GitHub Actions (EN)

A developer notices that a specific action in their workflow is consistently failing. Upon inspecting the workflow configuration file, they find that the action is supposed to trigger every time a pull request is labeled 'urgent'. However, the action fails to trigger even when the label is correctly applied. What is the most likely reason for this issue? The event trigger in the workflow file is incorrectly configured.
A GitHub Actions workflow consistently fails at a step utilizing a JavaScript action with an error message indicating an issue with the node version. What is the most appropriate way to address this issue? Add a step to update the node version in the runner environment before executing the JavaScript action.
A GitHub Actions workflow consistently fails at a step utilizing a JavaScript action with an error message indicating an issue with the node version. What is the most appropriate way to address this issue? Add a step to update the node version in the runner environment before executing the JavaScript action.
A GitHub Actions workflow fails during a step that executes a JavaScript action. The logs indicate a problem with a missing package. What is the most appropriate action to resolve this issue? Modify the JavaScript action to include a step for installing the missing package.
A GitHub Actions workflow fails during a step that executes a JavaScript action. The logs indicate a problem with a missing package. What is the most appropriate action to resolve this issue? Modify the JavaScript action to include a step for installing the missing package.
A new self-hosted runner was recently registered with your organization, but you don't see it in the runner group assigned to your team. Why can't you use the new runner? new runners are automatically assigned to a default group, therefore it needs to be moved to the group used by your team
A workflow run has failed, and you need to diagnose the issue. Which of the following is the first step you should take? Review the logs of the failed run in the Actions tab of the GitHub repository.
After creating a new workflow, GitHub Actions will suggest starter workflows for your repository. What option should you click on if there is a starter workflow that you want to use? Configure - Clicking on "Configure" will allow you to customize and set up the suggested starter workflow for your repository. This option enables you to tailor the workflow to fit the specific requirements of your project before using it.
April is in charge of auditing the operations team. While conducting a review, she noticed that many workflows are accessing secrets to carry out deployment and testing functions and is concerned that these secrets may appear in logs. What information can you provide to alleviate April's concerns about workflow logs? GitHub automatically redacts secrets printed to workflow logs, replacing them with placeholders
As a DevOps engineer, you're tasked with managing reusable components for your organization's workflows. What approach should you take? Store reusable components in a centralized repository, establish clear naming conventions, and create a maintenance plan.
As a GitHub Actions administrator, which of the following practices should be included in your organizational use policies for GitHub Actions? Regularly audit and review actions to ensure compliance with security standards and organizational policies. AND Define clear guidelines for creating, using, and sharing GitHub Actions within the organization AND Establish a process for regular updates and maintenance of shared actions to address vulnerabilities and improve performance.
As a GitHub organization administrator, you want to make a secret available to multiple repositories. What is the correct approach? Create an organization-level secret and select the repositories that should have access to it.
As an enterprise owner, you want to restrict the use of GitHub Actions within your organization but still allow access to essential workflows. Which of the following configurations would achieve this goal? enforce a policy to allow only local actions and reusable workflows
As the lead developer of the GitHub Action library, you are concerned about the reliability of versioning using tags. What is a recommended alternative to ensure consistency and security in versioning? implement commit SHAs for versioning to ensure reliability and security - Implementing commit SHAs for versioning provides a reliable and secure alternative to using tags. Commit SHAs uniquely identify each commit in the repository, ensuring consistency and security in versioning. By referencing commit SHAs, you can track changes accurately and avoid potential issues that may arise from using tags.
As the lead of a DevOps team, you're tasked with managing reusable components for workflows. What approach should you adopt? Create a dedicated repository for reusable components, establish clear naming conventions, and document maintenance procedures.
As you prepare to distribute your custom GitHub Action, what best practice should you follow to enhance its visibility and utility for potential users? offer a clear description of what the action accomplishes and select the most relevant category to accurately represent its utility
Consider you are managing workflows in a GitHub repository. Which of the following actions are correct in the context of GitHub Actions? Custom environment variables can be defined at the workflow, job, or step level for flexibility. AND Use the GITHUB_TOKEN secret to authenticate and perform actions with the GitHub API within a workflow. AND To view a history of all workflow runs, go to the Actions tab of the repository.
