GitHub Actions for Node.js Apps

Rate this content
Bookmark

GitHub Actions offer a convenient, feature-rich solution for building CI pipelines. Actions consist of composable steps controlled YAML files checked into your code repo. Come learn how to perform tasks that are commonly required of modern Node.js codebases, such as package installation, linting, running tests as part of pull requests, building Docker images, and deploying when code is merged into the main branch.

Thomas Hunter II
Thomas Hunter II
32 min
01 Jul, 2021

Comments

Sign in or register to post your comment.

Video Summary and Transcription

GitHub Actions allow for continuous integration tasks, defined in YAML files, that can be versioned and reviewed through pull requests. Workflows can be triggered by events such as pull requests or merges, and steps can refer to external GitHub repositories. Docker containers can be built and deployed using GitHub Actions, with configuration setup and deployment defined in YAML files. Values can be used and shared between GitHub Actions, and Node.js internals can be instrumented for performance monitoring.

1. Introduction to GitHub Actions

Short description:

Hi, I'm Thomas Hunter, and welcome to my talk, GitHub Actions for Node Apps. In this talk, I will give an overview of GitHub actions, which allow you to run continuous integration tasks related to your code base. GitHub actions are defined using YAML files and can be versioned and reviewed through pull requests. They are composable, allowing you to build dependency graphs and run code in parallel. Steps can refer to external GitHub repositories.

Hi, I'm Thomas Hunter, and welcome to my talk, GitHub Actions for Node Apps. And the content from this talk is based on a book I recently published called Distributed Systems with Node.

Alright, let's dive into it. So first, we're going to look at an overview of GitHub actions. So you might be wondering what is a GitHub action? Well, it's a way to run continuous integration tasks related to your code base. And it's actually super convenient if your code already happens to be hosted on GitHub, which most repositories these days seem to be.

The way it works is it ultimately allocates a virtual machine for you somewhere, and then runs a bunch of code for you once a GitHub action has been triggered. And so as far as billing goes, it ends up being based on minutes. And so if you have a free account, you get 2000 minutes per month, a pro account 3000 minutes per month. And if you have paid accounts, you can, you know, sort of, you get different tiers, and you can pay for them as well.

And so this provides continuous integration that's defined using code. And so these GitHub actions end up being defined using YAML files that are checked into the repository. So they're going to live in the GitHub directory inside a folder called workflows. And then you can end up creating multiple YAML files for each different workflow that you want to define. So they end up getting committed. They're versioned, you know, checked in, you can make pull requests, sort of verify and review that they look good. And honestly, for using a system like Travis CI or CircleCI, you know, this approach isn't going to be all that different. One thing that's nice, though, is you don't have to create a new account. You don't have to, you know, authorize it, configure and all that stuff. Since everything lives under the GitHub house or roof, it all ends up working together pretty, pretty seamlessly.

One nice quality about these workflows is that they're composable. And so workflow ends up being made of one or more jobs and then a job is made of one or more steps. These different jobs, they end up running on different virtual machines. You can specify dependencies. You can say that this job depends on that other job. And so by defining them that way, you can build out some sort of dependency graph and run code in parallel. And the individual steps, those end up getting run sequentially. So the steps can actually refer to external GitHub repositories. And so for example, this uses line here, that represents code that you would see within one of these workflow files. And so this is saying that it's using actions slash set up dash node at V2.1.4.

2. GitHub Actions and Workflow Example

Short description:

And so that actually ends up translating to a GitHub repository. Another thing you can do is define configuration used by these workflows. It's a way to just set key value pairs that you can use within your workflows. If you adopt GitHub Actions, consider creating actions for common organization patterns. Let's look at an example workflow for a pull request. The output for these workflows is contextual within the pull request. Now, let's look at a workflow file. It represents boilerplate needed for different workflows. We have a workflow called PR lint test.yaml. It specifies the trigger for executing this workflow. We have a jobs clause with a build job defined.

And so that actually ends up translating to a GitHub repository. In this case, it's the actions organization, which is maintained by GitHub, and then the setup node repository and that. And then that at symbol there, that actually references a tag. And so this is saying that we want to use the V2.1.4 tag.

