GitHub Actions

GitHub Actions is a CI/CD (Continuous Integration and Continuous Deployment) and automation platform built directly into GitHub. It allows you to:

• Automate tasks such as building, testing, and deploying code.
• Trigger workflows on specific events like push, pull_request, or schedule.
• Run jobs in Linux, Windows, or macOS virtual machines or containers.
• Integrate with APIs, cloud services, and third-party tools.

Key Concepts        

a. Workflow

• A workflow is an automated process defined in a YAML file inside .github/workflows/.
• Example: .github/workflows/ci.yml.

Event        

• An event triggers the workflow (e.g., push, pull_request, schedule, workflow_dispatch).
• Example:

c. Job

• A job is a group of steps that run in the same environment (runner).
• Jobs run in parallel by default unless specified otherwise.

d. Step

• A step is a single task in a job.
• It can run shell commands or use an action.

e. Runner

• The machine where jobs run.
• Types:
• GitHub-hosted runners (preconfigured, e.g., ubuntu-latest).
• Self-hosted runners (your own machine/server).

f. Action

• An action is a reusable unit of code for a step.
• Can be:
• Marketplace action (published by others).
• Custom action (your own).

Workflow Structure        

Here’s the general structure of a GitHub Actions workflow:

Using Marketplace Actions        

Example: Using a prebuilt action to upload artifacts:

Secrets and Environment Variables        

• Store secrets in Settings → Secrets and Variables → Actions.
• Access in workflows:

Matrix Builds        

Run the same job on multiple versions/OS:

Caching Dependencies        

Speed up workflows with caching:

Deployment Example        

Deploy to GitHub Pages:

Best Practices        

• Use specific action versions (e.g., @v3) to avoid breaking changes.
• Keep workflows DRY (reuse actions instead of repeating commands).
• Secure secrets ----> never hardcode sensitive data.
• Test workflows on smaller branches before merging to main.
• Use caching to speed up builds.

Real-World Use Cases        

• CI/CD pipelines (build, test, deploy automatically).
• Automated code formatting (e.g., Prettier, ESLint).
• Security scanning (e.g., Dependabot alerts, CodeQL analysis).
• Automated releases (create changelogs, tag versions).
• Data processing (scheduled jobs).