Back to ArticlesDevOps Learning Journal
Jun 10, 202510 min read

CI/CD Pipeline with GitHub Actions

CI/CDGitHub ActionsAutomation

Continuous Integration and Continuous Deployment (CI/CD) form the backbone of modern software delivery pipelines. Rather than manual builds and ftp uploads, pipelines automate validation, code quality checks, containerization, and staging deployments immediately upon code push.

GitHub Actions is an incredibly powerful platform integrated directly into your GitHub repository to orchestrate these workflows.

Workflow Lifecycle Architecture

The pipeline triggers automatically on events (such as git push or pull_request). It coordinates tasks across various runner environments, utilizing Docker containers to provision virtual hosts on-demand.

Creating a GitHub Actions Workflow File

GitHub Actions workflows are written in YAML and placed under the .github/workflows/ directory of your project.

Here is a comprehensive pipeline template that installs dependencies, runs tests, runs linter checks, compiles a Docker image, and uploads it to GitHub Container Registry (GHCR):

name: Continuous Integration & Delivery

on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]

jobs:
  test-and-lint:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Code
        uses: actions/checkout@v3

      - name: Setup Node.js
        uses: actions/setup-node@v3
        with:
          node-version: 18
          cache: 'npm'

      - name: Install dependencies
        run: npm ci

      - name: Run Linter
        run: npm run lint

      - name: Execute Tests
        run: npm test

  build-and-release:
    needs: test-and-lint
    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Code
        uses: actions/checkout@v3

      - name: Log in to Registry
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Build and Push Docker Image
        uses: docker/build-push-action@v4
        with:
          context: .
          push: true
          tags: |
            ghcr.io/${{ github.repository }}/web-app:latest
            ghcr.io/${{ github.repository }}/web-app:${{ github.sha }}

Key Best Practices

  1. Use Specific Versions: Lock down Action dependencies (e.g. actions/checkout@v3 instead of @master) to prevent pipeline failure when third-party actions release breaking updates.
  2. Secrets Management: Never commit credentials. Store SSH keys, AWS access secrets, and server passwords securely in GitHub Settings -> Secrets -> Actions, and refer to them via the ${{ secrets.KEY }} context.
  3. Caching: Use caching for dependencies (e.g., node_modules or pip downloads) to reduce runner durations, speed up execution times, and save build billing minutes.
S
Written by Swapnil

DevOps & Infrastructure Engineer, focusing on container scaling, secure automated deployment pipelines, and cloud state architecture.