connect to postgres flexible-server from Github Actions

Question

I'm trying to connect to my postgre-sql on a flexible server database from github actions, following this tutorial: https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/how-to-deploy-github-action?tabs=openid#copy-the-azure-database-for-postgresql-flexible-server-connection-string

If I follow that exactly, I get the error: 'Please provide a valid connection string. A valid connection string is a series of keyword/value pairs separated by space. Spaces around the equal sign are optional. To write an empty value, or a value containing spaces, surround it with single quotes, e.g., keyword = 'a value'. Single quotes and backslashes within the value must be escaped with a backslash'.

I modified the connection string to this:

connection-string: "psql host=SERVER_NAME.postgres.database.azure.com;port=5342;dbname=DB_NAME;user=USER_NAME;password=${{ secrets.AZURE_POSTGRES_PASSWORD }};sslmode=require"

but then I get an error saying 'Error: Unable to get details of PSQL server SERVER_NAME. PSQL server 'SERVER_NAME' was not found in the subscription.'

Running 'az postgres server list' in CloudShell returns [].

Running 'az postrges flexible-server list' returns SERVER_NAME.

Anyone else had this issue, and an idea how to solve it?

Answer 1

Hello Sophie,

Welcome to the Microsoft Q&A and thank you for posting your questions here.

I understand that you unable to connect to postgres flexible-server from Github Actions.

Option 1: Working GitHub Action Using psql Directly

name: Deploy to PostgreSQL Flexible Server
on:
  push:
    branches:
      - main
jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Install PostgreSQL Client
        run: sudo apt-get update && sudo apt-get install -y postgresql-client
      - name: Run SQL script on PostgreSQL Flexible Server
        env:
          PGPASSWORD: ${{ secrets.AZURE_POSTGRES_PASSWORD }}
        run: 
          psql "host=${{ secrets.AZURE_POSTGRES_HOST }} port=5432 dbname=${{ secrets.AZURE_POSTGRES_DB }} user=${{ secrets.AZURE_POSTGRES_USER }} sslmode=require" -f ./schema.sql

You will have to set the secrets in GitHub Repository Settings:

 `AZURE_POSTGRES_PASSWORD`: Your DB user password                                    
 `AZURE_POSTGRES_USER` : Your DB user (e.g., `myuser@myserver`)                   
 `AZURE_POSTGRES_DB` : Your DB name                                             
 `AZURE_POSTGRES_HOST`: Your host (e.g., `myserver.postgres.database.azure.com`) 

CAUTION:

Your Azure PostgreSQL Flexible Server allows public access (or GitHub IPs if firewall restricted)

• The user has permissions on the DB
• The DB and server names are exact
• You're using port 5432, not 5342

Option 2: Using the Official Azure PostgreSQL GitHub Action

This uses Azure/postgresql-action@v1 to run SQL scripts directly.

name: Deploy SQL to Azure PostgreSQL
on:
  push:
    branches:
      - main
jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v3
      - name: Run SQL script on Azure PostgreSQL
        uses: Azure/postgresql-action@v1
        with:
          server-name: ${{ secrets.AZURE_PG_SERVER }}
          connection-string: ${{ secrets.AZURE_PG_CONNECTION_STRING }}
          sql-file: './scripts/init.sql'

• AZURE_PG_SERVER: Your PostgreSQL server name (e.g., myserver.postgres.database.azure.com)
• AZURE_PG_CONNECTION_STRING: Full connection string including username and password
• ./scripts/init.sql: Path to your SQL script in the repo

CAUTION:

• Limited control over execution, environment, and error handling
• Harder to debug errors if action fails silently or vaguely
• Tied to this GitHub Action only
• If Azure/postgresql-action@v1 is deprecated or buggy, you're stuck
• Not easily supported by custom logic.
• Azure/postgresql-action@v1 is real – but [not actively maintained and very limited - https://github.com/Azure/postgresql-action).
• You must ensure your AZURE_PG_CONNECTION_STRING is in ADO.NET format, like: Server=myserver.postgres.database.azure.com;Database=mydb;Port=5432;User Id=myuser;Password=;Ssl Mode=Require;
• There's no clear documentation or support for server-name: in this action. If this fails, it will be hard to debug.

Option 3: Use the manual psql-based approach unless update to option 2

• You’re confident the action Azure/postgresql-action@v1 meets your needs
• You're okay with limited flexibility and unclear error messages

Because, manual psql gives better control, debuggability, and portability, especially since Azure's own docs recommend CLI-based approaches in more advanced scenarios.

name: Deploy to Azure PostgreSQL Flexible Server
on:
  push:
    branches:
      - main
jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v3
      - name: Install PostgreSQL Client
        run: sudo apt-get update && sudo apt-get install -y postgresql-client
      - name: Run SQL script using psql
        env:
          PGPASSWORD: ${{ secrets.AZURE_PG_PASSWORD }}
        run: 
          psql "host=${{ secrets.AZURE_PG_HOST }} port=5432 dbname=${{ secrets.AZURE_PG_DB }} user=${{ secrets.AZURE_PG_USER }} sslmode=require" -f ./scripts/init.sql

Your code is acceptable if your secrets are correctly configured and you're only running a single SQL file, and you’ve tested it successfully, then your YAML is fine for basic use.

But for production or CI/CD pipelines, the psql approach is more robust, extensible, and transparent.

I hope this is helpful! Do not hesitate to let me know if you have any other questions or clarifications.

---

Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful.