🚀 Day 12 of 30 Days of DevOps Interview Prep – GitHub Actions: CI/CD Pipeline for Node.js or Python Apps

Tathagat GaikwadTathagat Gaikwad
3 min read

Series: 30 Days DevOps Interview Preparation

Today’s focus: Building GitHub Actions workflows for Node.js and Python apps, integrating them with AWS for deployment.
This is a must-have skill for DevOps Engineers to automate build, test, and deploy pipelines directly from GitHub.

📖 Theory – What is GitHub Actions?

GitHub Actions is a CI/CD service built into GitHub.
It allows you to:

  • Automate workflows on push, pull request, or schedule.

  • Run builds in isolated virtual environments (Linux, macOS, Windows).

  • Integrate with cloud providers like AWS, Azure, GCP for deployment.

  • Use secrets to store credentials securely.

🔄 Typical CI/CD Flow for Node.js/Python Apps

Trigger → Checkout → Install Dependencies → Test → Build → Deploy

1️⃣ Trigger: Runs when code changes are pushed.
2️⃣ Checkout: Fetches your repository into the runner.
3️⃣ Setup Environment: Installs the required language version.
4️⃣ Install Dependencies: Installs packages/libraries.
5️⃣ Run Tests: Ensures code quality before deployment.
6️⃣ Build & Deploy: Pushes artifacts to AWS, Docker, or other environments.

🛠 Practical Example – Deploying to AWS EC2

Let’s create a GitHub Actions pipeline for a Node.js app and Python app, deploying to AWS EC2.

1. GitHub Secrets Setup

In your repository:

  • Go to Settings → Secrets and variables → Actions

  • Add:

    • AWS_ACCESS_KEY_ID

    • AWS_SECRET_ACCESS_KEY

    • EC2_HOST (Public IP/DNS)

    • EC2_USER (e.g., ec2-user)

    • EC2_KEY (Base64 encoded SSH private key)

2. Node.js Pipeline (deploy to AWS)

name: Node.js CI/CD

on:
  push:
    branches: [ "main" ]

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
    - name: Checkout code
      uses: actions/checkout@v3

    - name: Setup Node.js
      uses: actions/setup-node@v3
      with:
        node-version: '18'

    - name: Install dependencies
      run: npm install

    - name: Run tests
      run: npm test

    - name: Deploy to AWS EC2
      env:
        EC2_HOST: ${{ secrets.EC2_HOST }}
        EC2_USER: ${{ secrets.EC2_USER }}
        EC2_KEY: ${{ secrets.EC2_KEY }}
      run: |
        echo "$EC2_KEY" | base64 --decode > ec2_key.pem
        chmod 600 ec2_key.pem
        scp -o StrictHostKeyChecking=no -i ec2_key.pem -r ./* $EC2_USER@$EC2_HOST:/home/$EC2_USER/app
        ssh -o StrictHostKeyChecking=no -i ec2_key.pem $EC2_USER@$EC2_HOST "cd /home/$EC2_USER/app && npm install && pm2 restart all || pm2 start app.js"

3. Python Pipeline (deploy to AWS)

name: Python CI/CD

on:
  push:
    branches: [ "main" ]

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
    - name: Checkout code
      uses: actions/checkout@v3

    - name: Set up Python
      uses: actions/setup-python@v4
      with:
        python-version: '3.10'

    - name: Install dependencies
      run: pip install -r requirements.txt

    - name: Run tests
      run: pytest

    - name: Deploy to AWS EC2
      env:
        EC2_HOST: ${{ secrets.EC2_HOST }}
        EC2_USER: ${{ secrets.EC2_USER }}
        EC2_KEY: ${{ secrets.EC2_KEY }}
      run: |
        echo "$EC2_KEY" | base64 --decode > ec2_key.pem
        chmod 600 ec2_key.pem
        scp -o StrictHostKeyChecking=no -i ec2_key.pem -r ./* $EC2_USER@$EC2_HOST:/home/$EC2_USER/app
        ssh -o StrictHostKeyChecking=no -i ec2_key.pem $EC2_USER@$EC2_HOST "cd /home/$EC2_USER/app && pip install -r requirements.txt && systemctl restart myapp"

💬 Interview Preparation – Key Questions & Answers

Q1: How do you run jobs for multiple versions of Node.js or Python?
➡ Use matrix strategy in GitHub Actions to define multiple versions.

Q2: How do you securely store AWS credentials in GitHub Actions?
➡ Use GitHub Secrets – never hardcode credentials in workflows.

Q3: What’s the difference between a job and a step?
Job = group of steps running on a runner.
Step = individual task inside a job.

Q4: How do you deploy to AWS without exposing private keys?
➡ Use encrypted secrets + Base64 encoding for SSH keys.

Q5: How would you trigger workflow only on the main branch?
➡ Use branches: [ "main" ] under the on section.

✅ Key Takeaways

  • GitHub Actions integrates directly with your repo, making CI/CD simpler.

  • Use environment-specific setup for Node.js/Python.

  • Secrets management is essential for production deployments.

  • Always test before deployment.

🔗 Follow the series:
💻 GitHub: https://github.com/tathagatgaikwad22/devops-interview-preparation

#DevOps #GitHubActions #Nodejs #Python #AWS #CICD #InterviewPreparation #LearningInPublic #Automation

0
Subscribe to my newsletter

Read articles from Tathagat Gaikwad directly inside your inbox. Subscribe to the newsletter, and don't miss out.

github-actionsGitHubDevopsDevops articlespractical exerciseshandsonarticles

Written by

Tathagat Gaikwad
Tathagat Gaikwad