GitHub CI/CD
Last updated
Last updated
GitHub Actions is a powerful platform integrated directly into GitHub repositories. It allows you to automate various software development workflows, including building, testing, and your code.
Workflows: YAML files that define a set of jobs to be executed when triggered by an event.
Jobs: A set of steps that execute on the same runner.
Steps: Individual tasks that can run commands or actions.
Actions: Reusable units of code that can be shared across workflows.
Events: Specific activities that trigger a workflow run.
This simple workflow runs on push and pull request events, checks out the repository, and runs a simple command.
GitHub secrets are encrypted environment variables used to store sensitive information securely. They are crucial for handling authentication and other confidential data in your workflows.
Organization Secrets: Available to all repositories in the eclipse-pass
organization.
Repository Secrets: Specific to a single repository.
Environment Secrets: Tied to a specific environment within a repository.
Due to permission restrictions, PASS project members should use the provided Python script to create repository or environment secrets:
Reference secrets in your workflows like this:
For reusable workflows, pass secrets explicitly:
In the called workflow, declare expected secrets:
Use reusable workflows for common tasks to maintain DRY principles.
Leverage GitHub-hosted runners when possible to reduce maintenance overhead.
Use environment protection rules for sensitive deployments.
Regularly audit and rotate your secrets.
Use GitHub Actions marketplace for pre-built actions to speed up development.
To interact with AWS services, including ECR (Elastic Container Registry), you'll need to set up appropriate secrets and use AWS-specific actions in your workflows.
Store your AWS credentials as secrets:
AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
This workflow builds a Docker image and pushes it to Amazon ECR.
For organization secrets, open a ticket with the .
For more detailed information, refer to the .