GitHub Actions - The Complete Guide

Explore the basics of Git and GitHub, including installing Git, creating repositories, and key commands, and learn how to combine Git with GitHub for local and cloud code management.

Install Git from git-scm.com to use a free version control tool that manages your source code with commits and branches.

Create a starting project by placing an index.html in a folder, open it in your editor, and practice using git to manage source code for GitHub Actions.

Initialize a git repository with git init, attach it to the project, recognize the .git folder, and use git commands to track changes in a VS Code workflow.

Stage changes with git add, then commit to create snapshots of your code; use git status and git log to review history on the main branch.

Learn how the head pointer marks the current loaded snapshot on the main branch and how git checkout lets you switch between commits without deleting history.

Undo a commit with git revert by applying the changes from a specific commit and creating a new revert commit, leaving the original commit intact.

Learn how to reset code with git reset --hard, and when its use is appropriate. Understand the risks of losing commits and rewriting history, and review reverting and git log.

Learn to stage multiple files and ignore system clutter with a .gitignore file, so changes like logo.png and styles.css are committed while .vscode and .DS_Store stay ignored.

Understand how git branches act as containers for commits, including the main branch, enabling feature work and bug fixes without impacting the code, and how to merge with git merge.

Learn to manage branches in git by creating, naming, listing, and switching between branches, and deleting them, using commands like git branch, git checkout, and git checkout -b.

Merge changes from a feature branch into main using git merge, resolve conflicts automatically or manually, commit the merge, and delete the feature branch after publication-ready updates.

Learn why teams use GitHub to store git repositories in the cloud for backups, cross-device access, collaboration, project management, bug tracking, and automation.

Create a GitHub account at github.com by entering your email, password, and a unique username, then verify with the emailed code; then create a new repository on the free plan.

Create a remote GitHub repository from the starting page or profile, using a unique name and visibility, with optional readme, gitignore, and license, then connect to your local git repository.

Connect your local git repository to a GitHub remote using git remote add, naming it origin and providing the remote URL, then push and pull to synchronize code.

push local commits to a remote repository by establishing an origin and upstream connection, authenticate with a personal access token, and see the push succeed.

Learn to create feature branches with git branch and git checkout -b, commit and push to origin, merge into main, and delete remote branches on GitHub.

Add a readme to a repository using Markdown, preview it on GitHub, and pull the latest changes with git pull to keep your local repository up to date.

Clone a remote repository using git clone to create a local project linked to the remote as origin, enabling code exploration and future pushes.

Create a feature branch, modify styling.css to change the title color with a hex code, commit and push to remote, and troubleshoot a permission-denied error as a non-owner.

Learn how to contribute to a remote GitHub repository by forking or requesting push access, then use issues to propose changes and collaborate with the owner.

Learn how to create and review pull requests on GitHub, merge changes into main with branch protection, and link issues to coordinate collaborative, open-source workflows.

Learn how forks and collaborators shape GitHub contributions, including forking a repository, cloning it locally, creating feature branches, and submitting poll requests across forks for review and merge.

Learn the essentials of Git and GitHub, including commits, branches, and commands, and how to push, retrieve, and collaborate on code remotely.

Explore the fundamentals of GitHub Actions, including workflows, jobs, and steps, through concrete demos and practical examples.

Explore the key building blocks of GitHub Actions: workflows, jobs, and steps, linked to GitHub repositories, with triggers, runners, and actions, plus parallel, sequential, and conditional execution.

Create your first GitHub Actions workflow in a new repository, with a .github/workflows YAML file, a first-job on ubuntu-latest, and two steps that echo Hello World and done - bye.

Define and run your first GitHub Actions workflow by committing a YAML file in .github/workflows, then trigger a manual dispatch on the main branch and monitor runs in Actions tab.

Explore a realistic React demo you can run locally with node, npm install, npm run dev, and npm test, then push to a remote GitHub repository to enable GitHub actions.

Create a GitHub Actions workflow to automatically run tests on push. Define a test job on ubuntu-latest that downloads repository code and runs the tests.

Explore how actions differ from run commands and use the checkout action from the GitHub marketplace to fetch code onto a runner, with security considerations.

Learn how to use the checkout action in GitHub Actions by applying the uses keyword, locking to version v3, and configuring with the with keyword and downloading code.

Verify Node.js is preinstalled on ubuntu-latest runners, install project dependencies, and configure the setup-node action to run tests with node-version 18.

