All Notes
Technology
How to – Series
How to Use GitHub Actions to Automate Literally Everything

Close-up of a courier in a car scanning a package label with a smartphone for delivery service.
Close-up of a courier in a car scanning a package label with a smartphone for delivery service.

How to Use GitHub Actions to Automate Literally Everything

GitHub Actions has revolutionized how developers automate their workflows. What started as a powerful CI/CD tool has evolved into a versatile automation engine capable of handling an astonishing array of tasks, both inside and outside your repository. Forget “just CI/CD”; with GitHub Actions, you can truly automate literally everything within your development lifecycle and beyond.

This post will cut through the noise and show you exactly how to harness this power with practical, runnable examples.

What is GitHub Actions? The Core Idea

At its heart, GitHub Actions is an event-driven automation platform built directly into GitHub. When a specific event happens in your repository (like a push to main, a pull_request opened, or a release published), GitHub Actions can execute a predefined set of tasks.

Think of it like this:

  • Event: Something happens.
  • Workflow: A YAML file defines what to do when that event occurs.
  • Job: A set of steps that run on a runner.
  • Step: A single command or action.
  • Action: A reusable piece of code (like a Docker container or JavaScript script) that performs a specific task.
  • Runner: A virtual machine (or your own machine) where the job executes.

This simple mental model, combined with a rich ecosystem of pre-built Actions and the ability to run arbitrary shell commands, unlocks incredible automation possibilities.

Getting Started: Your First Workflow

All GitHub Actions workflows live in the .github/workflows/ directory at the root of your repository. You can have multiple .yml files, each defining a separate workflow.

Let’s create a simple “Hello World” workflow.

  1. Create the directory: .github/workflows/
  2. Inside, create a file named hello-world.yml.
# .github/workflows/hello-world.yml
name: Hello World Workflow

on: [push] # Trigger this workflow on every push to any branch

jobs:
  greet: # Define a job named 'greet'
    runs-on: ubuntu-latest # Specify the runner environment (GitHub-hosted Ubuntu VM)

    steps: # List the steps for this job
      - name: Checkout repository # Step 1: Use a pre-built action to check out your code
        uses: actions/checkout@v4

      - name: Greet the world # Step 2: Run a simple bash command
        run: echo "Hello, GitHub Actions World!"

      - name: Show current directory content # Step 3: Demonstrate running commands
        run: ls -la

Commit this file and push it to your GitHub repository. Go to the “Actions” tab in your repository, and you’ll see a workflow run triggered by your push!

Example Output

When this workflow runs, you’ll see output similar to this in the GitHub Actions UI:

# ... (logs from Checkout repository step) ...

# Greet the world
Run echo "Hello, GitHub Actions World!"
Hello, GitHub Actions World!

# Show current directory content
Run ls -la
total 20
drwxr-xr-x 4 runner docker 4096 Oct 27 10:00 .
drwxr-xr-x 3 runner docker 4096 Oct 27 10:00 ..
-rw-r--r-- 1 runner docker  242 Oct 27 10:00 .gitignore
drwxr-xr-x 3 runner docker 4096 Oct 27 10:00 .github
drwxr-xr-x 2 runner docker 4096 Oct 27 10:00 src
# ... (other files in your repo) ...

This simple example demonstrates the core components: an on event, a jobs definition, runs-on a runner, and steps that can uses existing actions or run arbitrary commands.

Automating “Literally Everything”: Practical Examples

Now, let’s explore more advanced and practical scenarios that go beyond basic CI.

1. Robust CI/CD Pipeline (Build, Test, Deploy)

This is the bread and butter of GitHub Actions. Let’s create a workflow for a Python project that lints, tests, and then builds a Docker image.

Consider a simple src/app.py:

# src/app.py
def hello_world():
    return "Hello from CI/CD!"

if __name__ == "__main__":
    print(hello_world())

And tests/test_app.py:

# tests/test_app.py
from src.app import hello_world

def test_hello_world():
    assert hello_world() == "Hello from CI/CD!"

