github-actions.md

GitHub Actions

These are NOT real questions from the exam but quite close enough to what you can get to help you to prepare it and obtain the certification

Skills measured

• Author and maintain workflows (40% of the exam)
• Consume workflows (20% of the exam)
• Author and maintain actions (25% of the exam)
• Manage GitHub Actions for the enterprise (15% of the exam)

Author and maintain workflows

How to trigger a workflow when a commit is done on the main branch ?

show

on:
  push:
    branches:
      - main

How to trigger a workflow when a pull request is done on the main branch ?

show

on:
  pull_request:
    branches:
      - main

What is the keyword to ensure a job must run after another successful job ?

show

needs

jobs:
  job1:
  job2:
    needs: job1
  job3:
    needs: [job1, job2]

In which folder must be placed your workflows's YAML files?

show

.github/workflows

Suppose you have created a bug fix on a new branch and want it to become part of the next production build generated from the main branch. What should you do next? ?

show

Create a pull request to merge your new branch into the main branch.

What is the keyword to specify the operating system on which the job will be executed ?

show

runs-on

jobs:
  print-username:
    runs-on: ubuntu-latest
    steps:

Consume workflows

What are the two "secure" ways to call a specific version of an Action

show

• the version (semver)
• the commit hash

steps:
  - uses: github/my-action@v1
  - uses: github/my-action@734713bc047d87bf7eac9674765ae793478c50d3

The branch name is not secure as it can change at anytime. The version (using semver) is most secure IF the developer never overwrite a previous version/tag

How to create a manual approval step in a workflow ?

show

There are different steps. First you need to create an Environment (let's call it "dev").

Then, in this environment you need to define protection rules and especially the rule "Required reviewers"

Finally, you need for the job you want an approval for, to reference the newly created/configured environment :

jobs:
  build-and-publish:
    runs-on: ubuntu-latest
    steps:

  deploy-dev:
    runs-on: 'ubuntu-latest'
    environment: 'dev'

Which operating systems are supported to run GitHub Actions on hosted agents?

show

• Linux (ubuntu)
• Windows (windows server)
• Mac OS

Which trigger allows to start a workflow manually ?

show

workflow_dispatch

How many combinations are created with the following matrix ?

jobs:
  example_matrix:
    strategy:
      matrix:
        version: [10, 12, 14]
        os: [ubuntu-latest, windows-latest]

show

6 combinations

Which variable contains the name of the repository and the name of the owner ?

show

GITHUB_REPOSITORY

Which variable contains the name of the user who triggered the workflow ?

show

GITHUB_ACTOR

Which variable contains the name of the branch or tag which triggered the current workflow ?

show

GITHUB_REF_NAME

/!\ GITHUB_REF will contains the full name (refs/heads/<branch_name>)

Do the jobs of a workflow run on the same machine ?

show

No. Which means that a file/anything created by a job, cannot be retrieved by a second job automatically.

What are the three different ways to call a version of an Action

show

• the branch name
• the version (semver)
• the commit hash

steps:
  - uses: github/my-action@v1
  - uses: github/my-action@main
  - uses: github/my-action@734713bc047d87bf7eac9674765ae793478c50d3

How do you enforce your workflow running on a specific self-hosted agent running on Linux with ARM ?

show

You need to use a "route" by specifying the labels you want to target:

runs-on: [self-hosted, linux, ARM64]

You have a workflow secret named MY_SECRET. What is the format to call it from the workflow ?

show

steps:
  - name: Hello world action
    with: # Set the secret as an input
      super_secret: ${{ secrets.MY_SECRET }}

Author and maintain actions

What are the three types of custom Actions you can create ?

show

• Docker
• JavaScript
• Composite Actions

Which file containing metadata is mandatory ?

show

The metadata filename must be either action.yml or action.yaml

Which fields are mandatory in the metadata file ?

• name
• description
• version
• inputs
• author

show

Name and description. Inputs and author are optional. Version does not exist

How do you return values from your GitHub Actions ?

show

By defining outputs variables:

outputs:
  sum: # id of the output
    description: 'The sum of the inputs'

How can you customize the icon and the background color of your custom GitHub Action ?

show

By defining a branding section in the metadata file:

branding:
  icon: 'award'  
  color: 'green'

You want to create a custom JavaScript Action. What is the name of the main JavaScript file ?

show

Whatever you want as long as the name is specified in the action.yaml file:

name: 'Hello World by me' # name of the action (mandatory)
description: 'Says hello to someone' #  simple description (mandatory)
author: 'Louis-Guillaume MORAND' # author (optional)
runs:
  using: 'node12' 
  main: 'index.js'

Which ones are prerequisites to publish an action in the marketplace ?

• The action must be in a public repository.
• Each repository must contain a single action.
• The action's metadata file (action.yml or action.yaml) must be in the root directory of the repository.
• The name in the action's metadata file must be unique.

show

ALL of them see documentation.

Which is the first step to publish an action in the marketplace ?

show

To create a Release.

Manage GitHub Actions for the enterprise

Can you prevent users to use Actions from the marketplace ?

show

Yes, using Policies and restricting to local actions only.

Can you allow users to only used actions created by GitHub or verified creators ?

show

Yes, using Policies and restricting to specific actions (menu "Allow select actions").

Are the Actions created by GitHub automatically present in GitHub Enterprise Server ?

show

Yes, but they may not be the last version of them.

Can you upload containers images in GitHub Packages ?

show

Yes.

What is the docker command to publish a container image on GitHub Packages ?

show

docker push ghcr.io/OWNER/IMAGE_NAME:latest

What are the (programming) package managers supported by GitHub Packages ?

show

• npm, a NodeJS package manager
• NuGet, the .NET package manager
• RubyGems
• Maven and Gradle, two package managers for Java

In which scenarios should you NOT use GitHub Packages ?

• When I want to share code between methods of my application.
• When I want to share container images among developers of your team.
• When I want to publish a small code library as an open-source project.

show

When I want to share code between methods of my application

Which Action allows to upload an artifact ?

show

- uses: actions/upload-artifact@v3
  with:
    name: my-artifact
    path: path/to/artifact/world.txt

Which Actions allows to pass an file from one job to another ?

show

You can use upload-artifact and download-artifact

jobs:
  job1:
    steps:
      - uses: actions/checkout@v2

      - run: mkdir -p path/to/artifact

      - run: echo hello > path/to/artifact/world.txt

      - uses: actions/upload-artifact@v2
        with:
          name: my-artifact
          path: path/to/artifact/world.txt
  job2:
    steps:
      - uses: actions/download-artifact@v2
        with:
          name: my-artifact