GitHub Actions Setup Guide

This guide provides detailed instructions for setting up GitHub Actions in your repositories and creating efficient CI/CD workflows.

Requirements

• GitHub account
• Repository with code to build/test/deploy
• Appropriate permissions on the repository
• (Optional) Self-hosted runners for custom environments

Basic Setup

Workflow File Structure

name: CI/CD Pipeline
on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]
 
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '20'
      - run: npm ci
      - run: npm test

Runner Types

runs-on: ubuntu-latest    # Ubuntu Linux
runs-on: windows-latest   # Windows
runs-on: macos-latest     # macOS

Common Workflows

Security Best Practices

1. Secrets Management

   steps:
     - name: Use secret
       env:
         API_KEY: ${{ secrets.API_KEY }}

   Copy

2. OIDC Integration

   jobs:
     deploy:
       permissions:
         id-token: write
         contents: read

   Copy

3. Dependency Caching

   steps:
     - uses: actions/cache@v3
       with:
         path: ~/.npm
         key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}

   Copy

Troubleshooting

Best Practices

1. Workflow Optimization

   • Use matrix builds for parallel testing
   • Implement caching strategies
   • Minimize unnecessary steps
   • Use composite actions for reusable steps

2. Security

   • Regular secret rotation
   • Minimal permissions principle
   • Dependencies scanning
   • Code signing for releases

3. Maintenance

   • Keep actions versions updated
   • Document workflow configurations
   • Monitor workflow analytics
   • Set up status badges