Tools

Tools: Latest: CI/CD avec GitHub Actions

2026-05-27 0 views admin
Tools: Latest: CI/CD avec GitHub Actions

CI/CD avec GitHub Actions : Guide Complet

Qu'est-ce que GitHub Actions ?

Concepts Fondamentaux

1. Composants Clés

2. Structure d'un Workflow

Pipeline CI Complète

1. Workflow Python avec Tests

2. Workflow Node.js/React

Pipeline CD avec Déploiement

1. Déploiement sur AWS

2. Déploiement Docker

Workflows Avancés

1. Matrix Strategy avec Conditions

2. Déploiement Multi-Environnement

Actions Personnalisées

1. Action Composite

2. Usage de l'Action

Bonnes Pratiques

1. Sécurité

2. Optimisation des Performances

3. Monitoring et Notifications

Conclusion GitHub Actions révolutionne l'intégration et le déploiement continus en intégrant directement ces fonctionnalités dans votre repository GitHub. Ce guide vous accompagne dans la mise en place d'une pipeline CI/CD robuste. GitHub Actions est une plateforme d'automatisation qui permet de : GitHub Actions offre une solution puissante et flexible pour l'automatisation : Une pipeline bien conçue améliore la qualité du code, réduit les risques de déploiement et accélère le cycle de développement. L'investissement initial en configuration est rapidement rentabilisé par la réduction des erreurs et l'automatisation des tâches répétitives. Templates let you quickly answer FAQs or store snippets for re-use. Hide child comments as well For further actions, you may consider blocking this person and/or reporting abuse