Dan would like Drew's input on a particular line in the logs of a recently run workflow. What is an efficient way to provide Drew access to the line in the logs? click on the step's line number to get a link to the specific line and share the link with Drew
Dani wants to be notified when a comment is created on an issue within a GitHub repository. Which event should be used within the configuration? issue_comment
Daniel is managing secrets for GitHub Actions workflows and is considering whether to store a sensitive API key at the organization or environment level. Which factors should be considered when making this decision? (select three) the frequency with which the API key needs to be updated, the level of access control required for different teams using the key e he number of repositories requiring access to the API key
Dave is building a workflow configuration that includes a reference to a filesystem path. What is the best practice for referencing a filesystem within a workflow configuration? use environment variables to reference the filesystem - Using environment variables to reference the filesystem path in a workflow configuration is a best practice as it allows for flexibility and portability. By using environment variables, the path can be easily changed or customized without having to modify the workflow configuration itself, making it more maintainable and adaptable to different environments.
Dave is creating a templated workflow for his organization. Where must Dave store the workflow files and associated metadata files for the templated workflow? inside a directory named workflow-templates within a repository named .github
During the execution of a Docker container action in a GitHub Actions workflow, you receive an error related to environment variables not being passed correctly. Which of the following steps is most likely to resolve the issue? Add the missing environment variables to the workflow's env section.
Evaluating the configuration below, which container registry does this workflow publish to? Registro de contêiner do GitHub
For a custom GitHub Action designed to deploy applications to multiple cloud platforms, what is the most effective method to manage and configure platform-specific deployment settings? Utilize a configuration file in the user's repository to define platform-specific settings, which the action reads and applies during deployment. AND Require users to store platform-specific settings as encrypted secrets in their GitHub repository and reference these in the action.
For a custom GitHub Action that requires periodic updates and maintenance, what is the best strategy to inform users about upcoming changes or deprecations that might affect their workflows? Use the action's code to display warning messages in the workflow logs when deprecated features are used., Update the README file of the action's repository with details about the changes and deprecations.
For a custom GitHub Action you are developing, which method is most appropriate for debugging issues that occur during the action's execution in a workflow? Utilize console.log statements in the action's code and review the output in the GitHub Actions workflow logs.
For a GitHub Action that requires frequent updates due to changes in external dependencies, what strategy should be employed to test and validate the action's functionality before releasing updates to ensure minimal impact on users? Set up an automated testing suite that runs tests against a variety of scenarios whenever changes are made, using GitHub Actions' own CI/CD capabilities.
For an action that was triggered on: pull request, where can you see the workflow run status? (select three) in a pull request before a merge, from the Actions tab of the repository e on the Checks tab of the pull request
GitHub Actions users in your organization are complaining that they can no longer use popular actions, such as checkout and labeler. What is the reason for this? the owner has restricted actions and reusable workflows to only those from your organization
GitHub Actions will allow for deleting a workflow run under the following conditions (select two) a workflow run that has been completed e a workflow run that is more than two weeks old
GitHub Packages is compatible with the following package managers: (select three) NuGet, the .NET package manager, Maven and Gradle, two package managers for Java e npm, a NodeJS package manager
Heather is troubleshooting a failure on one of her GitHub Actions workflow runs for recent pull request. Where can she view the logs to determine why the run may have failed? (select two) in the "Actions" tab of the repository e in the "Checks" tab of a pull request
How are database and service containers utilized in a GitHub Actions workflow? By defining services in the workflow file, allowing jobs to use the containers as part of the runtime environment.
How are database and service containers utilized in a GitHub Actions workflow? By defining services in the workflow file, allowing jobs to use the containers as part of the runtime environment.
How are dependent jobs implemented in a GitHub Actions workflow? By using the needs keyword to specify job dependencies, ensuring that certain jobs run only after their dependencies have completed successfully.
How are dependent jobs implemented in a GitHub Actions workflow? By using the needs keyword to specify job dependencies, ensuring that jobs run in the correct order.