Install dependencies with npm ci to lock versions from package-lock.json and run npm test on the runner; push the workflow and use a personal access token with GA actions permission.

Demonstrate failing and analyzing workflows by deliberately breaking a test, running npm test, and inspecting GitHub Actions logs to identify and fix the issue, then revert the commit and re-run.

Create a GitHub Actions workflow with multiple jobs, running test and deploy in parallel, each with a runner and steps like checkout, node.js setup, install dependencies, and npm run build.

Learn to run GitHub Actions jobs sequentially with the needs keyword, so deploy executes only after testing finishes successfully and prevents deployment if tests fail.

Explore how to use multiple event triggers in GitHub Actions, including push and workflow_dispatch manual triggers, and learn how to run workflows concurrently.

Learn how expressions access GitHub context and context objects, outputting environment metadata with toJSON in a manually triggered workflow using workflow_dispatch.

Explore the core components of GitHub Actions, including workflows, jobs, and steps, and learn how to configure events, triggers, runners, and actions in .github/workflows.

Practice crafting two GitHub Actions workflows for a downloaded project: one for lint, test, and deploy on push, and another triggered by issues events that echoes GitHub context metadata.

Implement and run GitHub Actions workflows for linting, testing, and deployment, including single and multi-job setups, triggers on push, and a separate issues workflow that echoes GitHub event details.

Explore deeper GitHub Actions by learning how trigger events affect workflows, implement complex conditions and event filters, and understand activity types through concrete examples.

Discover the wide range of GitHub Actions events and triggers. Learn how repository events like pushes and pull requests, manual dispatch, and schedules fire and how to configure them.

Initialize a demo project for GitHub Actions, create a public repository named GH events, connect main branch, and push the initial commit while preparing to define the missing workflow event.

Explore how the push event triggers workflows, add multiple events like workflow_dispatch for manual runs, and use branch filters to deploy only when main is targeted.

Leverage activity types and event filters to trigger workflows only on the main branch or selected branches and on specific pull request actions.

Explore how activity types and event filters control when GitHub Actions workflows run, from pull requests to workflow dispatch, and learn to declare types in yaml for precise triggering.

Master event filters to control when a workflow runs, targeting push or pull_request events with branch and path criteria. Use main, dev-*, feat/*, and paths and paths-ignore to refine triggers.

Understand how forks affect pull request events and why first-time contributors require manual approval before a workflow runs, with event filters and branches and paths filters guiding triggers.

learn to cancel running github actions workflows manually and to skip workflow runs with commit messages like skip ci, saving time when code changes don’t require tests.

Explore how events trigger GitHub Actions workflows, from pushes and pull requests to schedules and manual triggers, covering activity types, event filters, forked PR approvals, and workflow cancellation.

Explore managing data in GitHub Actions by working with artifacts, job outputs, and dependency caching, and understand how artifacts differ from outputs.

Set up a demo project with a ready GitHub Actions workflow, initialize a local git repo, create a private gh-data repo, link as origin, and push the main branch.

Identify and manage job artifacts as outputs produced by a GitHub Actions job, such as website files, binaries, or logs, and reuse or download them in downstream jobs.

Store the dist folder as an artifact in a GitHub Actions workflow. The build and test steps feed artifacts that can be downloaded or hosted on a web hosting provider.

Upload artifacts from a GitHub actions workflow using the official actions/upload-artifact action (v3), naming the artifact (dist-files) and selecting paths like dist and package.json for later retrieval.

Upload artifacts in the build job and download them in the deploy job via download-artifact. This enables manual and automatic artifact transfer with dist-files unzipped to deploy workspace.

Explore how GitHub Actions passes values between jobs by using job outputs, distinguishing artifacts from outputs, and enabling subsequent jobs to reuse derived values like file names, dates, or hashes.

Learn how to publish and reuse a generated JavaScript file name across GitHub Actions jobs using job outputs, step outputs, and the GitHub output mechanism.

Demonstrates using job outputs in a deploy job by reading the build job’s outputs via the needs context, and passing the published file name between jobs with artifacts.

Learn how to cache dependencies in GitHub Actions to speed up CI pipelines by reusing cached files across jobs and workflows.

Cache dependencies in the first workflow job using the cache action, keyed by the hash files function on package-lock.json, so npm ci reuses the cached npm folder across jobs.

Cache dependencies across workflow jobs to speed up GitHub Actions by reusing caches when package.json and package-lock.json stay unchanged. When dependencies change, the cache key invalidates and dependencies are stored.

