Mantra Networking Mantra Networking

Github Actions (CI/CD): Step

Github Actions (CI/CD): Step
Created By: Lauren R. Garcia

Table of Contents

  • Overview
  • Example: Step Definition in a GitHub Actions Workflow
  • Step Elements Explained
  • Example: Custom Deployment Step
  • Important Points for Network Security Engineers
  • CI/CD Workflow Example Table
  • Conclusion

Overview: GitHub Actions (CI/CD) Step

What Is a Step in GitHub Actions?

step in GitHub Actions is a single, defined unit of work within a job in a workflow file. Each step can perform a distinct task, such as running a command, invoking a pre-built action, or configuring the environment. Steps are executed sequentially within a job, allowing you to break down complex automation processes into manageable, logical segments.

Why You Need to Know About Steps

  • Automation Clarity: Steps help organize workflows, making them readable and easy to understand at a glance. Each represents a specific action or checkpoint in your automation sequence.
  • Troubleshooting: With clear, discrete steps, it’s easier to pinpoint exactly where issues occur during CI/CD runs, leading to faster debugging and more efficient problem-solving.
  • Reusability and Modularity: Steps allow you to reuse common actions—like code checkout, dependency installation, or testing—across multiple workflows and projects.
  • Security and Compliance: By separating sensitive or privileged tasks into their own steps, you can more precisely control environment variables, secrets, and permissions.

How a Step Works

  • Each step is executed in the order defined within the job section of your workflow YAML file.
  • A step can use a GitHub Action (from the marketplace or custom-built), run a shell command, set environment variables, or call scripts and tools relevant to your deployment or development workflow.
  • Steps can reference outputs from previous steps, pass along environment variables, and leverage secrets set at the repository or organization level.
  • If any step fails (unless marked to continue on error), the job is halted, ensuring problems are caught early.

For example, in a typical CI/CD workflow, you might see steps to:

  • Check out code from the repository.
  • Set up your programming environment.
  • Install application dependencies.
  • Run unit or integration tests.
  • Deploy to a production or staging environment.

By mastering steps in GitHub Actions, you can automate repetitive tasks, improve deployment reliability, and build sophisticated, secure pipelines to support modern network and infrastructure projects.

Example: Step Definition in a GitHub Actions Workflow

Follow these steps to define an actionable step within a GitHub Actions workflow file. Each step automates a specific task in your CI/CD process, improving reliability and reducing manual work.

  1. Start with a Workflow File:

    Create a YAML file in your repository under .github/workflows/, such as ci-cd.yml.

  2. Define the Job Structure:

    Specify a jobs section to declare the automated tasks. For example, a job named build:

    jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      # Steps go here
  3. Add an Actionable Step:

    Each step performs a distinct task. Here are some common example steps:

    • Checkout Repository: 
      - name: Checkout code
  uses: actions/checkout@v4

      This pulls down your repository so other steps have access to its content.

    • Set Up the Desired Runtime Environment: 
      - name: Set up Python
  uses: actions/setup-python@v5
  with:
    python-version: '3.11'

      This prepares the environment (here, Python 3.11) for your workflow.

    • Install Dependencies: 
      - name: Install dependencies
  run: |
    python -m pip install --upgrade pip
    pip install -r requirements.txt

      This ensures required software packages are installed before running tests or builds.

    • Execute Tests: 
      - name: Run tests
  run: |
    pytest

      This step runs your test suite to validate code quality.

    • Deploy: 
      - name: Deploy to Production
  env:
    DEPLOY_SECRET: ${{ secrets.DEPLOY_SECRET }}
  run: |
    ./deploy.sh --credential "$DEPLOY_SECRET"

      This safely triggers a deployment using a stored secret for authentication.

  4. Repeat for Each Task in Your Process:

    Add any additional required action steps, keeping each one focused and modular. This supports automation, auditability, and maintainable workflows.

Step Elements Explained

Each step within a GitHub Actions workflow defines what action or command to perform. Understanding these core elements helps you build clear and effective automation workflows.

  1. name (Optional):

    This is a human-readable label that describes the purpose of the step. It makes the workflow logs easier to follow.

    - name: Checkout code
  2. uses:

    Specifies a reusable GitHub Action from the marketplace or your repository. This allows you to leverage pre-built automation.

    - uses: actions/checkout@v4
  3. run:

    Executes shell commands or scripts directly on the runner machine. Use this to run custom commands or scripts.

    - run: echo "Hello, world!"
  4. with:

    Provides input parameters to the action specified in uses. This configures the behavior of that action.

    - uses: actions/setup-python@v5
  with:
    python-version: '3.11'
  5. env (Optional):

    Defines environment variables that will be available to the step. Useful for passing secrets or configuration values securely.

    - name: Deploy
  env:
    DEPLOY_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
  run: ./deploy.sh

Combining these elements allows precise control over how your CI/CD pipeline behaves, improving automation reliability and readability.

