| theme | highlighter | transition | mdc | presenter | title | addons | fonts | themeConfig | layout | image | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
the-unnamed |
shiki |
slide-left |
true |
dev |
From Code to Cloud: Automated Deployments with GitHub Actions |
|
|
|
image |
./cloudsummit/title.png |
layout: about-me imageSrc: ./profile/eliostruyf_2023.jpg helloMsg: 👋 Hello! name: Elio Struyf job: Struyf Consulting line1: "#Stickerpreneur @ pyod.shop" line2: "#Maintainer @ Front Matter CMS" social1: "@eliostruyf" social2: eliostruyf.com social3: elio@struyfconsulting.be
<style> h1 { font-size: 3.5rem !important; } </style>
- CI/CD service
- Automate builds, tests, deployments, issues, etc.
- Workflow defined in YAML
- Triggers based on events like push, pull requests, etc.
- Actions are reusable tasks
- Runners are VMs to execute workflows on Windows, macOS, Linux
- Integrated with GitHub
- Free for public repositories and self-hosted runners
- Community contributed actions
- Cost-effective for private repositories ("free" minutes)
| Plan | Free minutes |
|---|---|
| GitHub Free | 2,000 |
| GitHub Pro | 3,000 |
| GitHub Free for orgs | 2000 |
| GitHub Team | 3,000 |
| GitHub Enterprise Cloud | 50,000 |
<style> h1::before { background: #EE4266 !important; } </style>
| Runner | Multiplier |
|---|---|
| Linux | 1x |
| Windows | 2x |
| macOS | 10x |
Large runners are more expensive (only for orgs and enterprises)
flowchart LR
Events --> |triggers| Workflow --> |starts| Job --> |uses| Runner --- Step --- Action
- Event: Trigger for a workflow
- Workflow: Automation process
- Job: Set of steps that execute on the same runner
- Runner: VM to execute workflows
- Step: A task that can run commands
- Action: A reusable task
- push: Triggered on push to a branch
- pull_request: Triggered on pull request
- schedule: Triggered on a schedule
- release: Triggered on release
- workflow_call: Triggered by another workflow
- workflow_dispatch: Triggered manually
- repository_dispatch: Triggered by an external event
Create a .github/workflows directory in your repository.
name: Build and Deploy
on:
push:
branches:
- main
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: npm install
- run: npm run build
- uses: actions/upload-artifact@v4
with:
name: dist
path: dist- Non-sensitive configuration information
- Levels:
- Workflow:
env - Repository
- Environment
- Organization
- Workflow:
- Default environment variables:
GITHUB_*andRUNNER_*GITHUB_REPOSITORY:owner/repoGITHUB_REPOSITORY_OWNER:owner
- Workflows created in
.github/workflowsdirectory - Define workflow variables by using
env - Actions options can be added like
with,env, etc. - Variables and contexts can be used in the workflow
- Setting your variables like with
>> $GITHUB_ENV
echo "{environment_variable_name}={value}" >> $GITHUB_ENVGitHub Variables - GitHub Context
- Each workflow job creates a
GITHUB_TOKENsecret - Used to authenticate with GitHub API
${{ secrets.GITHUB_TOKEN }}
Comes with default permissions depending on the repo settings
preview-deploy:
runs-on: ubuntu-latest
needs: build
permissions:
contents: read
pages: write
id-token: write steps:
- id: step1 # Required
run: |
# {name}={value}
echo "website=https://..." >> $GITHUB_OUTPUTjobs:
job1:
outputs:
website: ${{ steps.step1.outputs.website }} job2:
needs: job1
steps:
- run: echo ${{ needs.job1.outputs.website }}- You can depend on other jobs by using the
needskey - Use the
actions/upload-artifactaction to upload artifacts - Permissions on the
GITHUB_TOKENcan be changed - Set job output variables with
>> $GITHUB_OUTPUT - Add information to the job summary via
>> $GITHUB_STEP_SUMMARY
Use actions/cache to cache dependencies
- name: Cache Playwright
id: cache-playwright
uses: actions/cache@v4
with:
path: ~/.cache/ms-playwright
key: playwright-${{ env.PLAYWRIGHT_VERSION }}Conditions can be added to jobs and steps to control when they run
- name: Install Playwright Browsers
if: steps.cache-playwright.outputs.cache-hit != 'true'
run: npx playwright install --with-depsif: always()to always run the step (even if the previous step/job failed)- Functions:
contains(),startsWith(),endsWith(), ...
- Use
actions/cacheto cache dependencies - Conditions can be added to jobs and steps to control when they run
- Each environment can have its variables and secrets
- Using variables:
vars.{name} - Using secrets:
secrets.{name}
- Using variables:
- Used for a deployment target
- Allow you to set environment-specific variables/secrets
- Wait timer can be set
- Protection rules can be set
- You can set an approval/review process
- Limit branches/tags per environment
jobs:
production-deploy:
runs-on: ubuntu-latest
environment:
name: azure- Sensitive information
- Levels:
- Repository
- Environment
- Organization
- Access policy on organization-level
- Values are masked in build outputs
- Set as input or environment variable to use them
- Use environment-specific variables and secrets
- Reuse actions with custom actions
- Set an approval process for the deployment
- Set
secrets.{name}to use the secret in the workflow
- Detailed logging via
ACTIONS_RUNNER_DEBUGsecret/variable istrue - Enable debug logging on workflow re-run
- GitHub Actions Marketplace
- Create your actions and distribute them
- Matrix builds -> automatically create multiple jobs
- Use GitHub Actions for VSCode extension
<style> .slidev-layout.default { background: url(./slides/thankyou.jpg) no-repeat center center !important; position: relative; } h1 { position: absolute !important; bottom: 0.5rem; left: 7rem; color: #000 !important; } h1::before { background: #84DFD2 !important; } </style>