12. CI/CD with GitHub Actions

Modern software engineering relies heavily on automation. Continuous Integration (CI)and Continuous Deployment (CD) ensure that every time you push code, it is automatically compiled, run against test suites, and deployed to production servers without manual intervention.

On GitHub, this is achieved natively through **GitHub Actions**.

1. Core Concepts of GitHub Actions

To write automation scripts, you need to understand Git's terminology:

• Workflow: An automated procedure added to your repository. Workflows are defined in YAML files.
• Events (Triggers): The specific activity that triggers the workflow (e.g., a push to main, or opening a Pull Request).
• Jobs: A set of steps executed on the same virtual runner. By default, multiple jobs run in parallel.
• Steps: Individual tasks that run commands or actions.
• Runners: The hosted virtual machine (Ubuntu, Windows, or macOS) that GitHub spins up to run your code.

2. Structure of a Workflow YAML File

Workflow files must be stored in a highly specific folder structure at the root of your project:.github/workflows/

Here is a complete, production-grade example of a workflow file named .github/workflows/node-tests.ymlwhich automatically installs dependencies and runs tests every time a PR is opened:

name: NodeJS Continuous Integration

# 1. Choose the events that trigger this workflow
on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]

# 2. Define the jobs to run
jobs:
  build-and-test:
    # Run on a fresh Ubuntu virtual machine hosted by GitHub
    runs-on: ubuntu-latest

    steps:
    # Step 1: Checkout the repository code onto the runner
    - name: Checkout Code
      uses: actions/checkout@v3

    # Step 2: Setup NodeJS environment
    - name: Setup Node Environment
      uses: actions/setup-node@v3
      with:
        node-version: '18'
        cache: 'npm'

    # Step 3: Install all packages
    - name: Install Dependencies
      run: npm install

    # Step 4: Run test scripts
    - name: Run Jest Unit Tests
      run: npm run test

3. Monitoring Actions

When you push a workflow YAML file to GitHub:

1. Go to your repository page and click the Actions tab.
2. In the left sidebar, click on your workflow name (e.g., "NodeJS Continuous Integration").
3. Click on the specific active run to see live terminal outputs, logs, and a step-by-step progress checklist of your build runner!

4. Securing API Keys with Secrets

Never hardcode API keys, passwords, or cloud database credentials in your YAML files! Instead, store them securely in GitHub and access them as environment variables:

1. Go to **Settings > Secrets and variables > Actions**.
2. Click "New repository secret".
3. Give it a name (e.g., VERCEL_API_KEY) and paste the value.
4. Access it in your YAML workflow using the secrets object:

   env:
     API_KEY: ${{ secrets.VERCEL_API_KEY }}