Last update: 2025-06-27
DNS Zone CI/CD on Scaleway
In this article, we will implement simple automated deployment of a DNS zone to Scaleway DNS.
Create your Zone File
We will be using a file named dns.zone at the root of the repo to hold our zone's data.
NB: If you're already using Scaleway DNS, you can export your current zone from the Scaleway API like this:
curl -s --fail-with-body -H "X-Auth-Token: $SCW_SECRET_KEY" \
"https://api.scaleway.com/domain/v2beta1/dns-zones/$DNS_ZONE/raw?format=bind" \
| jq -r .content | base64 --decode > dns.zone
Alternatively, you can also create your zone file from scratch, for example:
$ORIGIN example.org. @ 1800 IN NS ns0.dom.scw.cloud. @ 1800 IN NS ns1.dom.scw.cloud. @ 60 IN TXT "ok"
Configure Secrets for Github Actions
You will need several environment variables:
DNS_ZONE: Name of your DNS zone (without trailing dot), for example: "example.org".SCW_SECRET_KEY: Scaleway API secret key that can write to zone.SCW_PROJECT_ID: Scaleway project ID to which the zone belongs.
Setup a Github Workflow
Add the following file to .github/workflows/deploy.yml:
on:
push:
branches:
- main
jobs:
deploy:
name: Update DNS zone records
runs-on: ubuntu-latest
env:
DNS_ZONE: "${{ secrets.DNS_ZONE }}" # DNS zone (ex: "example.org")
SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }} # API secret key
SCW_PROJECT_ID: ${{ secrets.SCW_PROJECT_ID }} # Scaleway Project ID
steps:
- name: Checkout Git repo
uses: actions/checkout@v3
- name: Call provider API
run: |
echo "Updating zone..."
jq -n \
--arg project_id "$SCW_PROJECT_ID" \
--arg content "$(cat zone.dns)" \
'{"project_id": $project_id, "bind_source": {"content": $content}}' \
> body.json
curl -s --fail-with-body \
-H "Content-Type: application/json" \
-H "X-Auth-Token: $SCW_SECRET_KEY" \
-d @body.json \
"https://api.scaleway.com/domain/v2beta1/dns-zones/$DNS_ZONE/raw"
Push to Github
You're now good to go, Github will execute your workflow and your DNS zone gets updated everytime you push changes to it.