01. GitHub Actions – Core Concepts

• Create and Run Workflow: GitHub Action Core Components
• Configure Checkout Action and Executing Shell Scripts
• Workflow Architecture: Multiple Jobs and Sequential Execution (needs)
• Storing Workflow Data as Artifacts
• Variables and Secrets: Repository and Environment levels
• Advanced Logic: Matrix strategies, Job concurrency, and Timeouts
• Expressions and Contexts: Context information and if expressions
• Event Filters, Activity Types, and Webhook Events
• Troubleshooting: Debug logging and REST API log access

02. Continuous Integration with GitHub Actions

• NodeJS Application CI: Run, Test, and Code Coverage
• DevOps Pipeline Fundamentals
• Matrix Strategy for Unit Testing
• Caching: Node dependencies and Invalidation strategies
• Docker Integration: Login, Build, Test, and Push
• GitHub Packages (GHCR): Publishing and Versioning
• Advanced Runners: Job Containers and Service Containers

03. Continuous Deployment with GitHub Actions

• Kubernetes Deployment: Kubectl setup and Kubeconfig management
• Placeholder Token Replacement in Manifests
• Deployment Environments: Secrets, Approval Rules, and Environment Tags
• Deploying to Cloud Providers (AWS/Azure/GCP) via Workflows
• Pull Request Workflows and If-Expression logic

04. Reusable Workflows and Reporting

• Understanding and Configuring Reusable Workflows
• Handling Secrets, Inputs, and Outputs in Reusable components
• Organization-level Templated workflows
• Automated Reporting: Uploading to AWS S3
• Integrations: Slack notifications and Status Badges

05. Custom Actions

• Types of Custom Actions: Composite, Docker, and JavaScript Actions
• Sharing and Version Management of Custom Actions
• Metadata syntax and GitHub Releases
• Workflow Commands and Exit Code Management

06. Self-Hosted Runners

• Types of Runners: GitHub-hosted vs. Self-hosted
• Installing, Configuring, and Troubleshooting Self-hosted Runners
• Monitoring and Updating Runner Infrastructure

07. Security Guide

• Security Hardening for Workflows
• Mitigating Script Injection Attacks
• External Secret Management: Securing Secrets with HashiCorp Vault
• Compliance: Use CodeQL as a step in a workflow

08. GitHub Actions in the Enterprise Cloud

• Managing Self-hosted Runner Groups
• Enterprise-level Networking: Proxies and IP Allow Lists
• Governance: Organizational use policies and Action access control
• Distributing and Documenting Actions for Enterprise scale