And a Dockerfile:

# Dockerfile
FROM python:3.9-slim-buster
WORKDIR /app
COPY src/app.py .
CMD ["python", "app.py"]
# .github/workflows/python-ci.yml
name: Python CI/CD

on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]

jobs:
  build-and-test:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Set up Python
        uses: actions/setup-python@v5
        with:
          python-version: '3.9' # Specify Python version

      - name: Install dependencies
        run: |
          python -m pip install --upgrade pip
          pip install flake8 pytest # Install linter and test runner

      - name: Lint with flake8
        run: |
          flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
          flake8 . --count --exit-zero --max-complexity=10 --max-line-length=120 --statistics # Warn, don't fail

      - name: Run tests with pytest
        run: pytest

  build-docker-image:
    needs: build-and-test # This job depends on 'build-and-test' completing successfully
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Log in to Docker Hub
        # Note: You'd store DOCKER_USERNAME and DOCKER_PASSWORD as GitHub Secrets.
        # Go to your repository Settings -> Secrets and variables -> Actions -> New repository secret.
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}

      - name: Build and push Docker image
        uses: docker/build-push-action@v5
        with:
          context: .
          push: true
          tags: ${{ secrets.DOCKER_USERNAME }}/my-python-app:latest # Replace with your Docker Hub username

Example Output (partial for brevity, focusing on key steps) 

# Build and Test job -> Run tests with pytest
Run pytest
============================= test session starts ==============================
platform linux -- Python 3.9.18, pytest-7.4.0, pluggy-1.3.0
rootdir: /home/runner/work/your-repo/your-repo
collected 1 item

tests/test_app.py .                                                      [100%]

============================== 1 passed in 0.01s ===============================

# Build Docker Image job -> Build and push Docker image
# ... (Docker build logs) ...
# pushing image
# The push refers to repository [docker.io/your-username/my-python-app]
# 19f7dd3cf98e: Pushed
# ... (other layers) ...
# latest: digest: sha256:abcd... size: 1234

This workflow ensures your code is always tested, linted, and ready for deployment. The needs keyword is crucial for orchestrating multi-job pipelines.

2. Automated Code Formatting & Linting

Beyond just checking, you can automate fixing! Let’s use Black for Python code. This workflow will run Black and automatically commit and push any changes.

# .github/workflows/auto-format.yml
name: Auto-Format Python Code

on:
  push:
    branches: [ main ] # Trigger on push to main
  workflow_dispatch: # Allow manual triggering

jobs:
  format:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          # Required for auto-committing: get the entire git history
          fetch-depth: 0

      - name: Set up Python
        uses: actions/setup-python@v5
        with:
          python-version: '3.x'

      - name: Install Black
        run: pip install black

      - name: Run Black to format code
        id: black_format
        run: |
          black . # Run Black on all Python files
          git status --porcelain # Check if Black made any changes

      - name: Commit and Push if changes
        # Only proceed if Black actually modified files
        if: success() && contains(steps.black_format.outputs.stdout, 'reformatted')
        run: |
          git config user.name 'github-actions[bot]'
          git config user.email 'github-actions[bot]@users.noreply.github.com'
          git add .
          git commit -m 'Auto-format code with Black'
          git push

Note: For git push to work without credentials, the actions/checkout action typically uses the GITHUB_TOKEN which has sufficient permissions to push back to the same repository. If you are pushing to a different repo or require elevated permissions, you might need a Personal Access Token (PAT) stored as a secret.

# Run Black to format code
Run black .
reformatted src/app.py
All done! ✨ 🍰 ✨
1 file reformatted.
 M src/app.py # Indicates a change by Black

# Commit and Push if changes
Run git config user.name 'github-actions[bot]'
# ... (git commands) ...
[main 73b4e6d] Auto-format code with Black
 1 file changed, 1 insertion(+), 1 deletion(-)
remote:
remote: Create a pull request for 'main' on GitHub by visiting:
remote:      https://github.com/your-username/your-repo/compare/main...main
remote:
To https://github.com/your-username/your-repo.git
   f7d2a8b..73b4e6d  main -> main

This example shows how Actions can not only report issues but actively fix them and commit changes back to your repository, creating a truly automated loop.

3. Automated Release Management

Automating your release process is a huge time-saver. You can automatically create GitHub Releases, generate changelogs, and publish artifacts when a new Git tag is pushed.

Let’s say you follow semantic versioning and push tags like v1.0.0.

