This Workshop will teach you the fundamentals of GitHub, security strategy and essentials on GitHub and how to use GitHub actions to enable CI/CD across your repositories.
GitHub Actions is an advanced feature of GitHub that enables automation, artifact management and CI/CD natively. This workshop aims to educate you on how to implement these workflows across your projects on GitHub.
If you have a moderator, they will likely be vastly out numbered during your workshop - please rely heavily on the documentation provided and available on help.github.com. When you are complete, feel free to ask for feedback from your moderator and remember the best way to learn is to teach!
GitHub Fundamentals
- Star this repository so we know you have taken this workshop!
- Fork this repository to your GitHub Account. (Fork button on top right of Repo)
- Go to the
Introduction to GitHub
module
In this course, you’ll learn how to:
- Communicate in issues
- Manage notifications
- Create branches
- Make commits
- Introduce changes with pull requests
This course will show you how to build, host, and maintain a secure repository on GitHub.
- Go to the
Security Essentials
module
In this course, you’ll learn how to:
- Enable vulnerable dependency detection for private repositories
- Detect and fix outdated dependencies with security vulnerabilities
- Automate the detection of vulnerable dependencies with Dependabot
- Add a security policy with the a SECURITY.md file
- Remove a commit exposing sensitive data in a pull request
- Keep sensitive files out of your repository by leveraging the use of a .gitignore file
- Remove historical commits exposing sensitive data deep in your repository
The goal of Phase 2 is to Create a simple GitHub Action and use it in a workflow.
- Go to the
hello world
actions module - Review the official GitHub Actions resources.
In this phase, you’ll learn how to:
- Organize and identify workflow files
- Add executable scripts
- Create workflow and action blocks
- Trigger workflows
- Discover workflow logs
The goal of Phase 3 is to Learn how to create workflows that enable you to use Continuous Integration (CI) for your projects.
- Go to the
Continuous Integration
actions module
In this phase, you’ll learn how to:
- Describe CI and why it is necessary
- Use and customize a templated workflow
- Create CI workflows that match the team's needs and behaviors
- Use the repository's source code and build artifacts (like compiled source code) across jobs in a workflow
- Implement a unit testing framework using GitHub Actions
- Create a workflow that runs tests and produces test reports
- Set up a matrix build to create build artifacts for multiple target platforms
- Save a repository's build artifacts
- Access saved build artifacts
- Choose virtual environments for the application's CI needs
The goal of Phase 4 is to walk you through using GitHub Actions to get your code in a deployable state once your CI workflows have completed.
- Go to the
Artifact Publishing
actions module
In this phase, you’ll learn how to:
- Describe CD and why it is necessary
- Use and customize a repository workflow
- Create CD workflows that matches the team's needs and behaviors
- Use the repository's source code to build artifacts and store them in the GitHub Packages
- Save repository build artifacts
- Access saved build artifacts
FINAL: The goal of Phase 6 is to create a deployment workflow using Azure.
- Go to the
Action Samples for deploying to Azure Web apps
actions module - Choose a sample app, and deploy it to Azure.
In this phase, you’ll learn how to:
- Create multiple workflows
- Configure Azure for deployment
- Use secrets to store tokens
- Deploy to staging and production
- Practice using GitHub Actions
The goal of Phase 1 is to understand the major concepts that will be leveraged throughout the workshop. Documentation should be read carefully and referred to often.