GitHub Actions Cheatsheet and Workflow Analysis

GitHub Actions Cheatsheet

GitHub Actions is a CI/CD platform for automating tasks in GitHub repositories. Workflows are defined in YAML files stored in the .github/workflows/ directory. Below is a cheatsheet of all major components and their roles.

1. Workflow

• Definition: A workflow is an automated process defined in a YAML file, containing one or more jobs triggered by events.
• Key Attributes:
  • name: Workflow name displayed in the GitHub Actions UI.
  • on: Specifies events that trigger the workflow (e.g., push, pull_request, schedule).
  • jobs: Defines one or more jobs to execute.
  • env: Workflow-level environment variables.
  • concurrency: Controls concurrent workflow runs to prevent conflicts.
• Example:

  name: CI Pipeline
  on:
    push:
      branches: [main]
  env:
    GLOBAL_VAR: value

2. Events (on)

• Definition: Events trigger workflows. Defined under the on key.
• Common Triggers:
  • push: On code push to specified branches.
  • pull_request: On pull request actions (e.g., opened, synchronized).
  • schedule: Cron-based scheduling (e.g., 0 0 * * * for daily runs).
  • workflow_dispatch: Manual trigger via GitHub UI or API.
  • issue_comment, release, repository_dispatch, etc.
• Example:

  on:
    push:
      branches: [main, dev/*]
    pull_request:
      branches: [main]
    schedule:
      - cron: '0 0 * * *'

3. Jobs

• Definition: A job is a set of tasks (steps) running on a single runner (virtual machine or container).
• Key Attributes:
  • runs-on: Specifies the runner (e.g., ubuntu-latest, windows-latest, macos-latest, or self-hosted).
  • steps: List of tasks to execute.
  • needs: Defines job dependencies for sequential execution.
  • env: Job-level environment variables.
  • if: Conditional execution (e.g., if: github.event_name == 'push').
  • services: Defines Docker containers for external dependencies (e.g., databases).
  • strategy: For matrix builds (run job with multiple configurations, e.g., different Go versions).
• Example:

  jobs:
    build:
      runs-on: ubuntu-latest
      needs: [test]
      steps: []

4. Steps

• Definition: Individual tasks within a job, executed sequentially on the same runner.
• Key Attributes:
  • name: Step name for UI display.
  • uses: References an action (e.g., actions/checkout@v4).
  • run: Executes a shell command (e.g., npm install).
  • env: Step-level environment variables.
  • if: Conditional execution.
  • with: Inputs for actions.
  • id: Unique identifier for step outputs.
  • continue-on-error: Allows subsequent steps to run even if the step fails.
• Example:

  steps:
    - name: Checkout
      uses: actions/checkout@v4
    - name: Run script
      run: echo "Hello, World!"
      env:
        MY_VAR: value

5. Actions

• Definition: Reusable units of code that perform specific tasks (e.g., checking out code, setting up environments).
• Key Attributes:
  • Hosted in GitHub Marketplace or custom repositories.
  • Used via uses (e.g., uses: actions/setup-go@v5).
  • Supports inputs (with) and outputs.
• Example:

  - uses: actions/setup-go@v5
    with:
      go-version: '1.21'

6. Services

• Definition: Docker containers running alongside a job to provide dependencies (e.g., databases, caches).
• Key Attributes:
  • Defined under jobs.<job_id>.services.
  • Specifies image, ports, env, and options (e.g., health checks).
  • Accessible via localhost or service name.
• Example:

  services:
    redis:
      image: redis:latest
      ports:
        - 6379:6379

Checkout the PPT . Credit goes to: TechSchool

7. Runners

• Definition: Virtual machines or containers that execute jobs.
• Types:
  • GitHub-hosted: ubuntu-latest, windows-latest, macos-latest.
  • Self-hosted: Custom runners on your infrastructure.
• Example:

  runs-on: ubuntu-latest

8. Environment Variables

• Definition: Variables available to steps, jobs, or workflows.
• Levels: Workflow (env), job (env), step (env).
• Secrets: Securely stored variables accessed via ${{ secrets.NAME }}.
• Example:

  env:
    API_KEY: ${{ secrets.API_KEY }}

9. Matrix Strategy

• Definition: Runs a job multiple times with different configurations (e.g., multiple versions of a language).
• Key Attributes:
  • strategy.matrix: Defines variables (e.g., go-version: ['1.21', '1.22']).
  • strategy.fail-fast: Stops matrix on first failure (default: true).
• Example:

  strategy:
    matrix:
      go-version: ['1.21', '1.22']