How are encrypted secrets accessed within GitHub Actions and workflows? By using the secrets context in the workflow file to reference the secrets.
How are encrypted secrets accessed within GitHub Actions and workflows? By using the secrets context in the workflow file to reference the secrets.
How are encrypted secrets accessed within GitHub Actions workflows? By using the secrets context in the workflow file to reference the secrets by name.
How are encrypted secrets accessed within GitHub Actions workflows? By using the secrets context in the workflow file to reference the secrets by name.
How can a custom script be integrated into a GitHub Actions workflow? By using the run keyword in a step within a job to execute the script.
How can a script be incorporated into a GitHub Actions workflow? By using the run keyword in a step to execute shell commands or scripts.
How can a workflow status badge be added to a repository's README file? Use the markdown code provided in the Actions tab of the repository to embed the status badge.
How can caching be configured to speed up workflow execution in GitHub Actions? Use the cache action to store and retrieve dependencies, reducing installation time in subsequent runs.
How can caching be configured to speed up workflow execution in GitHub Actions? Use the cache action to store and retrieve dependencies, reducing installation time in subsequent runs.
How can data be passed between jobs in a GitHub Actions workflow? By using artifacts to share data between jobs in a workflow.
How can encrypted secrets be accessed within actions and workflows for GitHub Actions? using the secrets context within GitHub Actions, which allows encrypted secrets to be accessed as environment variables - The correct way to access encrypted secrets within actions and workflows for GitHub Actions is by using the secrets context within GitHub Actions. This context allows encrypted secrets to be accessed as environment variables, providing a secure and convenient method for utilizing sensitive information in workflows.
How can the retention period for artifacts be customized? custom retention periods can be defined for individual artifacts using the actions/upload-artifact action - GitHub Actions allows users to customize the retention period for artifacts by defining custom retention periods for individual artifacts using the actions/upload-artifact action. This feature enables users to manage artifact storage efficiently by specifying how long each artifact should be retained before being automatically removed.
How can workflow artifacts be removed from GitHub after they are no longer needed? Artifacts can be configured to automatically expire after a certain number of days.
How can workflow artifacts be removed from GitHub after they are no longer needed? Artifacts can be configured to automatically expire after a certain number of days.
How can you access an environment variable corresponding to an input in a Docker container action? use the args keyword in the action metadata file to pass the input to the Docker container - Using the args keyword in the action metadata file allows you to pass the input value as an argument to the Docker container. This argument can then be accessed within the container as an environment variable, enabling you to retrieve the corresponding input value efficiently.
How can you access encrypted secrets within a GitHub Actions workflow? Use the secrets context to access the secrets within your workflow file.
How can you access the current values of variables in a matrix within a job in the example below: reference variables through the matrix context with syntax like matrix.version and matrix.os
How can you add the action you've created to the GitHub Marketplace? tagging it as a new release and then publishing it
How can you configure a workflow to run on a scheduled basis? use the on: schedule event
How can you correctly call a reusable workflow in GitHub Actions? By specifying the workflow's file path in the uses keyword under a job.
How can you correctly call a reusable workflow in GitHub Actions? By specifying the workflow's file path in the uses keyword under a job.
How can you customize a workflow status badge to show the status of workflow runs triggered by the push event? add ?event=push to the end of the status badge URL
How can you customize the schedule of a GitHub actions workflow to run on weekdays only? use the on: schedule: cron syntax
How can you define a matrix for a job in a GitHub Actions workflow? use the matrix keyword within the strategy configuration of the job
How can you download workflow artifacts from the GitHub Actions user interface? Navigate to the Actions tab, select the specific workflow run, and download the artifacts from the Artifacts section at the bottom of the page.
How can you enable step debug logging in a GitHub Actions workflow? By setting the ACTIONS_STEP_DEBUG secret to true in the repository settings.
How can you ensure a script file in your repository is executable in a workflow job? by manually granting execute permissions to the script file on the runner - By manually granting execute permissions to the script file on the runner, you ensure that the script can be executed during the workflow job. This approach involves changing the file permissions to allow the script to run as an executable file.
