GitHub Actions

GitHub Actions enables engineers to automate build, test, and deployment workflows directly from their repositories. It supports a wide range of DevOps use cases, including CI/CD, infrastructure provisioning, and integration with major cloud providers.

Tip: Browse the GitHub Actions Marketplace for reusable actions for AWS, Azure, GCP, and more.

Example 1: Deploy ASP.NET Core to Azure Web App

This workflow builds and deploys an ASP.NET Core app to Azure Web App on every push to main:

name: ASP.NET Core CI/CD with Azure

on:
  push:
    branches: [ main ]

env:
  AZURE_WEBAPP_NAME: myapp
  AZURE_WEBAPP_PACKAGE_PATH: './bin/Release/netcoreapp3.1/publish'

jobs:
  build-and-deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Setup .NET Core
        uses: actions/setup-dotnet@v3
        with:
          dotnet-version: '3.1.x'
      - name: Build and publish
        run: dotnet build --configuration Release --output ${{ env.AZURE_WEBAPP_PACKAGE_PATH }}
      - name: Deploy to Azure Web App
        uses: Azure/webapps-deploy@v2
        with:
          app-name: ${{ env.AZURE_WEBAPP_NAME }}
          package: ${{ env.AZURE_WEBAPP_PACKAGE_PATH }}

How it works:

• Checks out code, sets up .NET, builds, and publishes the app.

• Deploys to Azure Web App using the official action.

Example 2: Deploy Azure Infrastructure with ARM Templates

This workflow provisions Azure resources using an ARM template:

name: Azure Infrastructure Deployment

on:
  push:
    branches: [ main ]

env:
  AZURE_RG: 'my-resource-group'
  AZURE_LOCATION: 'westeurope'
  AZURE_TEMPLATE_FILE: './template.json'
  AZURE_PARAMETER_FILE: './parameters.json'

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Azure Login
        uses: azure/login@v1
        with:
          creds: ${{ secrets.AZURE_CREDENTIALS }}
      - name: Validate ARM Template
        uses: azure/arm-validate-action@v1
        with:
          templateFile: ${{ env.AZURE_TEMPLATE_FILE }}
          parametersFile: ${{ env.AZURE_PARAMETER_FILE }}
      - name: Create Resource Group
        run: az group create --name ${{ env.AZURE_RG }} --location ${{ env.AZURE_LOCATION }}
      - name: Deploy ARM Template
        uses: azure/arm-deploy@v1
        with:
          templateFile: ${{ env.AZURE_TEMPLATE_FILE }}
          parametersFile: ${{ env.AZURE_PARAMETER_FILE }}
          resourceGroupName: ${{ env.AZURE_RG }}

How it works:

• Logs in to Azure using a service principal stored in AZURE_CREDENTIALS secret (setup guide).

• Validates and deploys the ARM template to a resource group.

Best Practices

• Use branch protection rules to enforce code review and CI checks.

• Store secrets in GitHub Secrets and never hard-code credentials.

• Integrate Dependabot for automated dependency updates.

• Use GitHub Environments for safe, staged deployments.

• Reference the GitHub Actions Marketplace for reusable actions.

References

• GitHub Actions Documentation

• Azure Actions for GitHub

• GitHub Actions Security

---

Pro Tip: For multi-cloud or hybrid workflows, combine GitHub Actions with Terraform, Ansible, or Kubernetes actions for end-to-end automation.