📍 Introduction:

GitHub Actions is a powerful tool that allows you to automate your workflow and streamline your development process. With GitHub Actions, you can build, test, and deploy your code with ease. However, to get the most out of GitHub Actions, it's important to follow best practices. In this blog post, we'll explore some of the best practices for using GitHub Actions, along with examples to help you get started.

GitHub Actions Security Best Practices [cheat sheet included]

👉 Use a Standard Directory Structure

One of the best practices for using GitHub Actions is to use a standard directory structure. This makes it easier to organize your workflows and keep them consistent across your projects. Here's an example of a standard directory structure:

.github/
  workflows/
    build.yml
    test.yml
    deploy.yml

👉 Keep Your Workflows Small and Focused

Another best practice for using GitHub Actions is to keep your workflows small and focused. This makes it easier to debug and maintain your workflows. Instead of creating one large workflow that does everything, break it down into smaller workflows that focus on specific tasks. Here's an example:

.github/
  workflows/
    build.yml
    test.yml
    deploy.yml
    release.yml

👉 Use Environment Variables

Using environment variables is another best practice for using GitHub Actions. Environment variables allow you to store sensitive information, such as API keys and passwords, securely. Here's an example:

name: Build and Deploy
on:
  push:
    branches:
      - main
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Build app
        run: npm run build
      - name: Deploy app
        uses: GoogleCloudPlatform/github-actions/deploy-appengine@main
        with:
          project_id: ${{ PROJECT_ID }}
          service_account_version: ${{ SERVICE_ACCOUNT_VERSION }}

👉 Use Caching

Using caching is another best practice for using GitHub Actions. Caching allows you to speed up your workflows by storing dependencies and other files that don't change often. Here's an example:

name: Build and Test
on:
  push:
    branches:
      - main
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Cache dependencies
        uses: actions/cache@v2
        with:
          path: ~/.npm
          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
          restore-keys: |
            ${{ runner.os }}-node-
      - name: Install dependencies
        run: npm install
      - name: Build app
        run: npm run build
      - name: Test app
        run: npm test

👉 Use Secrets

Using secrets is another best practice for using GitHub Actions. Secrets allow you to store sensitive information, such as API keys and passwords, securely. Here's an example:

name: Build and Deploy
on:
  push:
    branches:
      - main
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Build app
        run: npm run build
      - name: Deploy app
        uses: GoogleCloudPlatform/github-actions/deploy-appengine@main
        with:
          project_id: ${{ secrets.PROJECT_ID }}
          service_account_key: ${{ secrets.SERVICE_ACCOUNT_KEY }}

👉 Use Actions Marketplace

Using Actions Marketplace is another best practice for using GitHub Actions. Actions Marketplace allows you to find and use pre-built actions that can help you automate your workflow. Here's an example:

name: Build and Test
on:
  push:
    branches:
      - main
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Cache dependencies
        uses: actions/cache@v2
        with:
          path: ~/.npm
          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
          restore-keys: |
            ${{ runner.os }}-node-
      - name: Install dependencies
        run: npm install
      - name: Build app
        run: npm run build
      - name: Test app
        uses: actions/steps/mocha@v1
        with:
          args: --recursive --reporter dot test/

📍 Conclusion

In conclusion, GitHub Actions is a powerful tool that can help you automate your workflow and streamline your development process. By following these best practices, you can ensure that your workflows are organized, maintainable, and secure. So, start using GitHub Actions today and take your development process to the next level!

📢 Resource: https://blog.mergify.com/the-best-github-action-you-should-use/

👉 Checkout GitHub Repository for projects:

🔗 github.com/sumanprasad007

DeployToCloud

DeployToCloud

🚀 GitHub Action Best Practices: How to tweak Your Workflow

Table of contents

📍 Introduction:

👉 Use a Standard Directory Structure

👉 Keep Your Workflows Small and Focused

👉 Use Environment Variables

👉 Use Caching

👉 Use Secrets

👉 Use Actions Marketplace

📍 Conclusion

📢 Resource: https://blog.mergify.com/the-best-github-action-you-should-use/

👉 Checkout GitHub Repository for projects:

🚀 GitHub Action Best Practices: How to tweak Your Workflow

Table of contents

📍 Introduction:

👉 Use a Standard Directory Structure

👉 Keep Your Workflows Small and Focused

👉 Use Environment Variables

👉 Use Caching

👉 Use Secrets

👉 Use Actions Marketplace

📍 Conclusion

📢 Resource: https://blog.mergify.com/the-best-github-action-you-should-use/

👉 Checkout GitHub Repository for projects:

Did you find this article valuable?