docs/apps/build/functions), including product, order, and shipping discount extensions | Your function language | ### Examples The sections below provide examples of common CI/CD pipeline tools: GitHub Actions and CircleCI. #### Git​Hub Actions Below is an example of a step that you might add to your GitHub Actions workflow. It deploys app components to Shopify when code is pushed to the `main` branch. The package manager that you use in your GitHub Action should match your project's lockfile. ## .github/workflows/deploy-extensions.yml ##### npm ```yml name: Deploy app on: push: branches: - main jobs: deploy: name: Deploy runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - uses: actions/setup-node@v3 with: node-version: 18 cache: 'npm' - name: Install npm dependencies run: npm install - name: Install Shopify CLI run: npm install -g @shopify/cli@latest - name: Deploy env: # Token from the Partner Dashboard SHOPIFY_CLI_PARTNERS_TOKEN: ${{ secrets.SHOPIFY_CLI_PARTNERS_TOKEN }} COMMIT_URL: ${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }} run: shopify app deploy --config production --allow-updates --source-control-url "$COMMIT_URL" ``` ##### Yarn ```yml name: Deploy app on: push: branches: - main jobs: deploy: name: Deploy runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - uses: actions/setup-node@v3 with: node-version: 18 cache: 'yarn' - name: Install npm dependencies run: yarn install - name: Install Shopify CLI run: yarn global add @shopify/cli@latest - name: Deploy env: # Token from the Partner Dashboard SHOPIFY_CLI_PARTNERS_TOKEN: ${{ secrets.SHOPIFY_CLI_PARTNERS_TOKEN }} COMMIT_URL: ${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }} run: shopify app deploy --config production --allow-updates --source-control-url "$COMMIT_URL" ``` ##### pnpm ```yml name: Deploy app on: push: branches: - main jobs: deploy: name: Deploy runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - uses: actions/setup-node@v3 with: node-version: 18 cache: 'pnpm' - name: Install npm dependencies run: pnpm install - name: Install Shopify CLI run: pnpm install -g @shopify/cli@latest - name: Deploy env: # Token from the Partner Dashboard SHOPIFY_CLI_PARTNERS_TOKEN: ${{ secrets.SHOPIFY_CLI_PARTNERS_TOKEN }} COMMIT_URL: ${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }} run: shopify app deploy --config production --allow-updates --source-control-url "$COMMIT_URL" ``` #### Circle​CI The following config file defines a job that's triggered by a CircleCI workflow. The package manager that you use in your job should match your project's lockfile. ## .circleci/config.yml ##### npm ```yml version: 2.1 orbs: node: circleci/node@5.0.2 jobs: deploy: docker: - image: cimg/node:20.5.0 environment: COMMIT_URL: << pipeline.project.git_url >>/commit/<> steps: - checkout - node/install-packages: with-cache: true - run: name: Install Shopify CLI command: npm install -g @shopify/cli@latest - run: name: Deploy environment: # SHOPIFY_CLI_PARTNERS_TOKEN should be present as a secret command: | shopify app deploy --config production --allow-updates --source-control-url $COMMIT_URL workflows: version: 2 deploy: jobs: - deploy: filters: branches: only: main ``` ##### Yarn ```yml version: 2.1 orbs: node: circleci/node@5.0.2 jobs: deploy: docker: - image: cimg/node:20.5.0 environment: COMMIT_URL: << pipeline.project.git_url >>/commit/<> steps: - checkout - node/install: install-yarn: true - node/install-packages: pkg-manager: yarn with-cache: true - run: name: Install Shopify CLI command: yarn global add @shopify/cli@latest - run: name: Deploy environment: # SHOPIFY_CLI_PARTNERS_TOKEN should be present as a secret command: | shopify app deploy --config production --allow-updates --source-control-url $COMMIT_URL workflows: version: 2 deploy: jobs: - deploy: filters: branches: only: main ``` ***