Continuous Integration and Continuous Delivery (CI/CD) automate the process of testing, building, and deploying your code. Through implementing pipelines for numerous projects, I've learned that good CI/CD isn't just about automationβit's about building confidence in every change.
This article covers GitHub Actions for Python projects, including automated testing, linting, and deployment workflows.
What is CI/CD?
Term
Description
Continuous Integration
Automatically test and validate every code change
Continuous Delivery
Automatically prepare releases for deployment
Continuous Deployment
Automatically deploy every passing change
Benefits
Catch bugs early - Tests run on every push
Consistent quality - Same checks for every change
Faster feedback - Know if your code works in minutes
Reduced manual work - No manual testing or deployment
Documentation - Pipeline shows what's needed to ship
GitHub Actions Basics
Workflow Structure
Triggers
Basic Python Workflow
Comprehensive CI Pipeline
Full Python CI Workflow
Matrix Testing
Caching and Optimization
Dependency Caching
Parallel Jobs
Secrets and Environment Variables
Using Secrets
Environment Configuration
Deployment Workflows
Deploy on Release
Deploy to Cloud Platforms
Workflow Patterns
Reusable Workflows
Conditional Jobs
Pull Request Workflows
PR Checks
Auto-merge Dependabot PRs
Practical Exercise
Exercise 1: Create a Complete CI Pipeline
Create a CI workflow that:
Runs linting (Ruff)
Runs tests with coverage
Checks types with mypy
Builds the package
Publishes to PyPI on release
Exercise 2: Add Branch Protection
Configure branch protection rules for main:
Require status checks to pass
Require pull request reviews
Require up-to-date branches
CI/CD Best Practices
Do's
β Run tests on every PR
β Cache dependencies
β Use matrix testing for multiple versions
β Keep secrets in GitHub Secrets
β Use environment protection rules
β Fail fast on obvious issues
Don'ts
β Store secrets in code
β Skip tests for "small changes"
β Deploy without tests passing
β Use overly complex workflows
β Ignore flaky tests
Key Takeaways
Automate everything - If you do it twice, automate it
Fast feedback - Run quick checks first
Test on multiple versions - Matrix builds catch compatibility issues
Secure your secrets - Use GitHub Secrets, never commit credentials
Progressive deployment - Stage β Production with approvals
What's Next?
With CI/CD automating your quality checks, let's focus on human collaboration. In Article 11: Code Review Practices, we'll cover effective code review strategies and PR workflows.
# .github/workflows/ci.yml
name: CI Pipeline # Workflow name
on: # Trigger events
push:
branches: [main]
pull_request:
branches: [main]
jobs: # Jobs to run
test: # Job name
runs-on: ubuntu-latest # Runner environment
steps: # Steps in the job
- uses: actions/checkout@v4
- name: Run tests
run: pytest
on:
# On push to specific branches
push:
branches: [main, develop]
paths:
- 'src/**'
- 'tests/**'
- 'pyproject.toml'
# On pull requests
pull_request:
branches: [main]
# On schedule (cron syntax)
schedule:
- cron: '0 0 * * *' # Daily at midnight
# Manual trigger
workflow_dispatch:
inputs:
environment:
description: 'Environment to deploy to'
required: true
default: 'staging'
# On release
release:
types: [published]