Code Block

Copy

name: CI/CD Pipeline on: push: branches: [main, develop] pull_request: branches: [main] jobs: test: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '18' - name: Install dependencies run: npm ci - name: Run tests run: npm test name: CI/CD Pipeline on: push: branches: [main, develop] pull_request: branches: [main] jobs: test: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '18' - name: Install dependencies run: npm ci - name: Run tests run: npm test name: CI/CD Pipeline on: push: branches: [main, develop] pull_request: branches: [main] jobs: test: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '18' - name: Install dependencies run: npm ci - name: Run tests run: npm test name: Python CI on: push: branches: [main, develop] pull_request: branches: [main] jobs: lint: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v4 with: python-version: '3.11' - name: Cache pip dependencies uses: actions/cache@v3 with: path: ~/.cache/pip key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} restore-keys: | ${{ runner.os }}-pip- - name: Install dependencies run: | python -m pip install --upgrade pip pip install flake8 black mypy pip install -r requirements.txt - name: Lint with flake8 run: | flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics flake8 . --count --exit-zero --max-complexity=10 --max-line-length=88 --statistics - name: Format check with black run: black --check . - name: Type check with mypy run: mypy src/ test: needs: lint runs-on: ubuntu-latest strategy: matrix: python-version: ['3.9', '3.10', '3.11'] steps: - uses: actions/checkout@v4 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} - name: Install dependencies run: | python -m pip install --upgrade pip pip install pytest pytest-cov pip install -r requirements.txt - name: Run tests with coverage run: | pytest --cov=src --cov-report=xml --cov-report=html - name: Upload coverage to Codecov uses: codecov/codecov-action@v3 with: file: ./coverage.xml flags: unittests name: codecov-umbrella security: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Run security scan uses: pypa/[email protected] with: inputs: requirements.txt - name: Run Bandit security check run: | pip install bandit bandit -r src/ -f json -o bandit-report.json - name: Upload security report uses: actions/upload-artifact@v4 if: always() with: name: security-report path: bandit-report.json name: Python CI on: push: branches: [main, develop] pull_request: branches: [main] jobs: lint: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v4 with: python-version: '3.11' - name: Cache pip dependencies uses: actions/cache@v3 with: path: ~/.cache/pip key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} restore-keys: | ${{ runner.os }}-pip- - name: Install dependencies run: | python -m pip install --upgrade pip pip install flake8 black mypy pip install -r requirements.txt - name: Lint with flake8 run: | flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics flake8 . --count --exit-zero --max-complexity=10 --max-line-length=88 --statistics - name: Format check with black run: black --check . - name: Type check with mypy run: mypy src/ test: needs: lint runs-on: ubuntu-latest strategy: matrix: python-version: ['3.9', '3.10', '3.11'] steps: - uses: actions/checkout@v4 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} - name: Install dependencies run: | python -m pip install --upgrade pip pip install pytest pytest-cov pip install -r requirements.txt - name: Run tests with coverage run: | pytest --cov=src --cov-report=xml --cov-report=html - name: Upload coverage to Codecov uses: codecov/codecov-action@v3 with: file: ./coverage.xml flags: unittests name: codecov-umbrella security: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Run security scan uses: pypa/[email protected] with: inputs: requirements.txt - name: Run Bandit security check run: | pip install bandit bandit -r src/ -f json -o bandit-report.json - name: Upload security report uses: actions/upload-artifact@v4 if: always() with: name: security-report path: bandit-report.json name: Python CI on: push: branches: [main, develop] pull_request: branches: [main] jobs: lint: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v4 with: python-version: '3.11' - name: Cache pip dependencies uses: actions/cache@v3 with: path: ~/.cache/pip key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} restore-keys: | ${{ runner.os }}-pip- - name: Install dependencies run: | python -m pip install --upgrade pip pip install flake8 black mypy pip install -r requirements.txt - name: Lint with flake8 run: | flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics flake8 . --count --exit-zero --max-complexity=10 --max-line-length=88 --statistics - name: Format check with black run: black --check . - name: Type check with mypy run: mypy src/ test: needs: lint runs-on: ubuntu-latest strategy: matrix: python-version: ['3.9', '3.10', '3.11'] steps: - uses: actions/checkout@v4 