How can you execute a command stored in your GitHub repository using a workflow? by running a script directly using the run keyword and specifying its location on the runner
How can you identify a GitHub Action's type, inputs, and outputs? By reading the action's action.yml file, which defines the action's interface including its type, required inputs, and outputs.
How can you identify a GitHub Action's type, inputs, and outputs? By reading the action's action.yml file, which defines the action's interface including its type, required inputs, and outputs.
How can you identify the event that triggered a GitHub Actions workflow? By checking the GITHUB_EVENT_NAME environment variable in the workflow run logs.
How can you identify the event that triggered a GitHub Actions workflow? By checking the GITHUB_EVENT_NAME environment variable in the workflow run logs.
How can you identify the event that triggered a GitHub Actions workflow? By checking the GITHUB_EVENT_NAME environment variable in the workflow run logs.
How can you make an environment variable available to subsequent steps in a workflow job using Bash? define or update the variable using the echo command with >>$GITHUB_ENV
How can you share actions and reusable workflows from your private repository without making them public? grant access to specific users or organizations for your private repository
How can you specify dependencies between jobs in a workflow? by defining dependencies in the workflow YAML file
How can you trigger a GitHub Actions workflow in Repository B whenever a new release is published in Repository A, assuming both repositories are within the same organization? Use the repository_dispatch event in Repository B, and trigger it using a webhook from Repository A upon release.
How can you use an organization's templated workflow in a repository? By selecting the template from the repository's Actions tab and then customizing it as needed.
How can you use workflow commands to customize the runner environment for a specific step? using the :: syntax to send commands to the runner during the run step
How can you view detailed logs to troubleshoot issues with a Docker container action in GitHub Actions? check the GitHub Actions logs for detailed information about the execution of the Docker container action
How do custom labels determine the eligibility of a self-hosted runner to process a job? labels are cumulative, and the runner must have all assigned labels to be eligible
How do events, workflows, jobs, and steps collaborate in a typical scenario? an event will trigger a workflow which will execute one or more jobs which consists of one or more steps
How do events, workflows, jobs, steps, and runs collaborate in a typical scenario? an event will trigger a workflow which will execute one or more jobs which consists of one or more steps
How do you ensure a workflow uses a specific version of a GitHub Action? By referencing the action in the workflow file with a version tag or commit SHA after the action's name (e.g., actions/checkout@v4).
How does a GitHub Actions workflow contribute to the deployment process to a cloud provider? by defining a series of actions in the workflow YAML file for deployment
How does the cache action in a GitHub Actions handle a cache miss? by automatically creating a new cache if the job is completed successfully
How long does the GITHUB_TOKEN last, and when does it expire? after a job finishes or after a maximum of 24 hours
How many jobs will be executed in the following workflow? 6 - The workflow defines a matrix job with two axes: 'animal' with values [cat, dog, bear] and 'color' with values [black, brown]. This results in a total of 3 (animal) x 2 (color) = 6 different combinations. Each combination will result in a separate job execution, hence a total of 6 jobs will be executed in this workflow.
How many PowerShell commands are executed on the Windows runner with the following workflow configuration? 3 - The workflow configuration consists of two steps that execute PowerShell commands. The first step installs the PSScriptAnalyzer module using two PowerShell commands: Set-PSRepository and Install-Module. The second step retrieves a list of rules using the Get-ScriptAnalyzerRule command. Therefore, a total of 3 PowerShell commands are executed on the Windows runner in this workflow.
How many required inputs are declared in the metadata of this actions example? 1
How should an appropriate distribution model for a GitHub Action be selected? Based on the intended audience and usage scope, choosing between public, private, or marketplace distribution.
How should an organization configure use policies for GitHub Actions to ensure compliance and efficiency? Define clear guidelines on usage, security, and maintenance, and enforce them through automated checks and balances.
How should you demonstrate creating a release strategy for a GitHub Action? by defining a release-management strategy and documenting major version updates, critical fixes, and security patches - Defining a release-management strategy and documenting major version updates, critical fixes, and security patches is the correct approach to creating a release strategy for a GitHub Action. This ensures transparency, helps users understand the significance of updates, and allows for effective communication of changes. Versioning is crucial for managing dependencies and ensuring compatibility with different workflows.