# .github/workflows/release.yml
name: Release Workflow

on:
  create: # Trigger on tag creation
    tags:
      - 'v*' # Only trigger if the tag starts with 'v'

jobs:
  create-release:
    runs-on: ubuntu-latest
    permissions:
      contents: write # Grant permission to write to repository contents (for creating release)
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Get tag name
        id: get_tag
        run: echo "TAG_NAME=${{ github.ref_name }}" >> $GITHUB_OUTPUT

      - name: Generate Changelog (example)
        # In a real scenario, you'd use a dedicated action or script
        id: changelog
        run: |
          echo "Generated changelog for release ${{ steps.get_tag.outputs.TAG_NAME }}" > changelog.txt
          echo "Changes in this version: Added feature X, fixed bug Y." >> changelog.txt
          echo "CHANGELOG_BODY=$(cat changelog.txt)" >> $GITHUB_OUTPUT

      - name: Create GitHub Release
        uses: softprops/action-gh-release@v1
        with:
          tag_name: ${{ steps.get_tag.outputs.TAG_NAME }}
          name: Release ${{ steps.get_tag.outputs.TAG_NAME }}
          body: ${{ steps.changelog.outputs.CHANGELOG_BODY }}
          draft: false
          prerelease: false
          # You could also upload assets here:
          # files: |
          #   ./your-app-binary
          #   ./your-docs.pdf
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # The default GITHUB_TOKEN is sufficient

When you push a tag like v1.0.0, you’ll see a new release appear in your GitHub repository’s “Releases” section.

# Create GitHub Release
# ... (logs from softprops/action-gh-release) ...
# Info: Release "Release v1.0.0" created.

This workflow dramatically streamlines your release process, ensuring consistency and reducing manual errors.

4. Repository Maintenance (Stale Issues/PRs)

Keeping your repository clean is important. GitHub Actions can help manage stale issues and pull requests.

# .github/workflows/stale.yml
name: Mark stale issues and PRs

on:
  schedule:
    - cron: '30 1 * * *' # Run daily at 01:30 UTC

jobs:
  stale:
    runs-on: ubuntu-latest
    permissions:
      issues: write # Required to mark issues as stale/close them
      pull-requests: write # Required to mark PRs as stale/close them
    steps:
      - name: Mark stale issues
        uses: actions/stale@v9
        with:
          days-before-stale: 60
          days-before-close: 7
          stale-issue-message: 'This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 7 days if no further activity occurs. Thank you for your contributions.'
          stale-pr-message: 'This pull request has been automatically marked as stale because it has not had recent activity. It will be closed in 7 days if no further activity occurs. Thank you for your contributions.'
          close-issue-message: 'This issue was closed because it has been stalled for 7 days with no activity.'
          close-pr-message: 'This pull request was closed because it has been stalled for 7 days with no activity.'
          operations-per-run: 50 # Limit the number of operations per run
          repo-token: ${{ secrets.GITHUB_TOKEN }}

This workflow doesn’t produce direct CLI output, but you’ll see comments added to your issues/PRs and eventually them being closed.

# Mark stale issues
# ... (actions/stale logs) ...
# Info: 1 issue(s) marked stale.
# Info: 0 issue(s) closed.
# Info: 0 PR(s) marked stale.
# Info: 0 PR(s) closed.

This helps maintain a healthy, active repository without manual intervention.

5. Scheduled Tasks (Cron Jobs)

Need to run something periodically? GitHub Actions has a built-in cron-like scheduler.

# .github/workflows/daily-report.yml
name: Daily Report Generation

on:
  schedule:
    - cron: '0 0 * * *' # Run daily at midnight UTC

jobs:
  generate_report:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Setup Node.js (example for a JS report script)
        uses: actions/setup-node@v4
        with:
          node-version: '18'

      - name: Run report generation script
        # Imagine your script connects to a DB, pulls data, formats it, and saves.
        run: |
          echo "Generating daily report for $(date)..."
          node ./scripts/generate-report.js > daily_report_$(date +%Y%m%d).txt

      - name: Upload report as artifact
        uses: actions/upload-artifact@v4
        with:
          name: daily-report
          path: daily_report_*.txt # Upload the generated report file
          retention-days: 7 # Keep artifact for 7 days
# Run report generation script
Run echo "Generating daily report for $(date)..."
Generating daily report for Fri Oct 27 10:00:00 UTC 2023...
# ... (logs from generate-report.js, if any) ...