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} - name: Install dependencies run: | python -m pip install --upgrade pip pip install pytest pytest-cov pip install -r requirements.txt - name: Run tests with coverage run: | pytest --cov=src --cov-report=xml --cov-report=html - name: Upload coverage to Codecov uses: codecov/codecov-action@v3 with: file: ./coverage.xml flags: unittests name: codecov-umbrella security: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Run security scan uses: pypa/[email protected] with: inputs: requirements.txt - name: Run Bandit security check run: | pip install bandit bandit -r src/ -f json -o bandit-report.json - name: Upload security report uses: actions/upload-artifact@v4 if: always() with: name: security-report path: bandit-report.json name: Node.js CI/CD on: push: branches: [main] pull_request: branches: [main] jobs: test: runs-on: ubuntu-latest strategy: matrix: node-version: [16, 18, 20] steps: - name: Checkout code uses: actions/checkout@v4 - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v4 with: node-version: ${{ matrix.node-version }} cache: 'npm' - name: Install dependencies run: npm ci - name: Run linting run: npm run lint - name: Run type checking run: npm run type-check - name: Run unit tests run: npm test -- --coverage --watchAll=false - name: Run integration tests run: npm run test:integration - name: Build application run: npm run build - name: Upload build artifacts uses: actions/upload-artifact@v4 with: name: build-files-${{ matrix.node-version }} path: dist/ e2e-tests: needs: test runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '18' cache: 'npm' - name: Install dependencies run: npm ci - name: Install Playwright run: npx playwright install --with-deps - name: Start application run: | npm run build npm run start & sleep 30 - name: Run Playwright tests run: npx playwright test - name: Upload test results uses: actions/upload-artifact@v4 if: always() with: name: playwright-report path: playwright-report/ name: Node.js CI/CD on: push: branches: [main] pull_request: branches: [main] jobs: test: runs-on: ubuntu-latest strategy: matrix: node-version: [16, 18, 20] steps: - name: Checkout code uses: actions/checkout@v4 - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v4 with: node-version: ${{ matrix.node-version }} cache: 'npm' - name: Install dependencies run: npm ci - name: Run linting run: npm run lint - name: Run type checking run: npm run type-check - name: Run unit tests run: npm test -- --coverage --watchAll=false - name: Run integration tests run: npm run test:integration - name: Build application run: npm run build - name: Upload build artifacts uses: actions/upload-artifact@v4 with: name: build-files-${{ matrix.node-version }} path: dist/ e2e-tests: needs: test runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '18' cache: 'npm' - name: Install dependencies run: npm ci - name: Install Playwright run: npx playwright install --with-deps - name: Start application run: | npm run build npm run start & sleep 30 - name: Run Playwright tests run: npx playwright test - name: Upload test results uses: actions/upload-artifact@v4 if: always() with: name: playwright-report path: playwright-report/ name: Node.js CI/CD on: push: branches: [main] pull_request: branches: [main] jobs: test: runs-on: ubuntu-latest strategy: matrix: node-version: [16, 18, 20] steps: - name: Checkout code uses: actions/checkout@v4 - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v4 with: node-version: ${{ matrix.node-version }} cache: 'npm' - name: Install dependencies run: npm ci - name: Run linting run: npm run lint - name: Run type checking run: npm run type-check - name: Run unit tests run: npm test -- --coverage --watchAll=false - name: Run integration tests run: npm run test:integration - name: Build application run: npm run build - name: Upload build artifacts uses: actions/upload-artifact@v4 with: name: build-files-${{ matrix.node-version }} path: dist/ e2e-tests: needs: test runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '18' cache: 'npm' - name: Install dependencies run: npm ci - name: Install Playwright run: npx playwright install --with-deps - name: Start application run: | npm run build npm run start & sleep 30 - name: Run Playwright tests run: npx playwright test - name: Upload test results uses: actions/upload-artifact@v4 if: always() with: name: playwright-report path: playwright-report/ name: Deploy to AWS on: push: branches: [main] workflow_dispatch: jobs: deploy: runs-on: ubuntu-latest environment: production steps: - name: Checkout code uses: actions/checkout@v4 - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v4 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: us-east-1 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '18' cache: 'npm' - name: Install dependencies run: npm ci - name: Build application run: npm run build env: REACT_APP_API_URL: ${{ secrets.API_URL }} REACT_APP_ENV: production - name: Deploy to S3 run: | aws s3 