If an organization's templated workflow contains secret information such as ${{ secrets.token }}, what needs to be configured before using the workflow? create a secret named token in your repository
If you're navigating a GitHub repository for the first time, where would you typically find the GitHub Actions workflow files? In the .github/workflows directory at the root of the repository.
In a GitHub Actions workflow that is triggered by pull requests affecting any file, how can you configure a job to run only if a specific file has been modified and a preceding job has completed successfully? Combine the if condition and jobs.<job_id>.if attribute to check the success of a previous job and use a script step with git diff to verify if a specific file was modified
In a GitHub Actions workflow that is triggered by pull requests affecting any file, how can you configure a job to run only if a specific file has been modified and a preceding job has completed successfully? Combine the if condition and jobs.<job_id>.if attribute to check the success of a previous job and use a script step with git diff to verify if a specific file was modified
In a GitHub Actions workflow that is triggered by pull requests affecting any file, how can you configure a job to run only if a specific file has been modified and a preceding job has completed successfully? Combine the if condition and jobs.<job_id>.if attribute to check the success of a previous job and use a script step with git diff to verify if a specific file was modified
In a GitHub Actions workflow, how can you configure a job to reuse artifacts generated by a previous job in the same workflow? Implement the uses: actions/download-artifact@v2 step within the job, specifying the name of the artifact produced by the previous job.
In a GitHub Actions workflow, how can you efficiently reduce duplication of code when the same steps are used across multiple jobs? Implement a custom action and reference it in each job where the steps are required.
In a GitHub Actions workflow, how can you share data generated in one job with subsequent jobs in the same workflow? Use the upload-artifact and download-artifact actions to pass data between jobs.,
In a GitHub Actions workflow, how should you handle exit codes from a script to ensure correct workflow behavior? Use the if conditional in the workflow file to check for specific exit codes and handle them accordingly.
In a GitHub Actions workflow, how should you securely manage sensitive information like API keys or database credentials? Use GitHub Secrets and reference them in the workflow file using the ${{ secrets.SECRET_NAME }} syntax.
In a private repository, why are workflow badges not accessible externally? to prevent external embedding or linking from unauthorized sources. - Workflow badges in private repositories are not accessible externally to prevent unauthorized embedding or linking from external sources. This helps maintain the security and privacy of the repository by restricting access to only authorized users.
In a workflow requiring review, what action is taken if a job is rejected? the workflow fails
In an enterprise environment, what is the best practice for monitoring and analyzing the usage and performance of GitHub Actions across multiple repositories and teams? Implement a centralized logging and monitoring system that aggregates data from all GitHub Actions workflows
In an enterprise setting, how should a GitHub Actions workflow be configured to ensure that sensitive data, such as production database credentials, is securely managed and accessed only by authorized workflows? Store sensitive data as encrypted secrets in GitHub and restrict access to these secrets using GitHub's environment protection rules.
In an enterprise setting, how should a GitHub Actions workflow be configured to ensure that sensitive data, such as production database credentials, is securely managed and accessed only by authorized workflows? Store sensitive data as encrypted secrets in GitHub and restrict access to these secrets using GitHub's environment protection rules
In an enterprise setting, how should a GitHub Actions workflow be configured to ensure that sensitive data, such as production database credentials, is securely managed and accessed only by authorized workflows? Store sensitive data as encrypted secrets in GitHub and restrict access to these secrets using GitHub's environment protection rules.,
In creating a custom GitHub Action to enforce coding standards across multiple projects within an organization, what strategy should be employed to allow for project-specific customizations while maintaining a common set of standards? Create a base action with common standards and allow projects to extend or override these standards through a configuration file in each project's repository.
In creating a custom GitHub Action to enforce coding standards across multiple projects within an organization, what strategy should be employed to allow for project-specific customizations while maintaining a common set of standards? Create a base action with common standards and allow projects to extend or override these standards through a configuration file in each project's repository
In creating a custom GitHub Action to enforce coding standards across multiple projects within an organization, what strategy should be employed to allow for project-specific customizations while maintaining a common set of standards? Create a base action with common standards and allow projects to extend or override these standards through a configuration file in each project's repository.
