GitHub Actions: Brief Tutorial

GitHub Actions: Brief Tutorial

This is bascially a quick and dirty cheat sheet.

Git is an open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Git is widely used for collaborative software development and Github is the leading Git platform.

Web FrameworksGit
GitGitHub

Michael Baggett

Guide to Using GitHub Actions

This guide provides a concise yet thorough introduction to GitHub Actions, a powerful automation tool integrated into GitHub for building, testing, and deploying code. It includes key concepts, a step-by-step example, and a glossary of terms.

What are GitHub Actions?

GitHub Actions is a CI/CD (Continuous Integration/Continuous Deployment) platform that allows you to automate workflows directly in your GitHub repository. A workflow is a configurable, automated process defined by a YAML file that executes one or more jobs triggered by specific events (e.g., pushing code, creating a pull request). Each job consists of steps, which are individual tasks like running a script or installing dependencies.

Core Components

  1. Workflow: A workflow is defined in a YAML file stored in the .github/workflows/ directory of your repository. It outlines the automation process, including triggers, jobs, and steps.
  2. Event: An event is an activity that triggers a workflow, such as a push to a branch, a pull_request, or a scheduled time (using cron syntax).
  3. Job: A job is a set of steps executed on a runner (a virtual machine or container hosted by GitHub or self-hosted). Jobs can run in parallel or sequentially, depending on dependencies.
  4. Step: A step is an individual task within a job, such as checking out code, running a command, or using an action.
  5. Action: An action is a reusable unit of code (e.g., a script or a pre-built package) that performs a specific task, like setting up Node.js or deploying to a cloud provider.
  6. Runner: A runner is the environment where jobs execute. GitHub provides hosted runners (Linux, Windows, macOS) or you can use self-hosted runners for custom environments.

Setting Up Your First GitHub Action

Below is an example of a GitHub Action workflow that demonstrates its full functionality: it triggers on a push to the main branch, runs tests, builds a Node.js application, and deploys it to a hypothetical static hosting service. The workflow also uses secrets for secure credentials and artifacts to store build outputs.

Example Workflow: CI/CD for a Node.js Application

This example assumes you have a Node.js project with a package.json file and tests (e.g., using Jest). The workflow will:

  • Trigger on a push to the main branch.
  • Run tests and build the project.
  • Upload the build output as an artifact.
  • Deploy to a static hosting service using a secret API key.

Step 1: Create the Workflow File

In your repository, create a file named .github/workflows/ci-cd.yml.

name: Node.js CI/CD

# Event: Trigger the workflow on push to the main branch
on:
  push:
    branches:
      - main

# Environment variables available to all jobs
env:
  NODE_VERSION: '16'

jobs:
  # Job 1: Run tests
  test:
    runs-on: ubuntu-latest
    steps:
      # Step 1: Check out the repository code
      - name: Checkout code
        uses: actions/checkout@v3

      # Step 2: Set up Node.js
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          node-version: ${{ env.NODE_VERSION }}

      # Step 3: Install dependencies
      - name: Install dependencies
        run: npm install

      # Step 4: Run tests
      - name: Run tests
        run: npm test

  # Job 2: Build and deploy
  build-and-deploy:
    # Depends on the test job completing successfully
    needs: test
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          node-version: ${{ env.NODE_VERSION }}

      - name: Install dependencies
        run: npm install

      - name: Build project
        run: npm run build

      # Step: Upload build output as an artifact
      - name: Upload build artifact
        uses: actions/upload-artifact@v3
        with:
          name: build-output
          path: dist/

      # Step: Deploy to static hosting (hypothetical)
      - name: Deploy to hosting service
        env:
          API_KEY: ${{ secrets.DEPLOY_API_KEY }}
        run: |
          echo "Deploying to static hosting with API key"
          # Replace with actual deployment command, e.g., curl or CLI tool
          # curl -H "Authorization: $API_KEY" --upload-file dist/ https://api.hosting-service.com/deploy

Step 2: Set Up Secrets

  1. Go to your GitHub repository → SettingsSecrets and variablesActions.
  2. Add a new secret named DEPLOY_API_KEY with the value of your hosting service’s API key.

Step 3: Commit and Push

  1. Save the ci-cd.yml file in the .github/workflows/ directory.
  2. Commit and push to the main branch to trigger the workflow.

Step 4: Monitor the Workflow

  1. Go to your repository → Actions tab.
  2. View the running workflow, check logs for each job and step, and download the build-output artifact if needed.

Explanation of the Example

  • Event Trigger: The workflow runs when code is pushed to the main branch.
  • Jobs: Two jobs (test and build-and-deploy) run sequentially (needs: test ensures tests pass before building).
  • Steps: Each job includes steps like checking out code, setting up Node.js, installing dependencies, running tests, building, uploading artifacts, and deploying.
  • Secrets: The DEPLOY_API_KEY secret securely passes credentials to the deployment step.
  • Artifacts: The dist/ folder is uploaded as an artifact for later use or inspection.
  • Environment Variables: NODE_VERSION is defined globally for reuse across jobs.

Best Practices

  • Modularize Workflows: Break complex workflows into multiple jobs for clarity and reusability.
  • Use Caching: Cache dependencies (e.g., npm cache) to speed up workflows using actions/cache@v3.
  • Secure Secrets: Store sensitive data in GitHub Secrets and avoid hardcoding.
  • Monitor and Debug: Check workflow logs in the Actions tab to troubleshoot failures.
  • Version Actions: Pin actions to specific versions (e.g., actions/checkout@v3) for stability.

Glossary

  • Action: A reusable unit of code that performs a specific task in a workflow.
  • Artifact: A file or collection of files produced during a workflow, available for download.
  • CI/CD: Continuous Integration/Continuous Deployment; a practice for automating code testing and deployment.
  • Event: An activity that triggers a workflow, such as a push or pull request.
  • Job: A set of steps executed on a runner, part of a workflow.
  • Runner: A virtual machine or container where jobs execute, either GitHub-hosted or self-hosted.
  • Secrets: Encrypted variables used to store sensitive information, like API keys.
  • Step: An individual task within a job, such as running a command or using an action.
  • Workflow: An automated process defined in a YAML file, triggered by events and consisting of jobs.