GitHub Actions

Question 1

Where must you place a GitHub Actions workflow file?

Answer 1

In the repository’s .github/workflows/ directory, named with a .yml (or .yaml) extension.

Question 2

What top‐level YAML keys are required in a basic workflow?

Answer 2

name, on, and jobs.

Question 3

Why is the key called name:?

Answer 3

Because it’s a human‐readable label for the workflow shown in the Actions UI.

Question 4

What does the on: key represent?

Answer 4

The events (e.g., push, pull_request, schedule) that trigger the workflow.

Question 5

How do you restrict a workflow to run only on pushes to specific branches?

Answer 5

Under on: → push: add branches: with a list (e.g., - main, - ‘feat/**’).

Question 6

What key do you use to ignore certain file paths from triggering a workflow?

Answer 6

paths-ignore: under the event (e.g., push:).

Question 7

What does the jobs: section define?

Answer 7

A mapping of one or more isolated “jobs,” each running on its own runner.

Question 8

How do you name a job, and what are the rules?

Answer 8

Use a YAML key under jobs: (e.g., test-and-build:). It must be unique, without spaces, typically kebab‐case or snake_case.

Question 9

What does runs-on: specify for a job?

Answer 9

Which runner image to use (e.g., ubuntu-latest, windows-latest, macos-latest, or self-hosted).

Question 10

Name four common GitHub‐hosted runner labels.

Answer 10

ubuntu-latest, ubuntu-22.04, windows-latest, macos-latest.

Question 11

What is the purpose of the steps: list in a job?

Answer 11

It defines the ordered actions (or shell commands) to execute on that job’s runner.

Question 12

In a step, what’s the difference between uses: and run:?

Answer 12

uses: invokes a reusable Action (from Marketplace or local), while run: executes a shell command directly.

Question 13

What does actions/checkout@v4 do?

Answer 13

Clones (checks out) your repository’s code into the runner, so subsequent steps can access it.

Question 14

What’s the role of actions/setup-node@v4?

Answer 14

Installs a specified Node.js version (e.g., node-version: ‘18’) and can enable package caching (e.g., cache: ‘npm’).

Question 15

Why would you use actions/cache@v3?

Answer 15

To save and restore directories (e.g., node_modules, .nuxt/.cache) between workflow runs, speeding up builds.

Question 16

How do you configure actions/cache to cache node_modules?

Answer 16

• uses: actions/cache@v3
  with:
  path: ~/.npm # or path: node_modules/
  key: ${{ runner.os }}-npm-${{ hashFiles(‘**/package-lock.json’) }}
  restore-keys: |
  ${{ runner.os }}-npm-

Question 17

How do you run a shell command in a step?

Answer 17

Use - name: … followed by run: your-command (e.g., run: npm ci). Optionally specify shell: if not using the default.

Question 18

What are “contexts” in GitHub Actions?

Answer 18

Built‐in objects (e.g., github, env, runner) that provide data about the workflow run, branch name, commit SHA, etc.

Question 19

How do you use an expression to reference a context value?

Answer 19

Wrap it in ${{ }} (e.g., ${{ github.ref }}, ${{ secrets.MY_SECRET }}).

Question 20

How do you set an environment variable only for a single step?

Answer 20

• name: Example
  run: echo “Value: $MY_VAR”
  env:
  MY_VAR: “123”

Question 21

What is the if: key used for in a step?

Answer 21

To conditionally run or skip that step based on an expression (e.g., if: success() && github.ref == ‘refs/heads/main’).

Question 22

How do you grant a step permission to write logs or check out private submodules?

Answer 22

Use uses: actions/checkout@v4 with persist-credentials: true (default) or set permissions: at the workflow or job level.

Question 23

What does a “matrix strategy” accomplish?

Answer 23

Runs the same job multiple times with different configurations (e.g., Node versions or OS) in parallel.

Question 24

How do you define a matrix to run tests on Node16, 18, and 20?

Answer 24

strategy:
matrix:
node-version: [16, 18, 20]
runs-on: ubuntu-latest
steps:
- uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
cache: ‘npm’
# …

Question 25

What does the needs: key do in a job?

Answer 25

Makes the job depend on the successful completion of another job (e.g., needs: [lint, test]).

Question 26

What is concurrency: used for?

Answer 26

To limit parallel runs of the same workflow or group cancel‐in‐progress runs for a given group.

Question 27

What event triggers a manual workflow run?

Answer 27

workflow_dispatch: under on: enables manual triggers from the Actions tab.

Question 28

How do you schedule a workflow to run nightly at 3 AM UTC?