In developing a custom GitHub Action that generates and publishes reports, how should the action be designed to handle large report files to ensure efficient performance and resource usage? Store the report files externally and provide download links in the action's output., Compress the report files within the action before publishing to minimize file size.
In developing a custom GitHub Action to integrate with a project management tool for automated task creation, how should the action be designed to customize task attributes based on different types of events in a GitHub repository? Allow users to define mappings between GitHub events and task attributes in a configuration file within their repository.
In GitHub Actions, how can you configure a workflow to trigger only on pull requests that are opened or reopened, and additionally only when changes are made to files in a specific directory? Use the on: pull_request trigger with a types field specifying opened and reopened, combined with a paths filter including the specific directory.
In GitHub Actions, how can you configure a workflow to trigger only on pull requests that are opened or reopened, and additionally only when changes are made to files in a specific directory? Use the on: pull_request trigger with a types field specifying opened and reopened, combined with a paths filter including the specific directory.
In GitHub Actions, how can you dynamically generate a matrix for a job to run against multiple configurations, using data from an external JSON file hosted in the same repository? Implement a custom action that reads the JSON file and outputs the matrix configuration, then use this output in the job's matrix setting.
In GitHub Actions, how can you effectively debug a failing job within a workflow? Insert echo commands in the workflow file to print out variable values and command outputs at various stages.
In GitHub Actions, how can you effectively debug a failing job within a workflow? Insert echo commands in the workflow file to print out variable values and command outputs at various stages.
In GitHub Actions, how can you ensure that a job in a workflow only runs on a specific day of the week, for instance, every Friday? Use the on: schedule syntax with a cron expression in the workflow file, such as on: schedule: - cron: '0 0 * * 5'.
In GitHub Actions, how can you ensure that a job in a workflow only runs on a specific day of the week, for instance, every Friday? Use the on: schedule syntax with a cron expression in the workflow file, such as on: schedule: - cron: '0 0 * * 5'.
In GitHub Actions, how can you ensure that a specific job in a workflow only runs after two other jobs have successfully completed? Implement the needs: [job1, job2] keyword in the job definition to establish a dependency on job1 and job2.
In GitHub Actions, how can you ensure that a specific job in a workflow only runs if changes were made to files in either of two different directories? Create a preliminary job to check for changes in the specified directories and use its output in the if condition of the dependent jobs.
In GitHub Actions, how can you ensure that a specific job in a workflow only runs if changes were made to files in either of two different directories? Create a preliminary job to check for changes in the specified directories and use its output in the if condition of the dependent jobs.
In GitHub Actions, how can you selectively run jobs within a workflow based on the type of event that triggered the workflow? Employ the if: github.event_name == 'event_type' condition at the start of each job to specify when the job should run based on the event type.
In GitHub Actions, how can you set up a workflow to run on both push and pullrequest events, but ensure specific jobs are executed only for pullrequest events? Configure the workflow with on: [push, pull_request] and use if: github.event_name == 'pull_request' conditionals on specific jobs.
In GitHub Actions, how can you set up a workflow to run on both push and pullrequest events, but ensure specific jobs are executed only for pullrequest events? Configure the workflow with on: [push, pull_request] and use if: github.event_name == 'pull_request' conditionals on specific jobs.
In GitHub Actions, how can you set up a workflow to trigger at a specific time only if there have been changes in a particular branch since the last successful run of the workflow? Configure the workflow with the on: schedule trigger and a cron expression, then use a script step to check for changes in the branch since the last run.
In GitHub Actions, how can you utilize artifacts generated in one workflow in a separate, subsequent workflow within the same repository? Use the on: workflow_run trigger in the subsequent workflow and utilize the actions/download-artifact@v2 action to fetch the artifacts
In GitHub Actions, how do you correctly configure a workflow to only execute a job when a previous job has failed? Use the needs keyword with if: failure() condition, like needs: job1 and if: failure() in the job definition.
In GitHub Actions, how do you correctly configure a workflow to only execute a job when a previous job has failed? Use the needs keyword with if: failure() condition, like needs: job1 and if: failure() in the job definition.
