GitHub Actions · CI/CDbeginner
GitHub Actions CI Workflow (JSON view)
A GitHub Actions CI workflow — checkout, setup, install, test — expressed as JSON for programmatic editing before converting back to workflow YAML.
github-actionscicdworkflowautomation
Preview
{
"name": "CI",
"on": {
"push": {
"branches": [
"main"
]
},
"pull_request": {}
},
"permissions": {
"contents": "read"
},
"jobs": {
"test": {
"runs-on": "ubuntu-latest",
"steps": [
{
"uses": "actions/checkout@v4"
},
{
"uses": "actions/setup-node@v4",
"with": {
"node-version": "20",
"cache": "npm"
}
},
{
"run": "npm ci"
},
{
"run": "npm test"
}
]
}
}
}AI actions
Documentation
Purpose
Define an automated CI pipeline that runs on push and pull request to build and test the project.
When to use
Editing a workflow programmatically (linting, templating, bulk changes) before serializing back to `.github/workflows/*.yml`.
Required fields
- on — the events that trigger the workflow
- jobs — the named jobs to run
- runs-on — the runner image for each job
- steps — the ordered actions/commands in a job
Optional fields
- name — human-readable workflow name
- strategy.matrix — run a job across parameter combinations
- env — environment variables
Best practices
- Pin third-party actions to a full commit SHA, not a floating tag.
- Use a matrix to test across runtime versions.
- Cache dependencies to speed up runs.
Security considerations
- Give GITHUB_TOKEN the least permissions the job needs.
- Never echo secrets; reference them via ${{ secrets.NAME }}.
- Treat pull_request_target and self-hosted runners as high-risk.