Learn GitHub Actions

Beginner friendly + Real-life analogy + Production mindset

What is GitHub Actions
Easy Explanation
Why Use It
CI/CD Concept
How GitHub Actions Works
Workflow Fundamentals
Workflow Deep Dive
Reusable Workflow
Composite Action
Docker / JS Actions
Matrix Strategy
Cache
Artifacts
Secrets & Security
Self Hosted Runner
Environment & Approval
Real Project Examples
Best Practices
Debugging Tips

1) What is GitHub Actions?

GitHub Actions is an automation platform inside GitHub.

It automates:

testing
building
deployment
notifications
cron jobs
security scan
release automation

Simple:

You push code → GitHub automatically works

2) Easy Explanation

Imagine restaurant automation:

Manual:

Order আসে → Chef রান্না → Packaging → Delivery

Automated:

Order আসে → Robot রান্না → Auto QC → Auto Delivery

Software world:

Code push → Test → Build → Deploy

This robot = GitHub Actions

3) Why Use GitHub Actions?

Benefits:

automatic
fast
repeatable
less human error
team consistency
production ready
built into GitHub

4) CI/CD Concept

CI = Continuous Integration

Meaning:

Every push / PR:

install deps
lint
test
build

Example:

git push

↓

Auto:

npm install
npm run lint
npm test
npm run build

CD = Continuous Delivery

Ready for deployment automatically.

Human approves deploy.

Continuous Deployment

Fully automatic production deployment.

Push → Live

Visual:

Developer
↓
Push
↓
CI
↓
Build
↓
Deploy
↓
Production

5) How GitHub Actions Works

Flow:

Developer action
↓
Event trigger
↓
Workflow starts
↓
Runner machine created
↓
Jobs run
↓
Steps run
↓
Logs generated
↓
Success / Fail

6) Folder Structure

project/
 ├── src/
 ├── package.json
 └── .github/
      └── workflows/
           ├── ci.yml
           ├── deploy.yml
           └── release.yml

Important:

.github/workflows/

GitHub scans this folder.

7) Core Concepts

Term	Meaning
Workflow	automation file
Event	trigger
Job	group of tasks
Step	single task
Runner	machine
Action	reusable block
Secret	encrypted variable
Artifact	generated file

8) Workflow Structure

Basic:

name:

on:

jobs:

Example:

name: Node CI

on: push

jobs:
  test:
    runs-on: ubuntu-latest

    steps:
      - run: echo "Hello"

9) name

Workflow name.

name: Backend CI Pipeline

Readable name use.

Good:

name: API Test Pipeline

Bad:

name: workflow1

10) on (Event)

Trigger.

Example:

on: push

push

on: push

pull_request

on: pull_request

workflow_dispatch

Manual run.

on:
  workflow_dispatch:

schedule

Cron.

on:
  schedule:
    - cron: "0 0 * * *"

Daily midnight.

Branch filter

on:
  push:
    branches:
      - main
      - develop

Tag filter

on:
  push:
    tags:
      - v*

Path filter

on:
  push:
    paths:
      - src/**

11) Jobs

Workflow contains jobs.

Example:

jobs:
  test:
  build:
  deploy:

Visual:

Workflow
├── test
├── build
└── deploy

12) Runner

Machine that executes workflow.

runs-on: ubuntu-latest

Options:

ubuntu-latest
windows-latest
macos-latest

13) Steps

Small tasks.

steps:

Example:

steps:
  - run: npm install
  - run: npm test
  - run: npm run build

14) run

Execute shell command.

- run: pwd

- run: ls -la

- run: npm test

Multi-line:

- run: |
    npm install
    npm run lint
    npm test

15) uses

Reusable action.

Example:

Checkout code:

- uses: actions/checkout@v4

Setup Node:

- uses: actions/setup-node@v4

16) with

Pass inputs.

- uses: actions/setup-node@v4
  with:
    node-version: 20

17) env

Environment variable.

Workflow:

env:
  NODE_ENV: production

Job:

jobs:
  build:
    env:
      PORT: 5000

Step:

- env:
    NAME: Sabbir
  run: echo $NAME

18) needs

Dependency.

jobs:
  test:
  build:
    needs: test
  deploy:
    needs: build

Flow:

test → build → deploy

19) if condition

Conditional run.

if: github.ref == 'refs/heads/main'

20) Secrets

Encrypted variables.

Examples:

DB_PASSWORD
API_KEY
SSH_KEY
JWT_SECRET

Use:

${{ secrets.API_KEY }}

Example:

- run: echo "${{ secrets.API_KEY }}"

Never hardcode.

Bad:

PASSWORD=123456

21) Outputs

One job passes value to another.

Example:

outputs:
  version: v1

Use:

needs.build.outputs.version

22) Strategy Matrix

Run multiple versions.

Example:

strategy:
  matrix:
    node: [18, 20, 22]

Runs 3 jobs.

Useful:

multi version test
multi OS test

23) Cache

Speed up builds.

Example:

- uses: actions/cache@v4

Cache:

npm
yarn
pnpm
pip
gradle

Benefit:

Fast CI.

24) Artifacts

Save generated files.

Example:

build zip
test report
coverage report

Upload:

- uses: actions/upload-artifact@v4

Download later.

25) Reusable Workflow

Purpose:

One workflow reused everywhere.

