⚡ Automation Module 0.3 GitHub Actions

GitHub Actions & YAML —
Complete Beginner Guide

From understanding why CI/CD exists to writing complete ci.yml and deploy.yml workflows — everything explained with real examples and Feynman-style analogies.

GoalWrite and understand GitHub Action workflows
Sections13 topics
LevelAbsolute Beginner
1Understanding CI/CD

The Big Picture

Before writing a single line of YAML, understand why GitHub Actions exists. The typical workflow without automation:

Write code → Save code → Push to GitHub → Manually test → Manually deploy

This becomes repetitive, error-prone, and slow. GitHub Actions automates everything after the push.

Push Code git push GitHub Actions robot wakes up Build & Test automated checks Deploy website updates

One git push triggers the entire pipeline automatically — no manual steps required.

2Understanding CI/CD

What is GitHub Actions?

GitHub Actions is a robot assistant living inside your GitHub repository. Whenever something happens (a push, a pull request, a schedule), the robot can automatically perform tasks.

🆕

Run Tests

Automatically verify your code compiles and tests pass on every push.

🏭

Build Projects

Compile firmware or build web assets on a clean machine in the cloud.

🚀

Deploy Websites

Automatically push your site to Netlify, GitHub Pages, or any host.

🔔

Notifications

Send Slack or email notifications when builds pass or fail.

🦺
Feynman Analogy — The Bakery Robot
Imagine you own a bakery. A customer orders → you check ingredients → you bake → package → deliver. GitHub Actions automates all the repetitive steps. Every time a customer orders (code push), the robot does the work.
3Understanding CI/CD

CI vs CD

CI — Continuous Integration
Push code → Automatically verify everything works → Catch errors before they reach others Without CI: broken code enters the repo. With CI: error caught immediately.
CD — Continuous Deployment
After checks pass: → Automatically publish project Without CD: login manually, upload files. With CD: push code, website updates itself.
💡
Simple Rule
CI checks that code works. CD publishes that working code to the world. The two work together as a quality gate followed by automatic publishing.
4Understanding CI/CD

Why Create ci.yml?

GitHub needs instructions. The robot cannot guess whether to run tests, deploy, or build. You provide instructions in a workflow file:

.github/ workflows/ ci.yml deploy.yml

GitHub is designed to look only inside .github/workflows/. Think of it like a teacher who only checks the homework folder — work left elsewhere is ignored.

💡
The workflow file tells GitHub
1. When to start the robot. 2. Which machine to use. 3. What commands to execute. That's it — three things.
5YAML

What is YAML?

YAML stands for "YAML Ain't Markup Language" — a human-readable format for describing structured information. It's used everywhere in modern DevOps: GitHub Actions, Docker, Kubernetes, CI/CD pipelines.

The key advantage of YAML over JSON is readability:

JSON — harder to read
{"name": "Satwik", "age": 20, "role": "developer"}
YAML — easier to read
name: Satwik age: 20 role: developer

Same information, YAML is far cleaner for configuration files.

6YAML

YAML Rules & Structure

⚠️ Most Important Rule — Spaces Matter

In YAML, indentation shows relationships. Use spaces (never tabs). Wrong indentation causes GitHub to reject your workflow entirely.

✓ Correct indentation
jobs: build: runs-on: ubuntu-latest
✗ Wrong — no indentation
jobs: build: runs-on: ubuntu-latest

Parent-Child Relationships

Indentation in YAML shows that something belongs to something else — exactly like a folder structure:

yaml — indentation = ownership
parent:
  child:
    grandchild: "value"

Lists use Hyphens ( - )

In YAML, a hyphen - at the start of a line means "this is one item in a list":

yaml — list syntax
steps:
  - name: Step One
    run: echo "first"
  - name: Step Two
    run: echo "second"
7Workflow Keywords

name, on, jobs, runs-on

name:Give the workflow a human-readable name
Appears in the GitHub Actions tab so you can identify the workflow.

name: CI Workflow
on:When should the robot wake up?
Defines the trigger event. Most common options:
yaml
on:
  push:
    branches: [main]      # on every push to main

on:
  pull_request:           # on every PR

on:
  schedule:
    - cron: "0 0 * * *"  # every day at midnight
jobs:What work should be performed?
A workflow can have multiple jobs running in parallel or sequentially. Each job is a separate task group — test, build, deploy are separate jobs.
runs-on:Which machine should run the job?
yaml
runs-on: ubuntu-latest   # Linux (recommended)
runs-on: windows-latest  # Windows
runs-on: macos-latest    # Mac
Most workflows use ubuntu-latest — it's fast, free, reliable, and most tools support Linux.
8Workflow Keywords

steps, run, uses

steps:List of instructions to execute in order
Think of making tea: boil water → add tea → pour. GitHub Actions follows the same step-by-step pattern. Each - is one step.
run:Execute a shell command yourself
You write and execute the command directly.
yaml
- name: Print a message
  run: echo "CI is working!"

