GitHub Actions 实战
基础概念
GitHub Actions 是 GitHub 提供的 CI/CD 平台,通过 Workflow 文件定义自动化流程。
核心组件
| 组件 | 说明 |
|---|---|
| Workflow | 一个完整的自动化流程,由 YAML 文件定义 |
| Job | Workflow 中的一组步骤,运行在同一 Runner 上 |
| Step | Job 中的单个任务,可以运行命令或 Action |
| Action | 可复用的自动化单元,类似函数 |
| Runner | 执行 Workflow 的服务器 |
基本 Workflow 结构
name: CI Pipeline
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 20
cache: npm
- name: Install dependencies
run: npm ci
- name: Run tests
run: npm test
- name: Build
run: npm run build
高级用法
矩阵构建
在多个操作系统和版本组合中并行测试:
jobs:
test:
strategy:
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
node: [18, 20, 22]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node }}
- run: npm ci && npm test
工作流依赖与产物传递
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: npm ci && npm run build
- uses: actions/upload-artifact@v4
with:
name: build-output
path: dist/
deploy:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/download-artifact@v4
with:
name: build-output
- run: ./deploy.sh
条件执行
jobs:
deploy:
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
steps:
- run: echo "Deploying to production"
notify:
if: failure()
steps:
- run: echo "Pipeline failed!"
环境与密钥管理
jobs:
deploy:
environment: production
steps:
- name: Deploy to production
run: ./deploy.sh
env:
API_TOKEN: ${{ secrets.PRODUCTION_API_TOKEN }}
DEPLOY_KEY: ${{ secrets.DEPLOY_SSH_KEY }}
常用 Actions
# 代码检出
- uses: actions/checkout@v4
# Docker 登录
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# 构建和推送 Docker 镜像
- uses: docker/build-push-action@v5
with:
push: true
tags: ghcr.io/myorg/myapp:${{ github.sha }}
# 缓存依赖
- uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
定时任务 Workflow
name: Nightly Cleanup
on:
schedule:
- cron: '0 6 * * *' # 每天早上 6 点
jobs:
cleanup:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Clean stale branches
run: ./scripts/cleanup-stale-branches.sh
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
最佳实践
1. 使用 Action 版本锁
# 推荐:锁定到具体版本
- uses: actions/checkout@v4
# 不推荐:使用 @main 或 @master
- uses: actions/checkout@main
2. 优化缓存
- uses: actions/setup-node@v4
with:
node-version: 20
cache: npm # 自动缓存 node_modules
3. 细粒度触发条件
on:
push:
paths:
- 'src/**'
- 'tests/**'
- 'package.json'
pull_request:
paths-ignore:
- 'docs/**'
- 'README.md'
4. 并行化与超时
jobs:
test:
timeout-minutes: 30
strategy:
fail-fast: false # 一个失败不影响其他矩阵任务
matrix:
shard: [1, 2, 3, 4]
总结
GitHub Actions 提供了强大而灵活的 CI/CD 能力,通过 YAML 配置即可实现从简单测试到复杂的多环境部署流水线。善用矩阵构建、缓存和条件执行等功能,可以显著提升开发和交付效率。