GitHub Actions — Your First Pipeline

Why GitHub Actions?

Every push should automatically: run tests, check types, build, and deploy (if on main). GitHub Actions does this on GitHub's servers, triggered by git events — no extra services needed.

Core Concepts

• Workflow — YAML file in .github/workflows/. Triggered by events.
• Event — what triggers the workflow: push, pull_request, schedule, workflow_dispatch
• Job — group of steps on one runner (VM)
• Step — a command or action within a job
• Runner — the VM: ubuntu-latest, macos-latest, windows-latest

Your First Workflow

# .github/workflows/ci.yml
name: CI

on:
  push:
    branches: [main, develop]
  pull_request:
    branches: [main]

jobs:
  test:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '20'
          cache: 'npm'

      - name: Install
        run: npm ci        # Reproducible install from lockfile

      - name: Lint
        run: npm run lint

      - name: Type check
        run: npm run type-check

      - name: Test
        run: npm test

Secrets & Environment Variables

# Store secrets: Repository Settings → Secrets and variables → Actions
# Access in workflow with secrets context:

jobs:
  deploy:
    steps:
      - name: Deploy
        env:
          AWS_ACCESS_KEY_ID: $ACTIONS_AWS_KEY_ID       # from GitHub secrets
          DATABASE_URL: $ACTIONS_DATABASE_URL          # from GitHub secrets
        run: ./scripts/deploy.sh

Matrix Builds

jobs:
  test:
    strategy:
      matrix:
        node-version: [18, 20, 22]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/setup-node@v4
        with:
          node-version: $MATRIX_NODE_VERSION
      - run: npm ci && npm test