Another thing you can do is define configuration used by these workflows. And then that configuration ends up sitting inside the project settings. And that configuration is called a secret. Those secrets are sort of kept from the eyes of those who shouldn't necessarily see it. But essentially, it's a way to just set key value pairs that you can use within your workflows.

Another one thing that you should consider doing if you adopt GitHub Actions, is to then create actions for common organization patterns. So, for example, if your company has perhaps like a dozen node repos, and they all end up deploying microservices within your infrastructure, it would then make sense to create GitHub Actions that you can then share amongst all those projects.

All right, now let's look at an example workflow, this is one that we're going to use for a pull request. And so much like the other CI solutions, if you've used them, is that the output for these end up being contextual within the pull request. So in this case, we can see that there's this poorly crafted pull request with no description. But we can see at the bottom that the results of the workflow have been published. So they're very convenient to see contextually within a pull request.

So let's actually look at a workflow file. So this represents a bit of boilerplate, which you'll need to use within these different workflows. But it's not too bad. In this case, we have a workflow called PR lint test.yaml. So the first thing we do is define a name. So this will be displayed in the GitHub user interface. So in this case, the name is linter and acceptance test. We then have this on clause here, which specifies essentially the trigger for executing this workflow. And so what this is saying that is when a pull request is made against the main branch, that it should kick off this workflow. You also notice that sort of dangling field there called workflow dispatch. And so by providing that, you're able to then manually trigger this workflow as well using the user interface. After that, we have this jobs clause. And inside there we have a build job defined. And we're saying that jobs is going to run on the latest Ubuntu image.

QnA

Check out more articles and videos

We constantly think of articles and videos that might spark Git people interest / skill us up or help building a stellar career

Levelling up Monorepos with npm Workspaces
DevOps.js Conf 2022DevOps.js Conf 2022
33 min
Levelling up Monorepos with npm Workspaces
Top Content
Learn more about how to leverage the default features of npm workspaces to help you manage your monorepo project while also checking out some of the new npm cli features.
It's a Jungle Out There: What's Really Going on Inside Your Node_Modules Folder
Node Congress 2022Node Congress 2022
26 min
It's a Jungle Out There: What's Really Going on Inside Your Node_Modules Folder
Top Content
Do you know what’s really going on in your node_modules folder? Software supply chain attacks have exploded over the past 12 months and they’re only accelerating in 2022 and beyond. We’ll dive into examples of recent supply chain attacks and what concrete steps you can take to protect your team from this emerging threat.
You can check the slides for Feross' talk here.
Automating All the Code & Testing Things with GitHub Actions
React Advanced Conference 2021React Advanced Conference 2021
19 min
Automating All the Code & Testing Things with GitHub Actions
Top Content
Code tasks like linting and testing are critical pieces of a developer’s workflow that help keep us sane like preventing syntax or style issues and hardening our core business logic. We’ll talk about how we can use GitHub Actions to automate these tasks and help keep our projects running smoothly.
Fine-tuning DevOps for People over Perfection
DevOps.js Conf 2022DevOps.js Conf 2022
33 min
Fine-tuning DevOps for People over Perfection
Top Content
Demand for DevOps has increased in recent years as more organizations adopt cloud native technologies. Complexity has also increased and a "zero to hero" mentality leaves many people chasing perfection and FOMO. This session focusses instead on why maybe we shouldn't adopt a technology practice and how sometimes teams can achieve the same results prioritizing people over ops automation & controls. Let's look at amounts of and fine-tuning everything as code, pull requests, DevSecOps, Monitoring and more to prioritize developer well-being over optimization perfection. It can be a valid decision to deploy less and sleep better. And finally we'll examine how manual practice and discipline can be the key to superb products and experiences.
Towards a Standard Library for JavaScript Runtimes
Node Congress 2022Node Congress 2022
34 min
Towards a Standard Library for JavaScript Runtimes
Top Content
You can check the slides for James' talk here.
ESM Loaders: Enhancing Module Loading in Node.js
JSNation 2023JSNation 2023
22 min
ESM Loaders: Enhancing Module Loading in Node.js
Native ESM support for Node.js was a chance for the Node.js project to release official support for enhancing the module loading experience, to enable use cases such as on the fly transpilation, module stubbing, support for loading modules from HTTP, and monitoring.
While CommonJS has support for all this, it was never officially supported and was done by hacking into the Node.js runtime code. ESM has fixed all this. We will look at the architecture of ESM loading in Node.js, and discuss the loader API that supports enhancing it. We will also look into advanced features such as loader chaining and off thread execution.

