
GitHub Actions CI/CD: From Commit to Production
GitHub Actions CI/CD: From Commit to Production
1. The Need for CI/CD
Continuous Integration and Continuous Deployment (CI/CD) automate the journey from code commit to production deployment. GitHub Actions makes this accessible to every project with tight GitHub integration, a large marketplace of actions, and generous free tier for public repositories.

2. Building a CI Pipeline
A basic CI pipeline runs tests and linting on every push and pull request. This catches issues before they reach production.
1name: CI
2on:
3push:
4 branches: [main]
5pull_request:
6 branches: [main]
7
8jobs:
9test:
10 runs-on: ubuntu-latest
11 strategy:
12 matrix:
13 node-version: [18, 20, 22]
14
15 steps:
16 - uses: actions/checkout@v4
17
18 - uses: actions/setup-node@v4
19 with:
20 node-version: ${{ matrix.node-version }}
21 cache: "npm"
22
23 - run: npm ci
24
25 - run: npm run lint
26
27 - run: npm run typecheck
28
29 - run: npm test -- --coverage
30
31 - uses: codecov/codecov-action@v4
32 with:
33 token: ${{ secrets.CODECOV_TOKEN }}3. Adding CD: Deploy to Production
Once CI passes on the main branch, automatically deploy to production. This example deploys a Next.js app to Vercel.
1name: Deploy
2on:
3push:
4 branches: [main]
5
6jobs:
7deploy:
8 runs-on: ubuntu-latest
9 environment: production
10
11 steps:
12 - uses: actions/checkout@v4
13
14 - uses: actions/setup-node@v4
15 with:
16 node-version: 20
17 cache: "npm"
18
19 - run: npm ci
20
21 - run: npm run build
22 env:
23 NEXT_PUBLIC_API_URL: ${{ vars.API_URL }}
24
25 - name: Deploy to Vercel
26 uses: amondnet/vercel-action@v25
27 with:
28 vercel-token: ${{ secrets.VERCEL_TOKEN }}
29 vercel-org-id: ${{ secrets.ORG_ID }}
30 vercel-project-id: ${{ secrets.PROJECT_ID }}
31 vercel-args: "--prod"4. Environment Management
GitHub Actions supports environments with protection rules and secrets. Use different environments for staging and production.
1deploy-staging:
2runs-on: ubuntu-latest
3environment: staging
4steps:
5 - uses: actions/checkout@v4
6 - run: npm ci && npm run build
7 - run: echo "Deploy to staging..."
8
9# Only deploy to production after staging succeeds
10deploy-production:
11needs: deploy-staging
12runs-on: ubuntu-latest
13environment:
14 name: production
15 url: https://myapp.com
16steps:
17 - uses: actions/checkout@v4
18 - run: npm ci && npm run build
19 - run: echo "Deploy to production..."5. Best Practices
- Cache dependencies — Use
actions/cacheor the built-incacheparameter insetup-node - Matrix builds — Test across multiple Node versions or operating systems
- Secrets management — Store API keys in GitHub Secrets, never in code
- Conditional workflows — Use
pathsandpaths-ignoreto skip unnecessary runs - Concurrency — Cancel in-progress runs when new pushes happen
- Artifacts — Store build outputs for later inspection
6. Verdict
GitHub Actions provides everything you need for modern CI/CD. Start with a simple CI pipeline that runs tests on every PR. Add deployment automation once your CI is stable. The combination of GitHub Actions + Vercel or Netlify gives you a complete, production-grade deployment pipeline with minimal maintenance.