Example:

.github/workflows/node-ci.yml

Reusable:

on:
  workflow_call:

Input:

inputs:
  node_version:
    required: true
    type: string

Call:

jobs:
  call:
    uses: ./.github/workflows/node-ci.yml
    with:
      node_version: 20

Useful:

Organization standard pipeline.

26) Composite Action

Reusable step group.

Folder:

.github/actions/setup-app/

Contains:

action.yml

Example:

name: Setup App
description: Install app deps

runs:
  using: composite
  steps:
    - run: npm install
      shell: bash

Use:

- uses: ./.github/actions/setup-app

Composite vs Reusable Workflow

Composite:

→ step reusable

Reusable Workflow:

→ whole workflow reusable

27) Docker Action

Container based action.

Good for:

isolated runtime
custom toolchain

Contains:

Dockerfile

28) JavaScript Action

Node based action.

Fast.

Reusable.

Marketplace actions mostly JS.

29) Self Hosted Runner

Own machine.

Examples:

VPS
EC2
office server

Benefits:

more CPU
custom software
private network

30) Service Containers

Use DB inside CI.

Example:

Postgres

Redis

MySQL

Example:

services:
  postgres:

Useful for integration tests.

31) Environment

Deployment stage:

dev
staging
production

Protection:

manual approval
secret isolation

32) Permissions

Token permission limit.

Example:

permissions:
  contents: read

Security best practice.

Least privilege.

33) Concurrency

Prevent duplicate workflow.

concurrency: production

Old deploy cancels.

Only latest runs.

34) Notifications

Send to:

Slack
Discord
Email

Example:

Deploy failed → notify team

35) Real Project Example (Node.js CI)

name: Node CI

on:
  pull_request:
  push:
    branches: [main]

jobs:
  test:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-node@v4
        with:
          node-version: 20

      - run: npm ci
      - run: npm run lint
      - run: npm test
      - run: npm run build

36) Docker Build Push Example

- run: docker build -t app .
- run: docker push image

Production:

Build → Tag → Push → Deploy

37) AWS Deploy Example

Flow:

Push
↓
Test
↓
Docker build
↓
Push image
↓
SSH server
↓
Pull image
↓
Restart container

38) Monorepo Example

Apps:

apps/
  frontend/
  backend/

Only backend changed:

Run backend workflow.

Path filter.

Efficient.

39) Best Practices

small workflows

Split:

ci.yml
deploy.yml
release.yml

reusable logic

Use:

composite
reusable workflow

secure secrets

Never echo secret.

cache dependencies

Fast builds.

pin versions

Good:

@v4

use npm ci

Not:

npm install

Use:

npm ci

CI friendly.

add timeout

timeout-minutes: 10

concurrency

Prevent duplicate deploy.

40) Debugging

Check:

Actions tab logs

Use:

- run: pwd

- run: env

- run: ls -la

Print debug info.

41) Production Pipeline Architecture

Developer Push
↓
Lint
↓
Test
↓
Build
↓
Docker Build
↓
Security Scan
↓
Push Registry
↓
Deploy Staging
↓
Approval
↓
Deploy Production
↓
Notify Team

Final Summary

GitHub Actions = automation brain of repo.

Main pillars:

Workflow
Event
Job
Step
Action
Runner
Secret
Reusable workflow
Composite action

🔹 Best Practices

✔ Secrets use করো (never hardcode) 🔐 ✔ Cache use করো ⚡ ✔ Reusable workflow use করো ✔ Small & modular pipeline রাখো ✔ Environment protection ব্যবহার করো

🔹 Debugging Tips

GitHub Actions logs check করো
echo ব্যবহার করো
step by step isolate করো
failed step identify করো

🔹 Common Mistakes

❌ checkout missing ❌ wrong node version ❌ secrets missing ❌ wrong path

Name		Name	Last commit message	Last commit date
Latest commit History 25 Commits
.github/workflows		.github/workflows
backend		backend
frontend		frontend
README.md		README.md
app.py		app.py

Folders and files

Latest commit

History

Repository files navigation

Learn GitHub Actions

Table of Contents

1) What is GitHub Actions?

2) Easy Explanation

3) Why Use GitHub Actions?

4) CI/CD Concept

CI = Continuous Integration

CD = Continuous Delivery

Continuous Deployment

5) How GitHub Actions Works

6) Folder Structure

7) Core Concepts

8) Workflow Structure

9) name

10) on (Event)

push

pull_request

workflow_dispatch

schedule

Branch filter

Tag filter

Path filter

11) Jobs

12) Runner

13) Steps

14) run

15) uses

16) with

17) env

18) needs

19) if condition

20) Secrets

21) Outputs

22) Strategy Matrix

23) Cache

24) Artifacts

25) Reusable Workflow

26) Composite Action

Composite vs Reusable Workflow

27) Docker Action

28) JavaScript Action

29) Self Hosted Runner

30) Service Containers

31) Environment

32) Permissions

33) Concurrency

34) Notifications

35) Real Project Example (Node.js CI)

36) Docker Build Push Example

37) AWS Deploy Example

38) Monorepo Example

39) Best Practices

small workflows

reusable logic

secure secrets

cache dependencies

pin versions

use npm ci

add timeout

concurrency

40) Debugging

41) Production Pipeline Architecture

Final Summary

🔹 Best Practices

🔹 Debugging Tips

🔹 Common Mistakes

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Packages