Example: Custom Deployment Step

This section demonstrates how to add a deployment step in your GitHub Actions workflow. Follow each step to automate releases securely and efficiently within your CI/CD pipeline.

  1. Prepare Deployment Credentials:

    Store sensitive information—such as tokens or passwords—in your repository’s secrets settings. Avoid placing these values directly in your workflow files.

  2. Add the Deployment Step:

    Insert a dedicated deployment stage inside the steps list of your job. Specify the necessary environment variable and command for deployment. Example:

    - name: Deploy to Production
  env:
    DEPLOY_SECRET: ${{ secrets.DEPLOY_SECRET }}
  run: |
    ./deploy.sh --credential "$DEPLOY_SECRET"

    This step runs a deployment script and passes an authentication secret from the workflow’s environment.

  3. Sequence After Testing:

    Ensure the deployment runs after code checkout, environment setup, dependency installation, and tests—all in the correct order to maintain reliability.

  4. Monitor Workflow Execution:

    After pushing your workflow file, review the GitHub Actions logs to confirm the deployment completes successfully and troubleshoot if needed.

Custom deployment steps like this provide flexibility for deploying to any environment, while securely handling sensitive values and maintaining repeatable automation.

Important Points for Network Security Engineers

Integrating GitHub Actions with network automation involves several best practices to ensure secure and reliable workflow deployment. Follow these steps for optimal results as a network security professional.

  1. Maintain Step Separation:

    Design each step in your workflow to handle a single, focused task. Examples include code checkout, configuration validation, deployment execution, and audit logging. Clear separation eases troubleshooting and supports least-privilege principles.

  2. Protect Credentials and Sensitive Data:

    Store secrets—such as tokens or passwords—only in your repository’s encrypted secrets. Reference them in your workflow with proper environment variable practices. Never hard-code credentials in the workflow file.

  3. Version and Reuse Actions Carefully:

    Always reference specific versions of marketplace actions (e.g., actions/checkout@v4). This prevents unexpected changes and ensures consistency in your network automation pipeline.

  4. Enable Audit and Traceability:

    Take advantage of GitHub Actions’ built-in logging. Review logs after each run for visibility into what steps executed and when. Preserve logs when integrating with compliance monitoring tools.

  5. Automate Security Controls:

    Use workflow steps to trigger automated checks for configuration compliance, vulnerability scanning, and policy enforcement. Automation helps enforce standards across all environments.

Following these practices not only automates your infrastructure safely but also strengthens the foundation for maintaining secure, repeatable, and compliant network operations.

CI/CD Workflow Example Table

This section presents a clear, step-by-step table showcasing common steps in a GitHub Actions CI/CD workflow. Use this as a template or reference to build and document your own automation pipeline.

Step Name Type Purpose Example Snippet
Checkout code uses Pulls the repository’s files for use in the workflow steps 
uses: actions/checkout@v4
Set up Python uses Prepares the Python runtime environment for subsequent actions 
uses: actions/setup-python@v5
with:
  python-version: '3.11'
Install dependencies run Installs all required packages so the code can build or run 
run: |
  python -m pip install --upgrade pip
  pip install -r requirements.txt
Run tests run Executes test suites to verify code quality and functionality 
run: pytest
Deploy to Production run Starts the deployment script and uses a secret for secure authentication 
env:
  DEPLOY_SECRET: ${{ secrets.DEPLOY_SECRET }}
run: |
  ./deploy.sh --credential "$DEPLOY_SECRET"

Referencing or adapting these step types helps ensure your CI/CD pipelines are organized, auditable, and easy to maintain.

Conclusion

Throughout this blog post, we explored how GitHub Actions can be used to automate your software development lifecycle, focusing on defining clear and modular steps within your CI/CD workflow. We broke down the essential components of a step—such as naming, using pre-built actions, running commands, configuring inputs, and setting environment variables—to give you a solid understanding of how each piece functions.

You also saw practical examples, from setting up the environment and installing dependencies to running tests and deploying your application securely with secrets managed through GitHub. The methodical, step-by-step explanations aim to help you design workflows that are maintainable, traceable, and tailored to your needs, especially in network infrastructure automation scenarios.

For network security engineers and automation specialists, adopting this approach promotes clear separation of tasks, secure handling of sensitive information, and consistent use of trusted action versions. In doing so, not only can you gain efficiency in deployment cycles but also reinforce robust and audit-friendly processes across your infrastructure projects.

As you continue exploring and building with GitHub Actions, remember that incremental improvements and thoughtful automation will save you time and reduce errors, allowing you to focus on higher-impact initiatives.

Thanks for reading — happy automating, and feel free to share your experiences and questions as you delve further into CI/CD with GitHub Actions!

Share Share Share Share Share Email