GitHub Actions: From Zero to Hero Workshop

In this workshop we're going to cover GitHub Actions. For a tangentially related workshop of using GitHub Actions to deploy to Azure using Bicep, check out this repo: https://github.com/scottsauber/workshop-dotnet-azure-github-bicep

Pre-requisites:

• Basic Git Knowledge
• GitHub Account
• Recommended: an editor with a GitHub Actions extension installed for intellisense (ie VS Code with the GitHub Actions extension)
• Optional: .NET 9 installed locally to run the app locally

Module 1 - Slides: CI/CD Pipelines

No hands-on work, just going over slides

Module 2 - Slides: GitHub Actions

No hands-on work, just going over slides

Module 3 - Hands On: Creating a PR Verify Workflow

1. Fork this repository if you haven't already.

2. Create a new branch

3. Create a .github folder in the root

4. Under the .github folder, create a workflows folder

5. Under the workflows folder, create a pr-verify.yml file

6. Paste the following into that file:

   name: PR Verify
   
   on:
     pull_request:
       branches: ["main"]
     workflow_dispatch:
   
   jobs:
     build:
       name: PR Verify
       runs-on: ubuntu-22.04
   
       steps:
         - uses: actions/checkout@v4
   
         - name: Set up .NET Core
           uses: actions/setup-dotnet@v4
           with:
             dotnet-version: 9.0.x
   
         - name: Build with dotnet
           run: dotnet build --configuration Release
   
         - name: Test
           run: dotnet test --configuration Release --no-build

7. Commit, Push, and Open a PR

8. Do you think the GitHub Action will trigger when it's not committed on the main branch?

9. Scroll down to the bottom of the PR and notice you have a new status check called "PR Verify" and click on it

10. Watch the build succeed

11. Make a change that makes the code not compile. ie open the src/WorkshopDemo/Program.cs file and add a letter to the first line

12. Commit and push and watch it fail

13. Undo that change and let's make a test fail.

14. Open /src/WorkshopDemo.Core.Tests/Common/FileServiceTests.cs and change the assertion on line 19 to something like result.Should().Be("Hello world");

15. Commit and push and watch it fail

16. Undo that change and commit and push

17. Do not merge it in yet

Module 4 - Slides: Optimal GitHub settings

No hands-on work, just going over slides

Module 5 - Hands On: Merge PR and Required Rule set

1. Merge the PR from Module 3
2. Setup a required rule set
3. Ruleset name: Main
4. Add Target: Include Default Branch
5. Check Restrict Deletions
6. Check Require Pull Request Before Merging
   1. Allow only Squash Merges (🌶️)
7. Check Require Status Checks to Merge
   1. Click Require Branches to be up to date
   2. Click Add Checks
   3. Search for PR Verify and check it
8. Check Block Force Pushes
9. Save Changes

Module 6 - Hands On: Create a CI Workflow

1. Based on the PR Verify workflow, create one for the CI workflow (running after merge) called ci.yml. Make sure that dotnet build and dotnet test run as part of that.
   1. Hint: you want the push trigger not pull_request
2. Pssstttt... do we need to do that if we require branches to be up to date? Let's talk about it

Module 7 - Slides: Reusable Workflows

No hands-on work, just going over slides

Module 8 - Hands On: Reusable Workflows

1. Let's create a reusable workflow for PR Verify and CI to reduce duplication

2. Note: I don't normally do this for PR + CI, but will do it for deploys (see here for more details).

3. Create a file called reusable-build.yml

4. Add the following to it:

   name: Reusable - Build
   
   on:
     workflow_call:
       inputs:
         dotnet_version:
           required: true
           type: string
   
   jobs:
     build:
       name: Reusable - Build
       runs-on: ubuntu-22.04
   
       steps:
         - uses: actions/checkout@v4
   
         - name: Set up .NET Core
           uses: actions/setup-dotnet@v4
           with:
             dotnet-version: ${{ inputs.dotnet_version }}
   
         - name: Build with dotnet
           run: dotnet build --configuration Release
   
         - name: Test
           run: dotnet test --configuration Release --no-build

5. In your pr-verify.yml, change the YAML to this:

   name: PR Verify
   
   on:
     pull_request:
       branches: ["main"]
     workflow_dispatch:
   
   jobs:
     build:
       name: PR Verify
       uses: ./.github/workflows/reusable-build.yml
       with:
         dotnet_version: 9.0.x

6. Make a similar change for ci.yml

7. Congratulations - now we have shared code between CI and PR

8. But what if we wanted this in a reusable repo...? 🤔

Module 9 - Slides: Reusable Workflows in another repository

No hands-on work, just going over slides

Module 10 - Hands On: Reusable Workflows in another repository

1. Make a new repository
2. Create a .github/workflows/reusable-build.yml file and copy it over
3. Change your pr-verify and ci.yml to point at the new repository instead of your local one

Module 11 - Slides: Secrets

No hands-on work, just going over slides

Module 12 - Hands On: Secrets

1. Create a secrets-test.yml file with the following YAML

   name: Echo
   on:
     pull_request:
       branches: ["main"]
   
   jobs:
     echo:
       name: Echo
       runs-on: ubuntu-latest
       steps:
         - name: Hello world
           run: echo ${{ secrets.SOME_SECRET }}

2. Go to the repository's Settings tab

3. Click on Secrets and Variables => Secrets

4. Click "New Repository Secret"

5. Give the name of SOME_SECRET and then a random value

6. Commit and push the workflow above and watch how it masks the value