CI/CD with GitHub Actions — basic Python setup

Cloud deployments from article 157 amplify mistakes unless pipelines gate merges. GitHub Actions expresses workflows as YAML declaring triggers, runners, caches, secrets, and multi-job DAGs.

📚 Prerequisites

Repo hosted on GitHub (or analogous mental model translating to Azure DevOps/GitLab CI).

🎯 What you'll learn

Run pytest on every PR with matrixed Python versions.
Cache dependency downloads (pip) for speed.

Minimal workflow snippet

.github/workflows/ci.yml:

name: ci
on:
  push:
    branches: [main]
  pull_request:

jobs:
  test:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        python-version: ["3.10", "3.12"]
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: ${{ matrix.python-version }}
          cache: "pip"
      - run: |
          python -m pip install --upgrade pip
          pip install -r requirements-dev.txt
      - run: pytest --maxfail=1 --disable-warnings -q

Secrets and signing

Production deploy jobs read encrypted secrets (PYPI_TOKEN, DOCKERHUB_USERNAME) injected as env vars—never echo them accidentally in logs.

💡 Key takeaways

Fast CI lowers batch size; small merges reduce risky Friday deploys even without formal process theater.

➡️ Next steps

Profile hot paths thoughtfully—see performance optimization basics.

📚 Prerequisites​

🎯 What you'll learn​

Minimal workflow snippet​

Secrets and signing​

💡 Key takeaways​

➡️ Next steps​