Explore how artifacts and job artifacts are uploaded, downloaded, and shared across jobs using set output, echo, and needs context, while caching speeds up dependencies without caching artifacts.

Explore environment variables and secrets in GitHub Actions workflows, learn what they are, how to use them, and understand GitHub Actions environments and the problems they solve.

Learn how environment variables power dynamic config in a Node and Express REST API demo. Use GitHub Actions to supply these values for tests.

Provide environment variable values in a GitHub Actions workflow using the env field at workflow level. Override variables at job level for MONGODB_DB_NAME and the username and password environment variables.

Create a free MongoDB Atlas database, set up a user, and pass environment variables to a GitHub Actions runner, configure network access, and port values for app connection.

Explore using environment variables in GitHub actions, interpolating values in workflow steps, and accessing env vars via the env object to configure servers and databases.

Store credentials as repository secrets and reference them via the secrets context in GitHub Actions to inject environment variables into workflows without exposing them.

Learn how GitHub environments attach to workflows to provide environment-specific secrets and rules. Set up testing, staging, and production environments with branch protections, reviewers, and per-environment credentials.

Use environment variables to inject dynamic values into workflows, with env context for interpolation. Store secrets at repository, environment, or organization level and apply protections via environments.

Learn to control execution flow in GitHub Actions by conditionally running jobs and steps, continuing on failure when appropriate, and using a job matrix and reusable workflows.

Learn to execute github actions workflows conditionally using the if field for jobs and steps, and manage execution with the continue-on-error field, including expressions.

Set up a demo workflow for react app that reacts on pushes to main, lints code, runs tests, uploads test reports and build artifacts, and includes a deploy step.

Learn to conditionally upload the test report in GitHub Actions when tests fail, using an if clause, and understand how a failing step cancels jobs.

Learn to control GitHub Actions steps with the if field. Use expressions, dynamic values, and the steps context to reference a step by id and check its outcome.

Explore how GitHub actions uses special conditional functions—failure, success, always, and canceled—in if conditions to control when steps or tests run, upload test reports, and capture artifacts.

learn to use the if field on a job level in github actions to run a report job only if other job fails, using needs to chain lint and deploy.

Speed up workflows by caching the local node_modules folder and skipping npm ci when a cache hit occurs, using the cache-hit output to conditionally install dependencies.

Explore how the continue-on-error field lets a step fail without blocking subsequent steps in GitHub Actions workflow. Compare it with if and learn when to use continue-on-error versus if.

Leverage matrix strategies in GitHub Actions to run a single build across node versions and operating systems, using matrix context and continue-on-error to run parallel jobs.

Use include and exclude keys to tailor a GitHub Actions matrix by adding standalone combinations or removing specific ones, like node-version 18 on ubuntu-latest, or 12 on Windows.

Explore reusable workflows in GitHub Actions by creating a reusable deploy workflow and invoking it from another workflow with the workflow_call event and uses key.

Discover how to use reusable workflows with dynamic inputs to specify artifact names, download artifacts, and robustly deploy code in GitHub actions.

Learn how to configure reusable GitHub Actions workflows with inputs and secrets, declare required secrets, and pass secret values via the secrets context in the workflow job.

Define and propagate outputs in reusable workflows by adding an outputs key to the workflow call, using the set output command, and referencing them through needs and job outputs.

Explore conditional jobs and steps with if fields and dynamic expressions to control execution in GitHub Actions, and learn matrix and reusable workflows using inputs, outputs, and secrets.

Explore how to use containers with GitHub Actions, including running jobs in containers instead of runner machines, specifying runners, and leveraging service containers to enhance automated workflows.

Explore how Docker containers package code with the environment needed to run it, delivering a reproducible execution environment across any machine.

Learn how GitHub Actions supports Docker containers to define a reproducible environment with a base image, environment variables, containerized steps, and optional service containers.

Learn to set up a demo project with a Dockerfile to build a Docker image, run containers, and run GitHub Actions workflows that test a web API with MongoDB.

discover how to run GitHub Actions jobs in containers using base images like node or ubuntu, control environment variables, and keep core actions working inside an isolated container.

Use service containers in GitHub Actions to run a testing database alongside your jobs, enabling isolated automated tests and shutting down when the workflow ends.

Configure a MongoDB service container within a GitHub Actions job using the extra services key. Set image and env credentials (MONGO_INITDB_ROOT_USERNAME and password) to enable test connections.

Discover how to connect a job to a service container in GitHub Actions, using the service label or localhost with port forwarding, with MongoDB’s default port 27017.

