How to Use
About
Design robust CI/CD pipelines with GitLab CI, Jenkins, CircleCI, and platform-agnostic pipeline patterns.
name: ci-cd-ops description: "CI/CD pipeline patterns with GitHub Actions, release automation, and testing strategies. Use for: github actions, workflow, CI, CD, pipeline, deploy, release, semantic release, changesets, goreleaser, matrix, cache, secrets, environment, artifact, reusable workflow, composite action." license: MIT allowed-tools: "Read Write Bash" metadata: author: claude-mods related-skills: git-ops, docker-ops, testing-ops
CI/CD Operations
Comprehensive patterns for continuous integration, delivery, and deployment using GitHub Actions, release automation tools, and testing pipelines.
GitHub Actions Quick Reference
Workflow File Anatomy
name: CI # Display name in Actions tab
on: # Trigger events
push:
branches: [main]
pull_request:
branches: [main]
permissions: # GITHUB_TOKEN scope (least privilege)
contents: read
pull-requests: write
concurrency: # Prevent duplicate runs
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env: # Workflow-level environment variables
NODE_VERSION: "20"
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: npm
- run: npm ci
- run: npm test
Core Syntax Elements
| Element | Purpose | Example |
|---------|---------|---------|
| on | Event triggers | push, pull_request, schedule |
| jobs.<id>.runs-on | Runner selection | ubuntu-latest, self-hosted |
| jobs.<id>.needs | Job dependencies | needs: [build, lint] |
| jobs.<id>.if | Conditional execution | if: github.event_name == 'push' |
| jobs.<id>.strategy.matrix | Parallel variants | node-version: [18, 20, 22] |
| jobs.<id>.environment | Deployment target | environment: production |
| jobs.<id>.permissions | Token scope | contents: write |
| steps[*].uses | Use an action | uses: actions/checkout@v4 |
| steps[*].run | Run a command | run: npm test |
| steps[*].env | Step environment | env: { CI: true } |
Trigger Decision Tree
| Scenario | Trigger | Config |
|----------|---------|--------|
| Run tests on every PR | pull_request | branches: [main] |
| Deploy on merge to main | push | branches: [main] |
| Release on version tag | push | tags: ['v*'] |
| Nightly builds | schedule | cron: '0 2 * * *' |
| Manual deployment | workflow_dispatch | inputs: { environment: ... } |
| Called by another workflow | workflow_call | inputs:, secrets: |
| On PR label change | pull_request | types: [labeled] |
| On issue comment | issue_comment | types: [created] |
| On release published | release | types: [published] |
| On package push | registry_package | types: [published] |
Trigger Filter Patterns
on:
push:
branches: [main, 'release/**'] # Branch patterns
paths: ['src/**', '!src/**/*.test.*'] # Path filters (ignore tests)
tags: ['v*'] # Tag patterns
pull_request:
types: [opened, synchronize, reopened] # Default types
paths-ignore: ['docs/**', '*.md'] # Ignore docs-only changes
Caching Strategies
| Ecosystem | Action / Key | Path | Restore Key |
|-----------|-------------|------|-------------|
| Node (npm) | actions/setup-node with cache: npm | Auto | Auto |
| Node (pnpm) | actions/setup-node with cache: pnpm | Auto | Auto |
| Go modules | actions/setup-go with cache: true | Auto | Auto |
| Cargo | actions/cache@v4 | ~/.cargo/registry, target | cargo-${{ runner.os }}-${{ hashFiles('Cargo.lock') }} |
| pip / uv | actions/setup-python with cache: pip | Auto | Auto |
| Docker layers | docker/build-push-action | Uses buildx cache | type=gha or type=registry |
| Gradle | actions/setup-java with cache: gradle | Auto | Auto |
| Composer | actions/cache@v4 | vendor | composer-${{ hashFiles('composer.lock') }} |
Manual Cache Example
- uses: actions/cache@v4
with:
path: |
~/.cargo/bin
~/.cargo/registry
~/.cargo/git
target
key: cargo-${{ runner.os }}-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
cargo-${{ runner.os }}-
Matrix Strategy
strategy:
fail-fast: false # Don't cancel siblings on failure
max-parallel: 4 # Limit concurrent jobs
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
node-version: [18, 20, 22]
include: # Add specific combos
- os: ubuntu-latest
node-version: 22
coverage: true
exclude: # Remove specific combos
- os: windows-latest
node-version: 18
Dynamic Matrix
prepare:
runs-on: ubuntu-latest
outputs