Answer 28

on: schedule: - cron: '0 3 * * *'

Question 29

Where do you store sensitive API_KEY values for use in Actions?

Answer 29

In the repository’s Settings → Secrets → Actions; reference it as ${{ secrets.API_KEY }}.

Question 30

How do you output a value from one step so another step can reference it?

Answer 30

- id: step1 run: echo "::set-output name=myvar::hello" - run: echo "${{ steps.step1.outputs.myvar }}"

Question 31

How do you pass an output from one job to another?

Answer 31

In job A: outputs: result: ${{ steps.step1.outputs.myvar }} In job B: needs: jobA run: echo "${{ needs.jobA.outputs.result }}"

Question 32

What are service containers, and why use them?

Answer 32

Docker containers (e.g., services: mysql or services: redis) that run alongside your job—for integration tests against databases, caches, etc.

Question 33

How do you mount a MySQL service container in a job?

Answer 33

services: mysql: image: mysql:8 env: MYSQL_ROOT_PASSWORD: root ports: - 3306:3306 options: >- --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3

Question 34

How do you deploy to GitHub Pages from a workflow?

Answer 34

Use peaceiris/actions-gh-pages@v3 (or a similar action) with a publish_dir: parameter, plus a GITHUB_TOKEN secret.

Question 35

How do you publish an npm package in Actions?

Answer 35

- uses: actions/setup-node@v4 with: node-version: '18' registry-url: 'https://registry.npmjs.org' - run: npm ci - run: npm publish env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

Question 36

How do you invoke a third‑party Action from GitHub Marketplace?

Answer 36

Under a step, write uses: owner/repo@version (e.g., uses: actions/upload-artifact@v3).

Question 37

What is a composite action, and how is it defined?

Answer 37

A reusable custom Action made of multiple shell commands or sub‑steps; defined in action.yml with runs: using: "composite" and steps: inside.

Question 38

How does a Docker container Action differ from a composite Action?

Answer 38

A Docker Action packages a custom Docker image and defines runs: using: "docker" vs. a composite Action which runs steps on the GitHub runner directly.

Question 39

What is a reusable workflow, and how do you call it?

Answer 39

A workflow defined with on: workflow_call that other workflows invoke via uses: owner/repo/.github/workflows/name.yml@ref with with: inputs.

Question 40

How do you pass inputs to a called reusable workflow?

Answer 40

jobs: call-other: uses: owner/repo/.github/workflows/other.yml@main with: myInput: 'value' secrets: MY_SECRET: ${{ secrets.MY_SECRET }}

Question 41

How do you reference an output from a called workflow?

Answer 41

If the reusable workflow sets outputs: { foo: … }, then in the caller: ${{ jobs.call-other.outputs.foo }}.

Question 42

What’s the default shell for run: on an Ubuntu runner?

Answer 42

Bash (/bin/bash -e {0}).

Question 43

How do you override the shell in a run: step?

Answer 43

- run: echo "hello" shell: pwsh # PowerShell on Windows or cross‐platform

Question 44

What does continue-on-error: true do for a step?

Answer 44

Allows the step to fail without failing the entire job (job status becomes “neutral” or “success with warnings”).

Question 45

How do you set a custom timeout for a job?

Answer 45

timeout-minutes: 10 under the job definition (so the runner kills it after 10 minutes).

Question 46

How do you retain artifacts (e.g., test reports) longer than the default 90 days?

Answer 46

Use retention-days: when uploading artifacts: - uses: actions/upload-artifact@v3 with: name: test-report path: report.xml retention-days: 30

Question 47

How do you upload and then download build artifacts between jobs or workflows?

Answer 47

Upload: - uses: actions/upload-artifact@v3 with: name: my-artifact path: path/to/files/* Download: - uses: actions/download-artifact@v3 with: name: my-artifact path: ./restored-files

Question 48

How can you debug a failing step?

Answer 48

Add ACTIONS_STEP_DEBUG: true as a secret to your repo → rerun the workflow to see verbose logs. Insert echo "::debug::message" in your run: commands.

Question 49

What is the GITHUB_TOKEN, and why is it special?

Answer 49

An automatically generated token for each workflow run; used to authenticate API calls (checkout, creating PR comments, publishing releases) with least privilege to that repo.

Question 50

Name two common security best practices for GitHub Actions.

Answer 50

Use least‐privileged permissions in permissions: to scope what GITHUB_TOKEN can do. Pin third‑party Actions to a specific commit SHA (e.g., actions/checkout@e3a92c8…) to prevent supply‑chain attacks.