Use containers in GitHub Actions to run jobs in images from a docker registry, and leverage service containers for isolated databases and extra tools, enabling consistent testing and production environments.

Explore how GitHub actions automate tasks with cache, checkout, and artifact upload actions, and learn why and how to build and use custom actions in workflows.

Discover why building custom actions simplifies and reuses workflow steps across jobs, fills gaps when public actions fall short, and enables you to control logic, then publish to the marketplace.

Explore the three types of custom actions: JavaScript actions, Docker actions, and composite actions, and learn how to build and reuse them across workflows in GitHub Actions.

Initialize the demo project, link a private repository, push the local main branch, and prepare to build custom actions, starting with composite actions in the GitHub actions workflow.

Learn how to build custom composite actions to simplify workflows, reuse code, and encapsulate caching and installing dependencies with a dedicated action.yml and a runs: using: composite configuration.

Replace steps with custom actions in workflows using the uses key and a project root path and action.yml, enabling local or repository actions, caching, and composite actions across jobs.

Learn how to add inputs to a custom GitHub action, define a description, defaults, and required flags, and use them via with and if to control caching and workflow behavior.

Add an outputs key on the same level as inputs, define outputs for custom actions, and set values from steps using dynamic expressions and IDs for downstream workflow use.

Create a custom JavaScript action for GitHub Actions, including a deploy-s3-javascript local action that uploads built website files to an Amazon S3 bucket, via an action.yml.

Configure a custom JavaScript action by defining action.yml with name, description, runs, and using node, specifying main.js, and optional pre and post scripts for pre and post steps.

Build a basic JavaScript GitHub Action by creating a run function, logging messages with @actions/core, and installing @actions/core, @actions/github, and @actions/exec via npm init -y and npm install.

Create and configure an AWS S3 bucket to host a static website with index.html. Apply a read-only anonymous policy and deploy build artifacts automatically using a custom GitHub action.

Define and use inputs in a reusable GitHub action to deploy build artifacts to an AWS S3 bucket. Extract bucket name, region, and dist folder from workflow to avoid hard-coding.

Discover retrieving inputs with the core getInput method, then upload dist-folder to a bucket using the AWS CLI s3 sync, via exec in a GitHub action.

Use a custom JavaScript action in a GitHub workflow to deploy built dist files to an AWS S3 bucket, configuring credentials with repository secrets and environment variables for secure upload.

Learn to build and use a custom JavaScript action with outputs, generate the deployed website URL, and expose it in the workflow using set output and steps outputs.

Learn to build a docker-based GitHub action that uploads website files to S3 using a Python deployment script and boto3, with a custom Docker environment.

Create a custom docker action by defining action.yml with docker runs, wiring inputs and outputs, and using environment variables to access inputs, upload files to an S3 bucket with boto3.

Learn how custom actions streamline GitHub workflows, reduce repeated steps, and let you solve problems not addressed by public actions. Explore composite, JavaScript, and Docker actions, with inputs and outputs.

Secure your GitHub Actions workflows by configuring and managing permissions, using GitHub tokens, and controlling access for third-party platforms.

Explore key workflow security topics, including script injection, malicious third-party actions, and fine-grained permissions, and learn to use trusted actions and manage permissions securely.

Explore how script injection can affect GitHub Actions workflows, demonstrate an injection via issue titles, and learn to defend by using actions or storing user input in environment variables.

Secure your workflows by using your own actions or verified creators with a blue check mark on GitHub Marketplace, and analyze any non-verified actions by reviewing their open-source code.

Control GitHub Actions permissions to limit a workflow's access to issues and repository areas, and set read or write permissions at the job or workflow level for secure automation.

GitHub provides an automatically generated token (the GITHUB_TOKEN secret) for authenticating API requests in actions, with configurable read or write permissions and a pathway to stricter defaults.

Explore advanced security settings for GitHub Actions, including automatic creation or approval of pull requests, approval policies for new contributors, and restricting actions to trusted accounts.

Explore authenticating with third-party services using OpenID Connect in GitHub Actions, replacing static keys with dynamic, time-limited permissions for AWS, Azure, and other providers.

Set up an AWS S3 bucket for static website hosting, configure block public access, apply a read-only anonymous bucket policy, and prepare for OpenID Connect integration with GitHub Actions.

Add an OpenID Connect provider in AWS IAM, create a web identity role with policies such as S3 full access, and use AWS credentials by GitHub actions via OIDC.