Back to Blog
devops

Implementing CI/CD Pipelines with GitHub Actions: From Zero to Production

Build production-grade CI/CD pipelines with GitHub Actions including testing, security scanning, Docker builds, and multi-environment deployments.

NyxaLabs Team
Implementing CI/CD Pipelines with GitHub Actions: From Zero to Production

GitHub Actions has become the standard for CI/CD in the GitHub ecosystem. Here's how to build pipelines that handle real-world complexity.

Basic Workflow Structure

name: CI/CD Pipeline

on:
  push:
    branches: [main, develop]
  pull_request:
    branches: [main]

jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: 20
          cache: npm
      - run: npm ci
      - run: npm test

Caching Dependencies

- uses: actions/cache@v4
  with:
    path: |
      ~/.npm
      node_modules
    key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
    restore-keys: |
      ${{ runner.os }}-node-

Matrix Testing for Multiple Versions

jobs:
  test:
    strategy:
      matrix:
        node: [18, 20, 22]
        os: [ubuntu-latest, macos-latest]
    runs-on: ${{ matrix.os }}
    steps:
      - uses: actions/setup-node@v4
        with:
          node-version: ${{ matrix.node }}

Security Scanning

security:
  runs-on: ubuntu-latest
  steps:
    - uses: actions/checkout@v4
    
    # Dependency vulnerability scanning
    - name: Run Snyk
      uses: snyk/actions/node@master
      env:
        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
    
    # Secret scanning
    - name: Gitleaks
      uses: gitleaks/gitleaks-action@v2
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Docker Build and Push

build:
  needs: [test, security]
  runs-on: ubuntu-latest
  steps:
    - uses: actions/checkout@v4
    
    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v3
    
    - name: Login to Container Registry
      uses: docker/login-action@v3
      with:
        registry: ghcr.io
        username: ${{ github.actor }}
        password: ${{ secrets.GITHUB_TOKEN }}
    
    - name: Build and push
      uses: docker/build-push-action@v5
      with:
        context: .
        push: true
        tags: ghcr.io/${{ github.repository }}:${{ github.sha }}
        cache-from: type=gha
        cache-to: type=gha,mode=max

Multi-Environment Deployments

deploy-staging:
  needs: build
  runs-on: ubuntu-latest
  environment: staging
  steps:
    - name: Deploy to Staging
      run: |
        kubectl set image deployment/app \
          app=ghcr.io/${{ github.repository }}:${{ github.sha }}

deploy-production:
  needs: deploy-staging
  runs-on: ubuntu-latest
  environment:
    name: production
    url: https://myapp.com
  steps:
    - name: Deploy to Production
      run: |

Reusable Workflows

# .github/workflows/reusable-deploy.yml
on:
  workflow_call:
    inputs:
      environment:
        required: true
        type: string
    secrets:
      KUBE_CONFIG:
        required: true

jobs:
  deploy:
    runs-on: ubuntu-latest
    environment: ${{ inputs.environment }}
    steps:
      - name: Deploy
        run: echo "Deploying to ${{ inputs.environment }}"

Notifications and Status Checks

- name: Slack Notification
  if: failure()
  uses: slackapi/slack-github-action@v1
  with:
    payload: |
      {"text": "Deployment failed: ${{ github.workflow }}"}

NyxaLabs DevOps Services

We design and implement CI/CD pipelines that accelerate delivery while maintaining quality. From simple workflows to complex multi-environment deployments, we've got you covered. Contact us to optimize your delivery pipeline.

Tags

#GitHub Actions #CI/CD #DevOps #Automation #Tutorial

Want to Work With Us?

We're ready to help bring your ideas to life with cutting-edge technology.

Get In Touch