# Upload report as artifact
# ... (actions/upload-artifact logs) ...
# Info: Uploading artifact 'daily-report' from path 'daily_report_20231027.txt'.
# Info: Artifact 'daily-report' successfully uploaded.

This allows you to automate tasks that historically required a dedicated server or cron job, all within your GitHub repository.

6. Interacting with External APIs/Services

GitHub Actions can make HTTP requests or use specific actions to integrate with almost any external service.

Let’s send a Slack notification when a workflow fails.

# .github/workflows/slack-notify.yml
name: Slack Notification on Failure

on:
  workflow_run:
    workflows: ["Python CI/CD"] # Name of the workflow to monitor
    types:
      - completed # Trigger when the workflow completes

jobs:
  notify:
    runs-on: ubuntu-latest
    # Only run this job if the monitored workflow failed
    if: ${{ github.event.workflow_run.conclusion == 'failure' }}
    steps:
      - name: Send Slack notification
        # Note: Set SLACK_WEBHOOK_URL as a repository secret.
        # This is a common third-party action for Slack.
        uses: slackapi/slack-github-action@v1.26.0
        with:
          payload: |
            {
              "text": ":x: Workflow *${{ github.event.workflow_run.name }}* failed! :warning:",
              "attachments": [
                {
                  "color": "#FF0000",
                  "fields": [
                    {
                      "title": "Repository",
                      "value": "<${{ github.event.workflow_run.repository.html_url }}|${{ github.event.workflow_run.repository.full_name }}>",
                      "short": true
                    },
                    {
                      "title": "Run URL",
                      "value": "<${{ github.event.workflow_run.html_url }}|View Workflow Run>",
                      "short": false
                    }
                  ]
                }
              ]
            }
        env:
          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} # Required for the Slack action

This action posts to Slack. The output in the GitHub UI will show the action succeeding:

# Send Slack notification
# ... (slackapi/slack-github-action logs) ...
# Info: Posting message to Slack.
# Info: Message posted successfully.

You’d then see a message in your configured Slack channel. This pattern extends to Jira, Trello, Discord, custom APIs, etc.

7. Deploying to GitHub Pages

If you have a static site, deploying to GitHub Pages is a breeze.

# .github/workflows/deploy-gh-pages.yml
name: Deploy to GitHub Pages

on:
  push:
    branches: [ main ] # Trigger on pushes to the 'main' branch

jobs:
  build-and-deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Setup Node.js (if your site requires a build step like Jekyll/Hugo/Vite/React)
        uses: actions/setup-node@v4
        with:
          node-version: '18'

      - name: Install dependencies and build site (example for a simple Vite/React app)
        run: |
          npm install
          npm run build

      - name: Deploy to GitHub Pages
        uses: peaceiris/actions-gh-pages@v3
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
          publish_dir: ./dist # The directory where your built site lives (e.g., 'dist', 'build', '_site')
          # If deploying to a custom branch (e.g., 'gh-pages'):
          # publish_branch: gh-pages
# Deploy to GitHub Pages
# ... (peaceiris/actions-gh-pages logs) ...
# Info: Deploying to gh-pages branch.
# Info: Successfuly deployed to gh-pages branch.
# Info: Your site is published at https://your-username.github.io/your-repo-name/

This workflow makes it incredibly easy to automate the deployment of documentation, personal websites, or simple web apps.

Advanced Concepts & Best Practices

While the examples above cover a lot, there’s more to master for robust automation:

Matrix Strategies

Run a job multiple times with different input combinations. Excellent for testing across various OS versions, language versions, or dependencies.

# .github/workflows/matrix-example.yml
name: Matrix Build Test

on: [push]

jobs:
  test:
    runs-on: ${{ matrix.os }} # Use the OS from the matrix
    strategy:
      matrix:
        os: [ubuntu-latest, macos-latest, windows-latest]
        python-version: ['3.8', '3.9', '3.10']
        exclude: # Skip specific combinations
          - os: macos-latest
            python-version: '3.8'

    steps:
      - uses: actions/checkout@v4
      - name: Set up Python ${{ matrix.python-version }}
        uses: actions/setup-python@v5
        with:
          python-version: ${{ matrix.python-version }}
      - name: Install dependencies & Test
        run: |
          pip install pytest
          pytest

This would create 8 separate jobs (3 OS * 3 Python versions - 1 excluded).

