GitHub Actions CI/CD Workflow
Generate production-ready GitHub Actions workflow files with proper event triggers, jobs, steps, and runner configurations for continuous integration and continuous deployment pipelines.
What This Skill Does
This skill creates complete `.github/workflows/*.yml` files for GitHub Actions that automate your build, test, and deployment processes. It handles workflow syntax, event triggers, job dependencies, matrix strategies, secrets management, caching, and deployment configurations based on your project's technology stack and requirements.
Instructions
Follow these steps to generate a GitHub Actions workflow:
1. Gather Project Context
First, understand the project requirements:
Ask the user what they want to automate (build, test, deploy, release, etc.)Identify the technology stack (Node.js, Python, Go, Java, Docker, etc.)Determine trigger events (push, pull request, schedule, manual dispatch)Confirm target environments (staging, production, cloud providers)Check for existing workflows in `.github/workflows/` directory2. Analyze Repository Structure
Examine the codebase to inform workflow configuration:
Read `package.json`, `requirements.txt`, `go.mod`, `pom.xml`, or similar dependency filesCheck for test scripts and build commandsIdentify required services (databases, Redis, etc.)Look for existing CI configuration files (`.travis.yml`, `.circleci/config.yml`, etc.) to migrate3. Design Workflow Structure
Plan the workflow with these components:
**Required Elements:**
`name`: Descriptive workflow name`on`: Event triggers (push, pull_request, workflow_dispatch, schedule)`jobs`: One or more jobs with descriptive IDs`runs-on`: Runner environment (ubuntu-latest, windows-latest, macos-latest)`steps`: Sequential actions and commands**Common Patterns:**
Use `actions/checkout@v4` to clone the repositoryUse `actions/setup-*` actions for language runtime setupAdd caching with `actions/cache@v4` for dependenciesUse `actions/upload-artifact@v4` and `actions/download-artifact@v4` for job artifactsConfigure matrix strategies for multi-version testingSet up environment variables and secrets via `env` and `secrets` context4. Generate Workflow File
Create the workflow YAML file following GitHub Actions syntax:
```yaml
name: Descriptive Workflow Name
run-name: ${{ github.actor }} - ${{ github.event_name }}
on:
push:
branches: [main, develop]
pull_request:
branches: [main]
workflow_dispatch:
jobs:
job-id:
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v4
- name: Set up runtime
uses: actions/setup-node@v4 # or setup-python, setup-go, etc.
with:
node-version: '20'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Run tests
run: npm test
- name: Build
run: npm run build
```
**Key Syntax Rules:**
Use consistent 2-space indentationQuote string values containing special characters or GitHub context variablesUse `${{ }}` syntax for expressions and context variablesUse `|` or `>` for multi-line commandsReference secrets with `${{ secrets.SECRET_NAME }}`5. Add Advanced Features
Enhance the workflow based on requirements:
**Conditional Execution:**
```yaml
name: Deploy if: github.ref == 'refs/heads/main' && github.event_name == 'push'
run: npm run deploy
```
**Job Dependencies:**
```yaml
jobs:
build:
runs-on: ubuntu-latest
steps: [...]
deploy:
needs: build
runs-on: ubuntu-latest
steps: [...]
```
**Matrix Strategy:**
```yaml
strategy:
matrix:
node-version: [18, 20, 22]
os: [ubuntu-latest, windows-latest]
```
**Service Containers:**
```yaml
services:
postgres:
image: postgres:15
env:
POSTGRES_PASSWORD: postgres
options: >-
--health-cmd pg_isready
--health-interval 10s
```
**Artifact Upload/Download:**
```yaml
name: Upload build artifacts uses: actions/upload-artifact@v4
with:
name: dist
path: dist/
```
**Environment Secrets:**
```yaml
env:
DATABASE_URL: ${{ secrets.DATABASE_URL }}
API_KEY: ${{ secrets.API_KEY }}
```
6. Validate and Test
Before finalizing:
Verify YAML syntax (proper indentation, quoting, structure)Ensure all required secrets are documentedCheck that file is saved to `.github/workflows/` directoryConfirm workflow file has `.yml` or `.yaml` extensionTest the workflow by committing to a branch and checking the Actions tab7. Document Usage
Provide clear instructions to the user:
List required repository secrets that need to be configuredExplain when the workflow will triggerDescribe what each job doesNote any manual approval steps or environment protection rulesSuggest monitoring the workflow run in the Actions tabExample Usage Scenarios
**Scenario 1: Node.js CI Pipeline**
User: "Create a workflow that runs tests on every PR"Generate: Workflow with checkout, Node.js setup, npm ci, npm test, coverage upload**Scenario 2: Docker Build & Push**
User: "Build Docker image and push to Docker Hub on main branch"Generate: Workflow with Docker buildx, login action, build-push-action, tagging strategy**Scenario 3: Multi-Environment Deployment**
User: "Deploy to staging on develop, production on main"Generate: Workflow with conditional deployment jobs, environment protection, secrets per environment**Scenario 4: Scheduled Maintenance**
User: "Run database backup every night at 2 AM UTC"Generate: Workflow with cron schedule trigger, backup script, artifact uploadConstraints
Always use the latest major version of official actions (@v4, @v5, etc.)Use GitHub-hosted runners unless user specifically requests self-hostedNever hardcode sensitive values — always use `${{ secrets.* }}`Include comments for complex conditional logic or unfamiliar syntaxFollow GitHub Actions best practices: pin action versions, minimize secret exposure, use cachingEnsure workflow names are descriptive and unique within the repositoryTest workflows on feature branches before merging to mainReferences
Official documentation: https://docs.github.com/en/actionsStarter workflows: https://github.com/actions/starter-workflowsGitHub Actions Marketplace: https://github.com/marketplace?type=actions