10. Artifacts and Outputs

• Artifacts: Files stored after a job (e.g., build outputs).
  • Use actions/upload-artifact@v4 and actions/download-artifact@v4.
• Outputs: Data passed between steps or jobs via ::set-output.
• Example:

  - name: Upload artifact
    uses: actions/upload-artifact@v4
    with:
      name: my-artifact
      path: ./build/

11. Concurrency and Permissions

• Concurrency: Prevents multiple workflow runs from conflicting.
  • Use concurrency.group and concurrency.cancel-in-progress.
• Permissions: Control workflow access to repository resources.
  • Use permissions (e.g., contents: read).
• Example:

  concurrency:
    group: ${{ github.workflow }}-${{ github.ref }}
    cancel-in-progress: true
  permissions:
    contents: write

12. Common Actions

• actions/checkout@v4: Clones the repository.
• actions/setup-<language>@vX: Sets up languages (e.g., setup-go, setup-node).
• actions/upload-artifact@v4: Uploads files.
• actions/download-artifact@v4: Downloads files.
• actions/cache@v4: Caches dependencies for faster builds.

13. Expressions and Contexts

• Expressions: Use ${{ <expression> }} for dynamic values (e.g., ${{ github.sha }}).
• Contexts: Predefined objects like github, env, secrets, matrix.
• Example:

  if: ${{ github.event_name == 'push' }}

14. Best Practices

• Use specific action versions (e.g., @v4 instead of @main).
• Store sensitive data in GitHub Secrets.
• Break workflows into modular jobs for clarity.
• Use continue-on-error for non-critical steps.
• Leverage caching to speed up workflows (actions/cache@v4).

For more details, see the GitHub Actions Documentation.

Analysis of the Provided Go Workflow YAML

The provided YAML file defines a GitHub Actions workflow named unit-test for a Go project with a PostgreSQL database. Below is a detailed breakdown of the workflow, referencing the cheatsheet components.

YAML File

# This workflow will build a golang project
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go

name: unit-test

on:
  push:
    branches: ["main", "dev/sajjad/users"]
  pull_request:
    branches: ["main"]

jobs:
  test:
    name: Test
    runs-on: ubuntu-latest

    services:
      postgres:
        image: postgres:latest
        # Provide the password for postgres
        env:
          POSTGRES_USER: root
          POSTGRES_PASSWORD: root
          POSTGRES_DB: simple_bank
        ports:
          - 5432:5432
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5

    steps:
      - name: Set up Go
        uses: actions/setup-go@v4
        with:
          go-version: "1.24.3"

      - name: Check out code to runner
        uses: actions/checkout@v4

      - name: Install go-migrate
        run: |
          $ curl -L https://github.com/golang-migrate/migrate/releases/download/v4.18.3/migrate.linux-amd64.tar.gz | tar xvz
          sudo mv migrate.linux-amd64 /usr/bin/migrate
          which Migrate

      - name: Run migrations
        run: make migrateup

      - name: Test
        run: make test

Component Breakdown

1. Workflow:

   • Name: unit-test
   • Purpose: Automates unit testing for a Go project with a PostgreSQL database.
   • File Location: Stored in .github/workflows/ (not specified in the YAML but implied).

2. Events (on):

   • Triggers:
     • push: branches: ["main", "dev/sajjad/users"]: Runs on pushes to the main branch and the dev/sajjad/users branch.
     • pull_request: branches: ["main"]: Runs on pull requests targeting the main branch.
   • Explanation: This ensures the workflow runs for code changes to specific branches and pull requests, supporting both development and production workflows.

