⏱️3 min read · 452 words
GitHub Actions is the most widely used CI/CD platform in 2026. Free for public repos and 2,000 minutes/month for private, it automates testing, building, and deploying directly from your GitHub repository. This guide covers everything from first workflow to production deployment.
📋 Table of Contents
Core Concepts
- Workflow: YAML file in
.github/workflows/ - Event: Trigger (push, PR, schedule, manual)
- Job: Set of steps that run on a runner
- Step: Individual command or action
- Runner: VM where your job runs (Ubuntu, Windows, macOS)
First Workflow: Test on Push
# .github/workflows/test.yml
name: Test
on:
push:
branches: [main, develop]
pull_request:
branches: [main]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Install dependencies
run: |
pip install -r requirements.txt
- name: Run tests
run: pytest --cov=. --cov-report=xml
- name: Upload coverage
uses: codecov/codecov-action@v4Matrix Builds (Test Multiple Versions)
jobs:
test:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ['3.11', '3.12', '3.13']
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- run: pip install -r requirements.txt && pytestDeploy to Production on Tag
name: Deploy
on:
push:
tags: ['v*']
jobs:
deploy:
runs-on: ubuntu-latest
environment: production
steps:
- uses: actions/checkout@v4
- name: Build Docker image
run: |
docker build -t myapp:${{ github.ref_name }} .
docker tag myapp:${{ github.ref_name }} registry.example.com/myapp:latest
- name: Push to registry
run: |
echo ${{ secrets.REGISTRY_TOKEN }} | docker login registry.example.com -u ci --password-stdin
docker push registry.example.com/myapp:latest
- name: Deploy via SSH
uses: appleboy/ssh-action@v1
with:
host: ${{ secrets.SERVER_HOST }}
username: deploy
key: ${{ secrets.SSH_PRIVATE_KEY }}
script: |
docker pull registry.example.com/myapp:latest
docker compose up -dCaching Dependencies (Faster Builds)
- name: Cache pip
uses: actions/cache@v4
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('requirements.txt') }}
- name: Cache node_modules
uses: actions/cache@v4
with:
path: node_modules
key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }}Using Secrets
Store API keys in GitHub Settings > Secrets and variables > Actions. Access in workflows with ${{ secrets.MY_KEY }}. Secrets are never printed in logs.
- name: Send deploy notification
run: |
curl -X POST ${{ secrets.SLACK_WEBHOOK }} \
-H 'Content-type: application/json' \
--data '{"text": "Deployed ${{ github.ref_name }}"}'Conclusion
GitHub Actions removes the need for separate CI/CD infrastructure. Start with a simple test workflow, add matrix builds, then graduate to automated deployment triggered by tags. Caching cuts build times by 50-80%.
📚 You might also like
🔗 Share this article
✍️ Leave a Comment