
Continuous Integration (CI): CI is the practice of frequently integrating code changes into a shared repository. Each integration is automatically verified by running tests, ensuring that new code doesn’t break the existing functionality.

frequent commits to a shared code repository

Once a change has passed all the CI tests in the workflow, it is ready for review by team members, and you can merge it into the repository

Continuous Deployment (CD): CD is the practice of automatically deploying every change that passes the CI tests to production. This enables rapid and reliable delivery of software updates to users.

Continuous deployment is an extension of continuous integration and delivery that automates the process of publishing and deploying software releases

Advantages of CI/CD

Faster Release Cycles: Automated testing and deployment allow us to release new features and bug fixes more quickly and efficiently.
Improved Code Quality: By running tests on every change, we catch issues early and maintain high code quality.
Early Detection of Bugs: Automated tests catch bugs as soon as they are introduced, reducing the cost and effort required to fix them later.
Increased Developer Productivity: With CI/CD, developers spend less time on manual testing and deployment, allowing them to focus more on writing code and adding value to the project.

What is GitHub Actions?

Workflows, jobs, and steps.
A workflow is a series of jobs and a job is a series of steps; A workflow is an automated process made up of several jobs that are carried out when triggered by events

A job runs on a single runner and thus its steps share resources
Different jobs run in parallel on different runners
Unless needs is specified

Each job on a GitHub-hosted runner starts in a fresh environment, so it is necessary to download the dependencies for every new job. These downloads can lengthen the runtime, increase network utilization, and increase costs. GitHub allows you to accelerate the process of recreating dependency files by caching frequently used files in a workflow. 

You can cache job dependencies by using the cache action in GitHub. This action builds and restores caches identified using unique keys.

You can use a matrix strategy to run multiple related jobs based on the same job definition.
e.g. different operating systems (different runners) or different lang or dependency version

Understanding YAML Configuration
Basic syntax and structure.

To put these concepts into practice, we'll use GitHub Actions, a powerful CI/CD tool integrated with GitHub. GitHub Actions allows us to automate our workflows, from testing to deployment, directly within our GitHub repositories.

Create a new directory in your repository and name it .github/workflows if such a directory doesn’t already exist.

In [ ]:
mkdir .github/workflows

Create a workflow file called test.yml

name: Python application

on: [push, pull_request]

jobs:
  build:

    runs-on: ubuntu-latest

    strategy:
      matrix:
        python-version: [3.9, 3.10, 3.11]

    steps:
    - name: Checkout repository
      uses: actions/checkout@v4

    - name: Set up Python ${{ matrix.python-version }}
      uses: actions/setup-python@v2
      with:
        python-version: ${{ matrix.python-version }}

    - name: Install dependencies
      run: |
        python -m pip install --upgrade pip
        pip install pytest

    - name: Run tests
      run: |
        python -m pytest discover tests


You can test Actions locally with `act`

In [ ]:
# Window
choco install act-cli

# MacOS
brew install act

# Linux
curl https://raw.githubusercontent.com/nektos/act/master/install.sh | sudo bash

act by default runs with the push event

In [ ]:
act

but you can pass any event as the first argument

In [ ]:
act pull_request

you can list all available jobs with

In [ ]:
act -l

you can run a specific job

In [ ]:
act --job <name-of-your-job>

show the graph of your jobs

In [ ]:
act --graph

what about env vars? 
create a .env file and act will automatically load it as environment variables

In [ ]:
# .env
ENV_ID='My Env'

You can work with different environments and load them with the act command

In [ ]:
act --env-file=my-custom.env

Secrets work in much the same way, but you create a .secrets file

In [ ]:
# .secrets
APP_ID='7878974561587'

`act` limitations: No `concurrency`, no `vars`, limited `github` context

Pros and Cons of Using GitHub Marketplace Actions
Pros:

Time-Saving:

Pre-built Solutions: GitHub Marketplace offers a wide range of pre-built actions that can significantly reduce the time needed to set up CI/CD pipelines. You can find actions for common tasks like testing, building, deploying, and more.
Quick Integration: These actions can be easily integrated into your workflows with minimal configuration, allowing you to focus more on your code rather than on setting up infrastructure.
Consistency and Reliability:

Trusted Tools: Many actions are created and maintained by reputable organizations or developers, ensuring a level of reliability and trustworthiness.
Standard Practices: Using standardized actions can help ensure that best practices are followed, reducing the likelihood of configuration errors.
Community and Support:

Community Contributions: The GitHub community contributes a variety of actions, providing solutions to a broad range of use cases.
Support and Documentation: Many popular actions come with extensive documentation and support from the community or the maintainers, making it easier to troubleshoot and customize.
Scalability:

Reusable Workflows: Actions can be reused across multiple projects, ensuring consistency and saving time when setting up new repositories.
Customization: Actions can often be customized to fit specific needs, providing flexibility while maintaining the benefits of pre-built solutions.
Integration with GitHub Ecosystem:

Seamless Integration: Actions are designed to work seamlessly with GitHub, making it easy to trigger workflows on events like pushes, pull requests, and releases.
Monitoring and Insights: GitHub provides built-in monitoring and insights for actions, helping you track performance and troubleshoot issues.
Cons:

Dependency on Third-Party Maintainers:

Maintenance Risk: Some actions may not be regularly maintained or updated, which can lead to issues if dependencies change or if there are bugs in the action.
Security Risks: Using third-party actions introduces potential security risks, especially if the actions have not been thoroughly vetted.
Limited Customization:

Pre-defined Functionality: While many actions offer some level of customization, they may not always meet specific needs perfectly. In such cases, custom actions or scripts might be necessary.
Learning Curve: Understanding how to properly configure and use complex actions might require a learning curve, especially for less-documented or more intricate actions.
Performance Overhead:

Resource Usage: Some actions may introduce additional resource usage or overhead, potentially impacting the performance of your workflows.
Execution Time: Depending on the complexity and number of actions used, there might be an impact on the execution time of your CI/CD pipelines.
Lock-In to GitHub:

Vendor Lock-In: Heavy reliance on GitHub-specific actions can lead to vendor lock-in, making it more challenging to migrate to other CI/CD platforms if needed.
Complexity in Managing Dependencies:

Version Management: Keeping track of and managing the versions of various actions can become complex, especially if different projects use different versions of the same action.

6. Hands-On: Setting Up GitHub Actions for Python Testing (15 minutes)
Creating a GitHub Repository
Initializing a new repository.
Pushing the local project to GitHub.
Writing a GitHub Actions Workflow
Creating a .github/workflows directory.
Writing a basic workflow YAML file to run Python tests.
Explaining Workflow Components
Triggers (on push, pull request)
Jobs and steps (setup, install dependencies, run tests)
Running the Workflow
Committing and pushing changes to trigger the workflow.
Viewing the workflow run results on GitHub.

7. Advanced Topics (Optional, if time allows) (5 minutes)
Customizing Workflows
Adding more steps (e.g., linting, code coverage).
Using secrets and environment variables.
Extending Testing Frameworks
Brief introduction to pytest and other testing tools.
Integrating additional tools with GitHub Actions.

8. Q&A and Wrap-Up (5 minutes)
Questions and Discussion
Addressing any questions from participants.
Summary and Next Steps
Recap of key points covered.
Resources for further learning (e.g., documentation, tutorials).

GitHub Actions
GitHub Marketplace
GitHub Events that trigger workflows https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows