Comparison of GitHub Actions with competitors
Deep dive into workflow syntax, triggers, and job configuration
Explore matrices, reusable workflows, and composite actions
•Runner Types and Execution Environments
•Persisting Build Outputs with Artifacts
•Controlling GitHub Permissions
•Authenticating to Third-Party Systems
•Matrix Strategies, Conditionals, and Concurrency Controls
Discover and integrate community actions from the GitHub Marketplace
Build custom JavaScript and Docker actions from scratch
•JavaScript and TypeScript Actions
Optimize logs, secrets, environments, and permissions for teams
•Developer Experience (Actions)
Harden workflows with security, reliability, and cost-saving techniques
•Maintainable Workflow Patterns
Apply course concepts by automating a real-world deployment pipeline
The build-push
workflow mirrors the structure of the test workflow:
fetch-depth: 0
) so git describe
can compute semantic versions.docker/build-push-action
with cache directives and tags supplied by helper Task targets.Version tags come from task utils:generate-version
and task utils:generate-version-tag
, which inspect release tags to
produce either compact (production) or extended (staging/dev) identifiers like 1.2.3+0047-<sha>
. The workflow supports
three trigger modes:
main
: builds staging images for any changed services.services/node/api-node@1.2.3
): treated as production releases for a single service.service
and version
inputs to rebuild ad hoc images (e.g., hotfix tags).Guard clauses ensure the job short-circuits when no services change, preventing “empty matrix” failures.
After images are built, each matrix job triggers update-gitops-manifests.yaml
via gh workflow run
. That workflow:
service
, version
, and environment
inputs.task utils:update-image-tags
to search deploy/kubernetes/
for files containing # staging_services/node/api-node
(or similar markers) and updates their image tags.chore: update staging services/node/api-node to 1.2.3 [skip ci]
).task utils:git-commit-push
helper that retries on conflicts, ensuring concurrent runs eventually
merge back to main
.concurrency.group = <workflow>-<env>-<service>
) so only one deployment per service
runs at a time.Because the workflow mutates the default branch, we skip Act during local testing for these steps and rely on remote runs for validation.