GitHub Actions · CI/CDbeginner

GitHub Actions CI Workflow (JSON view)

A GitHub Actions CI workflow — checkout, setup, install, test — expressed as JSON for programmatic editing before converting back to workflow YAML.

github-actionscicdworkflowautomation

Preview

{
  "name": "CI",
  "on": {
    "push": {
      "branches": [
        "main"
      ]
    },
    "pull_request": {}
  },
  "permissions": {
    "contents": "read"
  },
  "jobs": {
    "test": {
      "runs-on": "ubuntu-latest",
      "steps": [
        {
          "uses": "actions/checkout@v4"
        },
        {
          "uses": "actions/setup-node@v4",
          "with": {
            "node-version": "20",
            "cache": "npm"
          }
        },
        {
          "run": "npm ci"
        },
        {
          "run": "npm test"
        }
      ]
    }
  }
}

AI actions

Documentation

Purpose

Define an automated CI pipeline that runs on push and pull request to build and test the project.

When to use

Editing a workflow programmatically (linting, templating, bulk changes) before serializing back to `.github/workflows/*.yml`.

Required fields

  • on — the events that trigger the workflow
  • jobs — the named jobs to run
  • runs-on — the runner image for each job
  • steps — the ordered actions/commands in a job

Optional fields

  • name — human-readable workflow name
  • strategy.matrix — run a job across parameter combinations
  • env — environment variables

Best practices

  • Pin third-party actions to a full commit SHA, not a floating tag.
  • Use a matrix to test across runtime versions.
  • Cache dependencies to speed up runs.

Security considerations

  • Give GITHUB_TOKEN the least permissions the job needs.
  • Never echo secrets; reference them via ${{ secrets.NAME }}.
  • Treat pull_request_target and self-hosted runners as high-risk.