3. Jobs:

   • Job Name: test
   • Runner: runs-on: ubuntu-latest
     • Uses a GitHub-hosted Ubuntu virtual machine (latest version).
   • Purpose: Executes the test-related tasks for the Go project.

4. Services:

   • Service Name: postgres
   • Configuration:
     • image: postgres:latest: Uses the latest PostgreSQL Docker image.
     • env:
     • POSTGRES_USER: root: Database user.
     • POSTGRES_PASSWORD: root: Database password.
     • POSTGRES_DB: simple_bank: Database name.
     • ports: - 5432:5432: Maps port 5432 for access via localhost:5432.
     • options: Health checks ensure the database is ready:
     • --health-cmd pg_isready: Checks if PostgreSQL is accepting connections.
     • --health-interval 10s, --health-timeout 5s, --health-retries 5: Retries 5 times every 10 seconds with a 5-second timeout.
   • Explanation: The PostgreSQL service provides a database for testing and migrations, accessible by the job’s steps.

5. Steps:

   • Step 1: Set up Go
     • uses: actions/setup-go@v4
     • with: go-version: "1.24.3": Installs Go version 1.24.3.
     • Explanation: Sets up the Go environment required for building and testing.
   • Step 2: Check out code to runner
     • uses: actions/checkout@v4
     • Explanation: Clones the repository to the runner, making the code available for subsequent steps.
   • Step 3: Install go-migrate
     • run: Downloads and installs go-migrate分散

      curl -L https://github.com/golang-migrate/migrate/releases/download/v4.18.3/migrate.linux-amd64.tar.gz | tar xvz
      sudo mv migrate.linux-amd64 /usr/bin/migrate
      which Migrate
   

 - **Explanation**: Installs the `go-migrate` CLI (version 4.18.3) to manage database migrations.

• Step 4: Run migrations
  • run: make migrateup
  • Explanation: Runs the migrateup Makefile target to apply database migrations to the PostgreSQL database.
• Step 5: Test
  • run: make test
  • Explanation: Runs the test Makefile target to execute the Go tests, likely using the PostgreSQL database.

How the Workflow Works

1. Trigger: The workflow runs on:
   • Pushes to the main or dev/sajjad/users branches.
   • Pull requests targeting the main branch.
2. Runner Setup: An ubuntu-latest virtual machine is provisioned.
3. Service Startup: The postgres service starts a PostgreSQL container with the simple_bank database, accessible at localhost:5432.
4. Step Execution:
   • Installs Go 1.24.3.
   • Clones the repository.
   • Installs the go-migrate CLI.
   • Runs database migrations using make migrateup.
   • Executes tests using make test.
5. Completion: The workflow completes, marking success or failure in the GitHub Actions UI. The PostgreSQL container is terminated.

Key Notes

• Makefile Integration: The workflow uses make commands (migrateup, test), indicating the project has a Makefile to simplify task execution.
• Security: Hardcoded POSTGRES_USER and POSTGRES_PASSWORD (root) are used for simplicity. In production, use GitHub Secrets for sensitive data.
• Health Checks: The PostgreSQL service uses health checks to ensure readiness, preventing steps from running before the database is available.
• Potential Improvement: The go-migrate installation command has an extra $ before curl, which may cause errors. It should be:

  curl -L https://github.com/golang-migrate/migrate/releases/download/v4.18.3/migrate.linux-amd64.tar.gz | tar xvz

Additional Tips for This Workflow

• Add Environment Variables: Explicitly define DATABASE_URL for clarity:

  env:
    DATABASE_URL: postgres://root:root@localhost:5432/simple_bank?sslmode=disable

in the Run migrations and Test steps.

• Caching: Use actions/cache@v4 to cache Go modules for faster builds:

  - name: Cache Go modules
    uses: actions/cache@v4
    with:
      path: ~/go/pkg/mod
      key: ${{ runner.os }}-go-${{ hashFiles('**/go.mod') }}

• Matrix Testing: Test multiple Go versions:

  strategy:
    matrix:
      go-version: ['1.21', '1.22', '1.24.3']

For further customization, refer to the GitHub Actions Documentation and go-migrate Documentation.