GitHub Actions Workflow

Overview
When to Use
Quick Start
Reference Guides
Best Practices

Overview

Create powerful GitHub Actions workflows to automate testing, building, security scanning, and deployment processes directly from your GitHub repository.

When to Use

Continuous integration and testing
Build automation
Security scanning and analysis
Dependency updates
Automated deployments
Release management
Code quality checks

Quick Start

Minimal working example:

yaml

# .github/workflows/ci.yml
name: CI/CD Pipeline

on:
  push:
    branches: [main, develop]
  pull_request:
    branches: [main, develop]

env:
  REGISTRY: ghcr.io
  IMAGE_NAME: ${{ github.repository }}

jobs:
  test:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        node-version: [16.x, 18.x, 20.x]
    steps:
      - uses: actions/checkout@v3

      - name: Setup Node ${{ matrix.node-version }}
        uses: actions/setup-node@v3
        with:
// ... (see reference guides for full implementation)

Reference Guides

Detailed implementations in the references/ directory:

Guide	Contents
Complete CI/CD Workflow	Complete CI/CD Workflow
Automated Release Workflow	Automated Release Workflow
Docker Build and Push	Docker Build and Push

Best Practices

✅ DO

Use caching for dependencies (npm, pip, Maven)
Run tests in parallel with matrix strategy
Require status checks on protected branches
Use environment secrets and variables
Implement conditional jobs with if:
Lint and format before testing
Set explicit permissions with permissions
Use runner labels for specific hardware
Cache Docker layers for faster builds

❌ DON'T

Store secrets in workflow files
Run untrusted code in workflows
Use secrets.* with pull requests from forks
Hardcode credentials or tokens
Miss error handling with continue-on-error
Create overly complex workflows
Skip testing on pull requests

Search AI Tools

github-actions-workflow

Install this agent skill to your Project

SKILL.md