CI/CD with GitHub Actions

What is GitHub Actions and how does CI/CD work

CI/CD definition, GitHub Actions overview, automation pipeline concept, event-driven workflows, software delivery lifecycle

GitHub Actions YAML workflow file structure explained

YAML syntax, workflow file location, on trigger block, jobs block, runs-on key, steps array, name field

How GitHub Actions triggers and events work

push event, pull_request event, workflow_dispatch, schedule cron, event filters, branch filtering, path filtering

What are GitHub Actions runners and how to choose one

GitHub-hosted runners, self-hosted runners, ubuntu-latest, windows-latest, macos-latest, runner specs, runner selection strategy

How to use pre-built GitHub Actions from the marketplace

actions/checkout, uses keyword, action versioning, @v4 pinning, GitHub Marketplace, verified creators, action inputs

How to run automated tests in GitHub Actions

npm test, pytest, test runner integration, step ordering, exit codes, job failure on test failure, test output in logs

How to cache dependencies in GitHub Actions to speed up builds

actions/cache, cache key, cache restore, npm cache, pip cache, cache hit vs miss, dependency caching strategy

How to use environment variables and secrets in GitHub Actions

env block, secrets context, GitHub Secrets UI, GITHUB_TOKEN, secret masking, environment-level secrets, env vs secrets

How to run jobs in parallel and in sequence using needs

parallel jobs, needs keyword, job dependency graph, fan-out pattern, fan-in pattern, job status checks, sequential pipeline

How to upload and download build artifacts in GitHub Actions

actions/upload-artifact, actions/download-artifact, artifact retention, artifact naming, passing files between jobs, build output persistence

How to build a Docker image in GitHub Actions

docker build command, Dockerfile basics, context path, image tagging, build args, multi-stage builds in CI, build output

How to push Docker images to GitHub Container Registry

GitHub Container Registry, ghcr.io, docker/login-action, GITHUB_TOKEN permissions, image naming convention, package visibility, registry authentication

How to run service containers for integration tests in GitHub Actions

services block, postgres service container, redis service, health checks, port mapping, environment variables for services, container networking

How to use Docker layer caching in GitHub Actions

BuildKit cache, cache-from, cache-to, gha cache type, registry cache, layer cache hit, cache invalidation, build speed optimization

How to use matrix strategy to test across multiple environments

matrix strategy, matrix variables, node-version matrix, os matrix, matrix include/exclude, matrix expansion, parallel matrix jobs, fail-fast

How to deploy to a server using SSH in GitHub Actions

SSH deployment, appleboy/ssh-action, SSH key secrets, known_hosts, remote commands, deployment script execution, server authentication

How to deploy to GitHub Pages using GitHub Actions

actions/deploy-pages, actions/configure-pages, pages permission, github-pages environment, artifact upload for pages, static site deployment

How to use GitHub Actions environments for staged deployments

environments, environment protection rules, required reviewers, wait timer, environment secrets, staging vs production, deployment approval

How to deploy to AWS using OIDC instead of long-lived credentials

OIDC authentication, aws-actions/configure-aws-credentials, IAM role trust policy, id-token permission, short-lived credentials, no AWS secret key storage, role ARN

How to implement rollback in a GitHub Actions deployment pipeline

rollback strategy, previous image tag, deployment failure detection, if: failure(), manual rollback workflow, workflow_dispatch inputs, deployment tracking

How to create reusable workflows in GitHub Actions

workflow_call trigger, inputs, secrets: inherit, caller workflow, called workflow, reusable workflow limitations, on.workflow_call.inputs

How to write a composite action in GitHub Actions

action.yml, composite action type, using: composite, steps in action.yml, inputs in composite, calling local action, action outputs, composite vs reusable workflow

How to use conditional logic with if expressions in GitHub Actions

if expression, github context, job status functions, success(), failure(), always(), cancelled(), branch conditions, event conditions, expression syntax

How to pass data between steps using outputs in GitHub Actions

step outputs, GITHUB_OUTPUT, echo to output file, steps context, job outputs, passing job outputs to downstream jobs, output expressions

How to limit GitHub Actions costs with concurrency and skip conditions

concurrency group, cancel-in-progress, skip CI via commit message, paths-ignore, workflow_run trigger, cost optimization, redundant run cancellation

How to prevent script injection attacks in GitHub Actions

script injection, untrusted input, github.event context, intermediate env variable pattern, expression injection, pull request title attack, hardening steps

How to pin GitHub Actions to a commit SHA for supply chain security

SHA pinning, supply chain attack, compromised action, Dependabot for actions, @v4 vs SHA pin, verified action badge, third-party action risk

How to use minimum permissions with GITHUB_TOKEN

permissions block, principle of least privilege, read-all default, write permissions, job-level permissions, permission inheritance, GITHUB_TOKEN scope, security audit

How to scan workflows for security issues with actionlint

actionlint, static analysis for workflows, common workflow errors, expression syntax checking, shellcheck integration, CI integration for actionlint, fixing lint errors

How to manage workflow secrets rotation and audit in GitHub Actions

secret rotation strategy, secret expiration, audit log, GITHUB_TOKEN expiry, environment secret vs repo secret, secret scanning, leaked credential response