Workshops on related topic

Node.js Masterclass
Node Congress 2023Node Congress 2023
109 min
Node.js Masterclass
Top Content
Workshop
Matteo Collina
Matteo Collina
Have you ever struggled with designing and structuring your Node.js applications? Building applications that are well organised, testable and extendable is not always easy. It can often turn out to be a lot more complicated than you expect it to be. In this live event Matteo will show you how he builds Node.js applications from scratch. You’ll learn how he approaches application design, and the philosophies that he applies to create modular, maintainable and effective applications.

Level: intermediate
Build and Deploy a Backend With Fastify & Platformatic
JSNation 2023JSNation 2023
104 min
Build and Deploy a Backend With Fastify & Platformatic
WorkshopFree
Matteo Collina
Matteo Collina
Platformatic allows you to rapidly develop GraphQL and REST APIs with minimal effort. The best part is that it also allows you to unleash the full potential of Node.js and Fastify whenever you need to. You can fully customise a Platformatic application by writing your own additional features and plugins. In the workshop, we’ll cover both our Open Source modules and our Cloud offering:- Platformatic OSS (open-source software) — Tools and libraries for rapidly building robust applications with Node.js (https://oss.platformatic.dev/).- Platformatic Cloud (currently in beta) — Our hosting platform that includes features such as preview apps, built-in metrics and integration with your Git flow (https://platformatic.dev/). 
In this workshop you'll learn how to develop APIs with Fastify and deploy them to the Platformatic Cloud.
0 to Auth in an Hour Using NodeJS SDK
Node Congress 2023Node Congress 2023
63 min
0 to Auth in an Hour Using NodeJS SDK
WorkshopFree
Asaf Shen
Asaf Shen
Passwordless authentication may seem complex, but it is simple to add it to any app using the right tool.
We will enhance a full-stack JS application (Node.JS backend + React frontend) to authenticate users with OAuth (social login) and One Time Passwords (email), including:- User authentication - Managing user interactions, returning session / refresh JWTs- Session management and validation - Storing the session for subsequent client requests, validating / refreshing sessions
At the end of the workshop, we will also touch on another approach to code authentication using frontend Descope Flows (drag-and-drop workflows), while keeping only session validation in the backend. With this, we will also show how easy it is to enable biometrics and other passwordless authentication methods.
Table of contents- A quick intro to core authentication concepts- Coding- Why passwordless matters
Prerequisites- IDE for your choice- Node 18 or higher
Building a Hyper Fast Web Server with Deno
JSNation Live 2021JSNation Live 2021
156 min
Building a Hyper Fast Web Server with Deno
WorkshopFree
Matt Landers
Will Johnston
2 authors
Deno 1.9 introduced a new web server API that takes advantage of Hyper, a fast and correct HTTP implementation for Rust. Using this API instead of the std/http implementation increases performance and provides support for HTTP2. In this workshop, learn how to create a web server utilizing Hyper under the hood and boost the performance for your web apps.
Deploying React Native Apps in the Cloud
React Summit 2023React Summit 2023
88 min
Deploying React Native Apps in the Cloud
WorkshopFree
Cecelia Martinez
Cecelia Martinez
Deploying React Native apps manually on a local machine can be complex. The differences between Android and iOS require developers to use specific tools and processes for each platform, including hardware requirements for iOS. Manual deployments also make it difficult to manage signing credentials, environment configurations, track releases, and to collaborate as a team.
Appflow is the cloud mobile DevOps platform built by Ionic. Using a service like Appflow to build React Native apps not only provides access to powerful computing resources, it can simplify the deployment process by providing a centralized environment for managing and distributing your app to multiple platforms. This can save time and resources, enable collaboration, as well as improve the overall reliability and scalability of an app.
In this workshop, you’ll deploy a React Native application for delivery to Android and iOS test devices using Appflow. You’ll also learn the steps for publishing to Google Play and Apple App Stores. No previous experience with deploying native applications is required, and you’ll come away with a deeper understanding of the mobile deployment process and best practices for how to use a cloud mobile DevOps platform to ship quickly at scale.