In GitHub Actions, how should you correctly configure a workflow to trigger only on pull requests targeting the main branch? Use on: pull_request: branches: [main] to specify that the workflow should only run for pull requests targeting the main branch.
In GitHub Actions, how would you configure a workflow to automatically cancel previous runs of the same workflow on the same branch when a new run is triggered? Use the concurrency keyword with a unique group name that includes the branch name to automatically cancel overlapping runs.
In GitHub Actions, how would you correctly configure a workflow to cache dependencies for a Node.js application to improve build times? Include a step with uses: actions/cache@v2 and configure the path to node_modules, along with an appropriate key based on the package-lock.json file.
In GitHub Actions, if you define both branches and paths filter, what is the effect on the workflow execution? the workflow will only run when both branches and paths are satisfied
In GitHub Actions, what is the best practice for managing and sharing commonly used environment variables across multiple jobs within a workflow? Use the env keyword at the workflow level to set common environment variables for all jobs.
In GitHub Actions, what is the best practice for managing and sharing commonly used environment variables across multiple jobs within a workflow? Use the env keyword at the workflow level to set common environment variables for all jobs.
In GitHub Actions, what is the correct approach to ensure that a workflow is triggered by a push event only when specific files or directories change? Use the on: push: paths: ['specific-path/*'] syntax to trigger the workflow only when changes occur in files or directories under 'specific-path'.
In GitHub Actions, what is the correct method to reuse workflows stored in a public repository in your organization's private repository? Reference the public workflow using the uses keyword with the repository's URL and path to the workflow file.
In GitHub Actions, what is the correct method to reuse workflows stored in a public repository in your organization's private repository? Reference the public workflow using the uses keyword with the repository's URL and path to the workflow file.
In GitHub Actions, what is the recommended approach to manage and use secrets (like API keys or passwords) in a workflow that needs to access an external service? Use GitHub's encrypted secrets feature to store and access secrets in the workflow.
In GitHub Actions, you want to consume a workflow from another repository and trigger it whenever a new issue is opened in your repository. How can you achieve this? Use the on: repository_dispatch event in the target repository's workflow and dispatch an event from your repository when a new issue is opened.
In the context of actions and workflows, what roles do steps play in the overall process? they represent individual tasks within a job - Steps in GitHub Actions represent individual tasks within a job. Each step defines a specific action to be executed, such as checking out code, running tests, or deploying an application. By breaking down the job into smaller, manageable tasks, steps help streamline the workflow process and ensure efficient execution.
In the context of consuming workflows in GitHub Actions, how can you trigger a workflow in one repository as a result of an event in a separate repository? Use the on: repository_dispatch event in the consuming repository, and send a repository dispatch event from the source repository.
In the context of consuming workflows in GitHub Actions, which of the following is a correct method to specify a dependency between jobs? Use the needs keyword in the job that depends on the completion of another job.
In the context of creating a custom GitHub Action, what is the best approach to handle sensitive information, such as API keys or credentials, required by the action? Advise users to store sensitive information as encrypted secrets in their GitHub repository and pass them as environment variables to the action.
In the context of GitHub Actions, what is the correct use of environment keyword in a workflow file? environment is utilized to specify the deployment environment, such as production, staging, or development, and can enforce additional rules like manual approvals.
In the development of a custom GitHub Action, how should you handle and report errors that occur during the action's execution to ensure users of the action can effectively debug issues? Implement custom error handling in the action's code that catches and logs detailed error messages, using GitHub's logging commands for enhanced visibility.
In the development of a custom GitHub Action, what is the most effective way to handle different runtime environments (e.g., production, staging, development) within the action's logic? Include environment-specific parameters as inputs in the action's action.yml file, allowing users to specify the environment during workflow configuration. and Utilize GitHub's environment secrets and have the action dynamically adjust its behavior based on these secrets.
In the development of a custom GitHub Action, what is the most effective way to handle different runtime environments (e.g., production, staging, development) within the action's logic? Include environment-specific parameters as inputs in the action's action.yml file, allowing users to specify the environment during workflow configuration. e Utilize GitHub's environment secrets and have the action dynamically adjust its behavior based on these secrets.
