Create production-ready GitHub Actions workflows for automated testing, building, and deploying applications. Use when setting up CI/CD with GitHub Actions, automating development workflows, or creating reusable workflow templates.
Add this skill
npx mdskills install sickn33/github-actions-templatesComprehensive GitHub Actions patterns with practical examples and best practices
1---2name: github-actions-templates3description: Create production-ready GitHub Actions workflows for automated testing, building, and deploying applications. Use when setting up CI/CD with GitHub Actions, automating development workflows, or creating reusable workflow templates.4---56# GitHub Actions Templates78Production-ready GitHub Actions workflow patterns for testing, building, and deploying applications.910## Do not use this skill when1112- The task is unrelated to github actions templates13- You need a different domain or tool outside this scope1415## Instructions1617- Clarify goals, constraints, and required inputs.18- Apply relevant best practices and validate outcomes.19- Provide actionable steps and verification.20- If detailed examples are required, open `resources/implementation-playbook.md`.2122## Purpose2324Create efficient, secure GitHub Actions workflows for continuous integration and deployment across various tech stacks.2526## Use this skill when2728- Automate testing and deployment29- Build Docker images and push to registries30- Deploy to Kubernetes clusters31- Run security scans32- Implement matrix builds for multiple environments3334## Common Workflow Patterns3536### Pattern 1: Test Workflow3738```yaml39name: Test4041on:42 push:43 branches: [ main, develop ]44 pull_request:45 branches: [ main ]4647jobs:48 test:49 runs-on: ubuntu-latest5051 strategy:52 matrix:53 node-version: [18.x, 20.x]5455 steps:56 - uses: actions/checkout@v45758 - name: Use Node.js ${{ matrix.node-version }}59 uses: actions/setup-node@v460 with:61 node-version: ${{ matrix.node-version }}62 cache: 'npm'6364 - name: Install dependencies65 run: npm ci6667 - name: Run linter68 run: npm run lint6970 - name: Run tests71 run: npm test7273 - name: Upload coverage74 uses: codecov/codecov-action@v375 with:76 files: ./coverage/lcov.info77```7879**Reference:** See `assets/test-workflow.yml`8081### Pattern 2: Build and Push Docker Image8283```yaml84name: Build and Push8586on:87 push:88 branches: [ main ]89 tags: [ 'v*' ]9091env:92 REGISTRY: ghcr.io93 IMAGE_NAME: ${{ github.repository }}9495jobs:96 build:97 runs-on: ubuntu-latest98 permissions:99 contents: read100 packages: write101102 steps:103 - uses: actions/checkout@v4104105 - name: Log in to Container Registry106 uses: docker/login-action@v3107 with:108 registry: ${{ env.REGISTRY }}109 username: ${{ github.actor }}110 password: ${{ secrets.GITHUB_TOKEN }}111112 - name: Extract metadata113 id: meta114 uses: docker/metadata-action@v5115 with:116 images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}117 tags: |118 type=ref,event=branch119 type=ref,event=pr120 type=semver,pattern={{version}}121 type=semver,pattern={{major}}.{{minor}}122123 - name: Build and push124 uses: docker/build-push-action@v5125 with:126 context: .127 push: true128 tags: ${{ steps.meta.outputs.tags }}129 labels: ${{ steps.meta.outputs.labels }}130 cache-from: type=gha131 cache-to: type=gha,mode=max132```133134**Reference:** See `assets/deploy-workflow.yml`135136### Pattern 3: Deploy to Kubernetes137138```yaml139name: Deploy to Kubernetes140141on:142 push:143 branches: [ main ]144145jobs:146 deploy:147 runs-on: ubuntu-latest148149 steps:150 - uses: actions/checkout@v4151152 - name: Configure AWS credentials153 uses: aws-actions/configure-aws-credentials@v4154 with:155 aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}156 aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}157 aws-region: us-west-2158159 - name: Update kubeconfig160 run: |161 aws eks update-kubeconfig --name production-cluster --region