Caching Dependencies

Speed up your workflows by caching dependencies.

# Part of a step in a workflow
      - name: Cache Python dependencies
        uses: actions/cache@v3
        with:
          path: ~/.cache/pip # Path to cache
          key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} # Cache key based on OS and requirements.txt hash
          restore-keys: |
            ${{ runner.os }}-pip- # Fallback if specific key not found

      - name: Install Python dependencies
        run: pip install -r requirements.txt

Secrets Management

Never hardcode sensitive information. Store API keys, tokens, etc., as repository or organization secrets. Access them via secrets.MY_SECRET.

# ... in a step
        env:
          MY_API_KEY: ${{ secrets.API_KEY }}

Reusable Workflows and Composite Actions

For complex or repetitive workflows, create reusable components:

  • Reusable Workflows: Call one workflow from another (uses: octo-org/repo/.github/workflows/callable-workflow.yml@main). Great for consistent CI/CD across many repositories.
  • Composite Actions: Combine multiple run and uses steps into a single custom action (action.yml). Good for encapsulating logic within a repository.

Self-Hosted Runners

If GitHub-hosted runners don’t meet your needs (e.g., specific hardware, isolated network, very long runtimes), you can set up your own self-hosted runners. These are machines you control that connect to GitHub and execute jobs.

Security Considerations

  • Permissions: Be explicit about the permissions your workflow or job requires. GITHUB_TOKEN permissions can be fine-tuned.
  • Untrusted Actions: Be cautious when using third-party actions. Review their source code, check their popularity, and pin them to a specific SHA or major version (@v1, @v2) rather than @main or no version.
  • Secrets: Only expose secrets to the jobs that strictly need them. Avoid printing secrets to logs.

Debugging Workflows

  • run: | blocks: Use echo for debugging variables or status.
  • set -xe: Add set -xe at the top of a run: block to print commands before execution and exit immediately on error.
  • Rerun failed jobs: In the Actions UI, you can often rerun specific failed jobs.
  • Context and Expression syntax: Use expressions like ${{ github.event.pull_request.head.ref }} or ${{ secrets.MY_SECRET }}. Debug these by echoing them.

Limitations & Honest Truths

While powerful, GitHub Actions isn’t a magic bullet for every automation need:

  • Resource Limits: GitHub-hosted runners have time limits (e.g., 6 hours per job), CPU/memory constraints, and fair-use policies. Very long-running or resource-intensive tasks might hit these limits or become expensive.
  • Ephemeral Environments: Each job starts in a fresh, isolated environment. State isn’t persisted directly between jobs (use artifacts). This is a feature for consistency but a limitation if you need a persistent environment.
  • Not for Long-Running Services: GitHub Actions is designed for event-driven, short-to-medium duration tasks. It’s not a platform for hosting always-on web services or background daemons. Use dedicated compute services for that.
  • Dependency on GitHub: If GitHub goes down, your automations stop.
  • YAML Complexity: For very complex workflows, YAML can become verbose and tricky to manage. Careful structuring and reusable workflows help.

Conclusion

GitHub Actions is an incredibly powerful, flexible, and pragmatic tool for automating nearly any task in your development workflow. From sophisticated CI/CD pipelines to trivial repository maintenance, scheduled reports, and custom integrations, its event-driven nature combined with the vast ecosystem of pre-built actions and the ability to execute arbitrary shell commands makes it truly versatile.

Start small, automate a single repetitive task, and then gradually expand. The more you use it, the more you’ll discover possibilities to reclaim your time and improve your development processes. Happy automating!

How Electromagnetic Fields Move Bits Across the Internet
Jun 17, 2025
What Makes a Good Undo Button Enter the Stack
Jun 17, 2025
How to Design Interfaces That Dont Annoy Users
Jun 17, 2025
Mistral’s Codestral The LLM Coders Are Using Over GitHub Copilot
Jun 27, 2025
Abstract Machines You Use Without Knowing From DFA to TMs
Jun 17, 2025
Mastering the Job Sequencing Problem (with Deadlines and Profits)
Jun 18, 2025
Last updated on
Share this post: Twitter Facebook LinkedIn
How to Use fzf + ripgrep to Replace Your File ManagerHow to Use GPT + SQLite to Query Your Life Like a Database