- name: Install dependencies
  run: npm install
uses:Use a prebuilt action (order food instead of cooking)
Someone already built a reusable action. You just reference it.
yaml
- name: Checkout Repository
  uses: actions/checkout@v4
actions/checkout@v4 downloads your repository files onto the GitHub machine. Without it, the Ubuntu machine starts empty with no project files.
💡
run vs uses in one sentence
run = cook the meal yourself. uses = order takeout. Both get food on the table — uses is faster for common tasks.
9Workflow Keywords

Complete CI Workflow

yaml — .github/workflows/ci.yml
name: CI WORKFLOW

on:
  push:
    branches:
      - main

jobs:
  test:
    runs-on: ubuntu-latest

    steps:
      - name: Print Message
        run: echo "CI is Working!"

English Translation

Workflow Name: CI WORKFLOW WHEN: Code is pushed to the main branch DO: Create an Ubuntu machine Print "CI is Working!" Destroy the machine

How It Runs

git push origin main ↓ GitHub detects push to main ↓ Creates Ubuntu machine ↓ Runs steps in order ↓ Prints "CI is Working!" ↓ Shows ✓ green checkmark in Actions tab
What to check after pushing
Go to your repo → Actions tab. You'll see the workflow run. Green ✓ = success. Red ✗ = something failed. Click to see the full log output.
10Deployment

What is Deployment?

Deployment means uploading your project to the internet so anyone can access it. Before deployment, a website exists only on your laptop. After deployment, it's accessible worldwide.

📄

ci.yml — Verify

Checks that code works before it goes anywhere. The quality gate.

🌐

deploy.yml — Publish

Takes passing code and makes it live on the internet automatically.

Why Netlify?

Netlify is a static site hosting platform that supports HTML, CSS, JavaScript, React, and Vue. It has a free tier, automatic HTTPS, and integrates directly with GitHub — making it ideal for learning CD pipelines.

11Deployment

Secrets & Security

Netlify requires an API token to verify who you are and a site ID to know which website to update. These credentials must never appear in your code.

✗ Dangerous — token in code
token: abc123xyz # Anyone who sees this repo # can access your account!
✓ Safe — token in GitHub Secrets
${{ secrets.NETLIFY_AUTH_TOKEN }} # GitHub hides the actual value. # Even you can't read it back.

Required Secrets for Netlify

Go to your repo → Settings → Secrets and variables → Actions → New repository secret:

  • NETLIFY_AUTH_TOKEN — proves you own the Netlify account
  • NETLIFY_SITE_ID — identifies which website to update
💡
Secret Analogy
Bad: house key taped to the front door. Good: house key stored in a safe. GitHub Secrets is the safe — only authorized workflows can use the key, and the value is never visible.
12Deployment

Complete Deploy Workflow

yaml — .github/workflows/deploy.yml
name: Deploy to Netlify

on:
  push:
    branches:
      - main

jobs:
  deploy:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout Repository
        uses: actions/checkout@v4

      - name: Install Netlify CLI
        run: npm install -g netlify-cli

      - name: Deploy Website
        run: |
          netlify deploy --prod --dir=. \
            --site=$NETLIFY_SITE_ID \
            --auth=$NETLIFY_AUTH_TOKEN
        env:
          NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
          NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }}

English Translation

WHEN: Code pushed to main DO: 1. Create Ubuntu machine 2. Download repository (checkout) 3. Install Netlify command-line tool 4. Read hidden credentials from Secrets 5. Connect to Netlify account 6. Upload website files 7. ✓ Website is now live
13Deployment

Cheat Sheet

KeywordMeaningMental Model
name:Workflow nameLabel on the workflow
on:When workflow startsAlarm clock trigger
jobs:Work to performList of tasks
runs-on:Machine usedWhich computer to use
steps:List of instructionsRecipe steps
run:Execute shell commandCook it yourself
uses:Use prebuilt actionOrder takeout
env:Environment variablesSettings passed in
secrets:Hidden credentialsKey in a safe
🌟 When reading any GitHub Actions file, ask:
  • When does the workflow start? (look at on:)
  • Which machine runs it? (look at runs-on:)
  • What job is being done? (look at job name under jobs:)
  • What steps are executed? (look at each - name: under steps:)

GitHub Actions & YAML — Complete Beginner Guide · Embedded Systems Foundations