us-west-2162163 - name: Deploy to Kubernetes164 run: |165 kubectl apply -f k8s/166 kubectl rollout status deployment/my-app -n production167 kubectl get services -n production168169 - name: Verify deployment170 run: |171 kubectl get pods -n production172 kubectl describe deployment my-app -n production173```174175### Pattern 4: Matrix Build176177```yaml178name: Matrix Build179180on: [push, pull_request]181182jobs:183 build:184 runs-on: ${{ matrix.os }}185186 strategy:187 matrix:188 os: [ubuntu-latest, macos-latest, windows-latest]189 python-version: ['3.9', '3.10', '3.11', '3.12']190191 steps:192 - uses: actions/checkout@v4193194 - name: Set up Python195 uses: actions/setup-python@v5196 with:197 python-version: ${{ matrix.python-version }}198199 - name: Install dependencies200 run: |201 python -m pip install --upgrade pip202 pip install -r requirements.txt203204 - name: Run tests205 run: pytest206```207208**Reference:** See `assets/matrix-build.yml`209210## Workflow Best Practices2112121. **Use specific action versions** (@v4, not @latest)2132. **Cache dependencies** to speed up builds2143. **Use secrets** for sensitive data2154. **Implement status checks** on PRs2165. **Use matrix builds** for multi-version testing2176. **Set appropriate permissions**2187. **Use reusable workflows** for common patterns2198. **Implement approval gates** for production2209. **Add notification steps** for failures22110. **Use self-hosted runners** for sensitive workloads222223## Reusable Workflows224225```yaml226# .github/workflows/reusable-test.yml227name: Reusable Test Workflow228229on:230 workflow_call:231 inputs:232 node-version:233 required: true234 type: string235 secrets:236 NPM_TOKEN:237 required: true238239jobs:240 test:241 runs-on: ubuntu-latest242 steps:243 - uses: actions/checkout@v4244 - uses: actions/setup-node@v4245 with:246 node-version: ${{ inputs.node-version }}247 - run: npm ci248 - run: npm test249```250251**Use reusable workflow:**252```yaml253jobs:254 call-test:255 uses: ./.github/workflows/reusable-test.yml256 with:257 node-version: '20.x'258 secrets:259 NPM_TOKEN: ${{ secrets.NPM_TOKEN }}260```261262## Security Scanning263264```yaml265name: Security Scan266267on:268 push:269 branches: [ main ]270 pull_request:271 branches: [ main ]272273jobs:274 security:275 runs-on: ubuntu-latest276277 steps:278 - uses: actions/checkout@v4279280 - name: Run Trivy vulnerability scanner281 uses: aquasecurity/trivy-action@master282 with:283 scan-type: 'fs'284 scan-ref: '.'285 format: 'sarif'286 output: 'trivy-results.sarif'287288 - name: Upload Trivy results to GitHub Security289 uses: github/codeql-action/upload-sarif@v2290 with:291 sarif_file: 'trivy-results.sarif'292293 - name: Run Snyk Security Scan294 uses: snyk/actions/node@master295 env:296 SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}297```298299## Deployment with Approvals300301```yaml302name: Deploy to Production303304on:305 push:306 tags: [ 'v*' ]307308jobs:309 deploy:310 runs-on: ubuntu-latest311 environment:312 name: production313 url: https://app.example.com314315 steps:316 - uses: actions/checkout@v4317318 - name: Deploy application319 run: |320 echo "Deploying to production..."321 # Deployment commands here322323 - name: Notify Slack324 if: success()325 uses: slackapi/slack-github-action@v1326 with:327 webhook-url: ${{ secrets.SLACK_WEBHOOK }}328 payload: |329 {330 "text": "Deployment to production completed successfully!"331 }332```333334## Reference Files335336- `assets/test-workflow.yml` - Testing workflow template337- `assets/deploy-workflow.yml` - Deployment workflow template338- `assets/matrix-build.yml` - Matrix build template339- `references/common-workflows.md` - Common workflow patterns340341## Related Skills342343- `gitlab-ci-patterns` - For GitLab CI workflows344- `deployment-pipeline-design` - For pipeline architecture345- `secrets-management` - For secrets handling346
Full transparency — inspect the skill content before installing.