sync dist/ s3://${{ secrets.S3_BUCKET }} --delete - name: Invalidate CloudFront run: | aws cloudfront create-invalidation \ --distribution-id ${{ secrets.CLOUDFRONT_DISTRIBUTION_ID }} \ --paths "/*" - name: Notify Slack if: always() uses: 8398a7/action-slack@v3 with: status: ${{ job.status }} channel: '#deployments' webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }} name: Deploy to AWS on: push: branches: [main] workflow_dispatch: jobs: deploy: runs-on: ubuntu-latest environment: production steps: - name: Checkout code uses: actions/checkout@v4 - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v4 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: us-east-1 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '18' cache: 'npm' - name: Install dependencies run: npm ci - name: Build application run: npm run build env: REACT_APP_API_URL: ${{ secrets.API_URL }} REACT_APP_ENV: production - name: Deploy to S3 run: | aws s3 sync dist/ s3://${{ secrets.S3_BUCKET }} --delete - name: Invalidate CloudFront run: | aws cloudfront create-invalidation \ --distribution-id ${{ secrets.CLOUDFRONT_DISTRIBUTION_ID }} \ --paths "/*" - name: Notify Slack if: always() uses: 8398a7/action-slack@v3 with: status: ${{ job.status }} channel: '#deployments' webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }} name: Deploy to AWS on: push: branches: [main] workflow_dispatch: jobs: deploy: runs-on: ubuntu-latest environment: production steps: - name: Checkout code uses: actions/checkout@v4 - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v4 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: us-east-1 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '18' cache: 'npm' - name: Install dependencies run: npm ci - name: Build application run: npm run build env: REACT_APP_API_URL: ${{ secrets.API_URL }} REACT_APP_ENV: production - name: Deploy to S3 run: | aws s3 sync dist/ s3://${{ secrets.S3_BUCKET }} --delete - name: Invalidate CloudFront run: | aws cloudfront create-invalidation \ --distribution-id ${{ secrets.CLOUDFRONT_DISTRIBUTION_ID }} \ --paths "/*" - name: Notify Slack if: always() uses: 8398a7/action-slack@v3 with: status: ${{ job.status }} channel: '#deployments' webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }} name: Docker Build and Deploy on: push: branches: [main] tags: ['v*'] env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} jobs: build-and-push: runs-on: ubuntu-latest permissions: contents: read packages: write steps: - name: Checkout code uses: actions/checkout@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Log in to Container Registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Extract metadata id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | type=ref,event=branch type=ref,event=pr type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} - name: Build and push Docker image uses: docker/build-push-action@v5 with: context: . push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=gha cache-to: type=gha,mode=max - name: Deploy to staging if: github.ref == 'refs/heads/main' run: | echo "Deploying to staging environment" # Commandes de déploiement ici name: Docker Build and Deploy on: push: branches: [main] tags: ['v*'] env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} jobs: build-and-push: runs-on: ubuntu-latest permissions: contents: read packages: write steps: - name: Checkout code uses: actions/checkout@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Log in to Container Registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Extract metadata id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | type=ref,event=branch type=ref,event=pr type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} - name: Build and push Docker image uses: docker/build-push-action@v5 with: context: . push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=gha cache-to: type=gha,mode=max - name: Deploy to staging if: github.ref == 'refs/heads/main' run: | echo "Deploying to staging environment" # Commandes de déploiement ici name: Docker Build and Deploy on: push: branches: [main] tags: ['v*'] env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} jobs: build-and-push: runs-on: ubuntu-latest permissions: contents: read packages: write steps: - name: Checkout code uses: actions/checkout@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Log in to Container Registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Extract metadata id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | type=ref,event=branch type=ref,event=pr type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} - name: Build and push Docker image uses: docker/build-push-action@v5 with: context: . push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=gha cache-to: type=gha,mode=max - name: Deploy to staging if: github.ref == 'refs/heads/main' run: | echo "Deploying to staging environment" # Commandes de déploiement ici name: Cross-platform Testing on: [push, pull_request] jobs: test: strategy: fail-fast: false matrix: os: [ubuntu-latest, windows-latest, macos-latest] python-version: ['3.9', '3.10', '3.11'] exclude: - os: windows-latest python-version: '3.9' runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v4 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} - name: Install dependencies (Unix) if: runner.os != 'Windows' run: | python -m pip install --upgrade pip pip install -r requirements.txt - name: Install dependencies (Windows) if: runner.os == 'Windows' run: | python -m pip install --upgrade pip pip install -r requirements.txt shell: cmd - name: Run tests run: pytest name: Cross-platform Testing on: [push, pull_request] jobs: test: strategy: fail-fast: false matrix: os: [ubuntu-latest, windows-latest, macos-latest] python-version: ['3.9', '3.10', '3.11'] exclude: - os: windows-latest python-version: '3.9' runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v4 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} - name: Install dependencies (Unix) if: runner.os != 'Windows' run: | python -m pip install --upgrade pip pip install -r requirements.txt - name: Install dependencies (Windows) if: runner.os == 'Windows' run: | python -m pip install --upgrade pip pip install -r requirements.txt shell: cmd - name: Run tests run: pytest name: Cross-platform Testing on: [push, pull_request] jobs: test: strategy: fail-fast: false matrix: os: [ubuntu-latest, windows-latest, macos-latest] python-version: ['3.9', '3.10', '3.11'] exclude: - os: windows-latest python-version: '3.9' runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v4 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} - name: Install dependencies (Unix) if: runner.os != 'Windows' run: | python -m pip install --upgrade pip pip install -r requirements.txt - name: Install dependencies (Windows) if: runner.os == 'Windows' run: | python -m pip install --upgrade pip pip install -r requirements.txt shell: cmd - name: Run tests run: pytest name: Multi-Environment Deploy on: push: branches: [main, develop] jobs: deploy-staging: if: github.ref == 'refs/heads/develop' runs-on: ubuntu-latest environment: name: staging url: https://staging.example.com steps: - name: Deploy to Staging run: | echo "Deploying to staging" # Logique de déploiement staging deploy-production: if: github.ref == 'refs/heads/main' runs-on: ubuntu-latest environment: name: production url: https://example.com steps: - name: Deploy to Production run: | echo "Deploying to production" # Logique de déploiement production name: Multi-Environment Deploy on: push: branches: [main, develop] jobs: deploy-staging: if: github.ref == 'refs/heads/develop' runs-on: ubuntu-latest environment: name: staging url: https://staging.example.com steps: - name: Deploy to Staging run: | echo "Deploying to staging" # Logique de déploiement staging deploy-production: if: github.ref == 'refs/heads/main' runs-on: ubuntu-latest environment: name: production url: https://example.com steps: - name: Deploy to Production run: | echo "Deploying to production" # Logique de déploiement production name: Multi-Environment Deploy on: push: branches: [main, develop] jobs: deploy-staging: if: github.ref == 'refs/heads/develop' runs-on: ubuntu-latest environment: name: staging url: https://staging.example.com steps: - name: Deploy to Staging run: | echo "Deploying to staging" # Logique de déploiement staging deploy-production: if: github.ref == 'refs/heads/main' runs-on: ubuntu-latest environment: name: production url: https://example.com steps: - name: Deploy to Production run: | echo "Deploying to production" # Logique de déploiement production # .github/actions/setup-node-cache/action.yml name: 'Setup Node with Cache' description: 'Setup Node.js with dependency caching' inputs: node-version: description: 'Node.js version' required: false default: '18' working-directory: description: 'Working directory' required: false default: '.' runs: using: 'composite' steps: - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: ${{ inputs.node-version }} cache: 'npm' cache-dependency-path: ${{ inputs.working-directory }}/package-lock.json - name: Install dependencies working-directory: ${{ inputs.working-directory }} run: npm ci shell: bash # .github/actions/setup-node-cache/action.yml name: 'Setup Node with Cache' description: 'Setup Node.js with dependency caching' inputs: node-version: description: 'Node.js version' required: false default: '18' working-directory: description: 'Working directory' required: false default: '.' runs: using: 'composite' steps: - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: ${{ inputs.node-version }} cache: 'npm' cache-dependency-path: ${{ inputs.working-directory }}/package-lock.json - name: Install dependencies working-directory: ${{ inputs.working-directory }} run: npm ci shell: bash # .github/actions/setup-node-cache/action.yml name: 'Setup Node with Cache' description: 'Setup Node.js with dependency caching' inputs: node-version: description: 'Node.js version' required: false default: '18' working-directory: description: 'Working directory' required: false default: '.' runs: using: 'composite' steps: - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: ${{ inputs.node-version }} cache: 'npm' cache-dependency-path: ${{ inputs.working-directory }}/package-lock.json - name: Install dependencies working-directory: ${{ inputs.working-directory }} run: npm ci shell: bash jobs: test: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Setup Node.js with cache uses: ./.github/actions/setup-node-cache with: node-version: '18' working-directory: './frontend' jobs: test: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Setup Node.js with cache uses: ./.github/actions/setup-node-cache with: node-version: '18' working-directory: './frontend' jobs: test: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Setup Node.js with cache uses: ./.github/actions/setup-node-cache with: node-version: '18' working-directory: './frontend' # Utilisation des secrets steps: - name: Deploy with secrets env: API_KEY: ${{ secrets.API_KEY }} DB_PASSWORD: ${{ secrets.DB_PASSWORD }} run: | echo "API_KEY is set: ${API_KEY:+yes}" # Utiliser les secrets de manière sécurisée # Utilisation des secrets steps: - name: Deploy with secrets env: API_KEY: ${{ secrets.API_KEY }} DB_PASSWORD: ${{ secrets.DB_PASSWORD }} run: | echo "API_KEY is set: ${API_KEY:+yes}" # Utiliser les secrets de manière sécurisée # Utilisation des secrets steps: - name: Deploy with secrets env: API_KEY: ${{ secrets.API_KEY }} DB_PASSWORD: ${{ secrets.DB_PASSWORD }} run: | echo "API_KEY is set: ${API_KEY:+yes}" # Utiliser les secrets de manière sécurisée # Cache des dépendances - name: Cache dependencies uses: actions/cache@v3 with: path: | ~/.npm node_modules key: ${{ runner.os }}-npm-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-npm- # Parallélisation des jobs jobs: lint: runs-on: ubuntu-latest test: runs-on: ubuntu-latest build: needs: [lint, test] runs-on: ubuntu-latest # Cache des dépendances - name: Cache dependencies uses: actions/cache@v3 with: path: | ~/.npm node_modules key: ${{ runner.os }}-npm-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-npm- # Parallélisation des jobs jobs: lint: runs-on: ubuntu-latest test: runs-on: ubuntu-latest build: needs: [lint, test] runs-on: ubuntu-latest # Cache des dépendances - name: Cache dependencies uses: actions/cache@v3 with: path: | ~/.npm node_modules key: ${{ runner.os }}-npm-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-npm- # Parallélisation des jobs jobs: lint: runs-on: ubuntu-latest test: runs-on: ubuntu-latest build: needs: [lint, test] runs-on: ubuntu-latest - name: Notify on failure if: failure() uses: actions/github-script@v7 with: script: | github.rest.issues.createComment({ issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, body: '❌ Pipeline failed! Please check the logs.' }) - name: Notify on failure if: failure() uses: actions/github-script@v7 with: script: | github.rest.issues.createComment({ issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, body: '❌ Pipeline failed! Please check the logs.' }) - name: Notify on failure if: failure() uses: actions/github-script@v7 with: script: | github.rest.issues.createComment({ issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, body: '❌ Pipeline failed! Please check the logs.' }) - Exécuter des workflows basés sur des événements - Automatiser les tests, builds et déploiements - Créer des actions personnalisées réutilisables - S'intégrer parfaitement avec l'écosystème GitHub - Workflow : Processus automatisé défini dans un fichier YAML - Job : Ensemble de steps qui s'exécutent sur un runner - Step : Action individuelle (commande ou action) - Runner : Machine virtuelle qui exécute les jobs - Action : Application réutilisable qui effectue une tâche - Intégration native avec GitHub - Écosystème riche d'actions réutilisables - Scaling automatique des runners - Support multi-plateforme - Gestion fine des permissions

🏷️ Tags

toolsutilitiessecurity toolslatestgithubactionscompletconcepts

More from Tools

Tools: Report: Why Linux Powers Almost Every Modern Server

Tools: Report: Why Linux Powers Almost Every Modern Server

2026-05-27 0
Tools: Update: ZEUS CRYPTO RECOVERY SERVICES - HOW TO RECOVER LOST OR STOLEN CRYPTO: BEST WAY INVESTORS CAN RECOVER THEIR LOST INVESTMENT

Tools: Update: ZEUS CRYPTO RECOVERY SERVICES - HOW TO RECOVER LOST OR STOLEN CRYPTO: BEST WAY INVESTORS CAN RECOVER THEIR LOST INVESTMENT

2026-05-27 0
Tools: CI/CD for Side Projects: 3 Pragmatic Design Choices (2026)

Tools: CI/CD for Side Projects: 3 Pragmatic Design Choices (2026)

2026-05-27 0
Tools: Essential Guide: Building a Senior-Level DevOps / SRE / Infrastructure Engineer Terminal Setup (macOS)

Tools: Essential Guide: Building a Senior-Level DevOps / SRE / Infrastructure Engineer Terminal Setup (macOS)

2026-05-27 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views