GitHub Actions can be used to do something whenever something happens in one of your GitHub repositories. If you are not familiar with GitHub Actions, check out my article Getting Started with GitHub Actions.

Let's say you have a repository named my-repo that contains 2 files, foo.jpg and bar.jpg, perhaps like this.

• https://github.com/JohnDoe/my-repo/blob/main/images/foo.jpg
• https://github.com/JohnDoe/my-repo/blob/main/images/bar.jpg

Check out my article Public key authentication with OpenSSH on Linux for details on how to configure the target server to allow SSH connections.

You can SCP files using:

• The plain ole run command (this article)
• appleboy SCP action

The plain ole run command can be used to SCP one or more files in one of your GitHub repositories to one or more target servers.

name: GitHub Action
run-name: ${{ github.workflow }} run by ${{ github.actor }}
on:
  push:
    branches:
      - main
jobs:
  github-action-job:
    runs-on: ubuntu-latest
    steps:      
      - name: Checking out the repository code . . .
        uses: actions/checkout@v4
      
      - name: copy foo.jpg to /tmp
        run: scp foo.jpg ec2-user@ec2-10-11-12-13.compute-1.amazonaws.com:/tmp

More realistically, here an an example of SCP files that were changed in a pull request.

name: my-workflow
run-name: ${{ github.workflow }} run by ${{ github.actor }}
on:
  workflow_dispatch:
  pull_request:
    types: [closed]
jobs:
  my-job:
    if: github.event.pull_request.merged == true
    runs-on: ubuntu-latest
    steps:
      - name: Checkout branch ${{ github.event.pull_request.head.ref }} (Pull Request ${{ github.event.pull_request.number }})
        uses: actions/checkout@v4
        with:
          ref: ${{ github.event.pull_request.head.ref }}

      - name: Get the list of files that were changed in Pull Request ${{ github.event.pull_request.number }}
        id: changed-files
        uses: tj-actions/changed-files@v40

      - name: List all of the files that were changed in Pull Request ${{ github.event.pull_request.number }}
        run: echo '${{ steps.changed-files.outputs.all_changed_files }}'

      - name: create ~/.ssh/id_rsa in runner VM
        run: |
          install -m 600 -D /dev/null ~/.ssh/id_rsa
          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa

      - name: create directories on target server
        run: ssh -o StrictHostKeyChecking=no ec2-user@ec2-10-11-12-13.compute-1.amazonaws.com "for file in \$(echo '${{ steps.changed-files.outputs.all_changed_files }}'); do mkdir --parents /tmp/\$(dirname \$file); chmod -R 2770 /tmp/\$(dirname \$file); done"

      - name: SCP the files that were changed in Pull Request ${{ github.event.pull_request.number }} to /tmp on target server
        run: |
          files=(${{ steps.changed-files.outputs.all_changed_files }})
          for file in ${files[@]}; do
            scp -o StrictHostKeyChecking=no $file ec2-user@ec2-10-11-12-13.compute-1.amazonaws.com:/tmp/$(dirname $file)
          done;

You may need to uncheck this setting for the GitHub Action to work properly.