DX
DEVOPS LABDevOpsLabX
← Back to trackModule: GitHub Actions in Practice

INTERMEDIATE · Medium · 70m

Your first production-grade workflow

CI/CD: Starter to Shipping

Lesson notes

Goal

Create a workflow that is secure, repeatable, and deploy-ready.

A clean workflow structure

.github/workflows/
  ci.yml
  deploy.yml

Keep CI separate from deploy if possible.

Key things to get right

  • least privilege permissions
  • secrets from GitHub Secrets (never in repo)
  • cache dependencies
  • run on pull_request and push to main

Minimal example (Node)

name: CI
on:
  pull_request:
  push:
    branches: [ main ]
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: 20
      - run: npm ci
      - run: npm run lint
      - run: npm run build

Deploy safety

  • use environments (staging/prod)
  • add manual approval for prod
  • deploy only from main or tags

Next Step

Learn how to debug failures quickly and reduce pipeline downtime.

← PreviousNext →
View full outline

Outline

Use the outline to jump to any topic.

Track tools

Search lessons, continue where you left off, and track completion.

Continue learning →Jump to outline

Modules

3

Lessons

6

Estimated Time

340m

Completion

0%

0/6 lessons

Your progress: 0%

Complete a lesson to increase progress

Outline

Open a lesson for full notes. Mark completed to update your progress.

What CI/CD really automates

35m · Open lesson →

EASY

Goal: Understand what CI/CD automates and how it reduces risk in shipping software. The delivery pipeline (simple) CI/CD is not a tool. It is a set of automated checks + repeatable steps. CI (Continuous Integration) Focu…

Design a pipeline that is fast and reliable

55m · Open lesson →

MEDIUM

Goal: Build pipelines that developers trust: fast feedback and stable results. Key principles fail fast (lint/unit tests early) deterministic builds (pin versions) cache smart (dependencies) keep stages small and clear a…

Your first production-grade workflow

70m · Open lesson →

MEDIUM

Goal: Create a workflow that is secure, repeatable, and deploy ready. A clean workflow structure Keep CI separate from deploy if possible. Key things to get right least privilege permissions secrets from GitHub Secrets (…

Debug pipeline failures like a pro

60m · Open lesson →

MEDIUM

Goal: Find root causes fast when CI/CD fails. Debug checklist 1. Which step failed? 2. Is it deterministic or flaky? 3. Did dependencies change? 4. Is the environment different from local? 5. Does it fail only on main? T…

Docker build strategy and tagging

55m · Open lesson →

MEDIUM

Goal: Build reproducible Docker images and tag them in a way that supports rollbacks. Multi stage builds (why) smaller final image faster builds fewer runtime dependencies Tagging strategy (simple and effective) Use: imm…

Safe deployment patterns

65m · Open lesson →

HARD

Goal: Release changes without taking production down. Patterns Rolling Update instances gradually. Simple, but can still cause partial outages. Blue/Green Two environments: blue = current green = new Switch traffic when…