In the development of a custom GitHub Action, what is the most effective way to handle different runtime environments (e.g., production, staging, development) within the action's logic? Utilize GitHub's environment secrets and have the action dynamically adjust its behavior based on these secrets. e Include environment-specific parameters as inputs in the action's action.yml file, allowing users to specify the environment during workflow configuration.
In the process of authoring a custom GitHub Action, what is the recommended approach to ensure that the action is compatible with both Linux and Windows runners? Develop the action using JavaScript, which is cross-platform and supported by the GitHub Actions runner environment on both Linux and Windows.
In the process of building a custom GitHub Action that integrates with a bug tracking system to automatically create issues based on code commits, what approach should be taken to efficiently categorize and prioritize these issues? Use keywords in commit messages to determine the priority and category of issues, and configure the action to parse these keywords.
In the process of building a custom GitHub Action that integrates with a bug tracking system to automatically create issues based on code commits, what approach should be taken to efficiently categorize and prioritize these issues? Use keywords in commit messages to determine the priority and category of issues, and configure the action to parse these keywords.
In the process of building a custom GitHub Action that integrates with a bug tracking system to automatically create issues based on code commits, what approach should be taken to efficiently categorize and prioritize these issues? Use keywords in commit messages to determine the priority and category of issues, and configure the action to parse these keywords.
In the process of creating a custom GitHub Action, what is the best practice for ensuring that the action remains maintainable and easy to update as GitHub Actions evolves and new features are released? Subscribe to GitHub's changelog and update the action only when necessary to maintain compatibility with the GitHub Actions platform. e Build the action with modular components, allowing for easy updates and integration of new features without major refactoring.
In which scenario is it appropriate to use the GITHUB_TOKEN secret in a GitHub Actions workflow? When the workflow needs to interact with the GitHub API to perform actions like committing code, creating releases, or managing issues and pull requests.
In which scenario is using GitHub-hosted runners more suitable? when you leverage the resources provided by GitHub for continuous integration
It's possible to distribute actions and workflows to multiple repositories within an enterprise by storing them in a centralized .github repository and referencing them as needed. Yes
Jeff is troubleshooting a failed GitHub actions workflow run and is searching the build logs for a particular step. His search results are empty. What are the possible reasons for empty search results? (select two) Jeff's searched text is misspelled or not present in the build logs w Jeff has not expanded each of the steps for the job and, therefore, cannot see the results
Jeff is troubleshooting an error within his workflow configuration causing it not to run. What is wrong with this workflow configuration? missing the on: keyword to specify what events will trigger the workflow
Jess is looking to programmatically access a set of workflow logs for a public repository. What pieces of information are required for accessing a set of workflow logs? owner, repo and run_id
John has configured his workflow to save artifacts created from the build job. Where can John access the artifacts from the GitHub user interface that were saved within the build job? from the Artifacts section within the Actions workflow run - The artifacts saved from the build job can be accessed from the Artifacts section within the Actions workflow run. This section provides a convenient way for users like John to view and download any artifacts generated during the workflow execution, making it easy to access and utilize the output of the build job.
John is troubleshooting a failed workflow run and would like to view the workflow file associated with the failed run. What option can he select within the failed run's menu to easily view the workflow file? View workflow file
Laura would like to add a step to her workflow configuration that adds the /tmp directory to the PATH on an Ubuntu runner. Which of the following configurations is valid? name: my-workflow on: push: branches: [ main ] jobs: Set-path-Ubuntu: name: Add user's local bin to Ubuntu PATH runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - run: echo "/tmp" >> $GITHUB_PATH
On GitHub-hosted runners, what is recorded in the "Set up job" step of a given job? (select three) GITHUB_TOKEN permissions,runner image, runner image
ow long does GitHub store logs and artifacts by default? 90 days
Phil would like to filter all workflow runs triggered by a pull request. Which filter can Phil use to achieve this in the GitHub Actions tab of his repository? Event
Rather than using code to create an error annotation, what can you use to send commands to the runner to create the same error annotation? workflow commands provided by the actions/toolkit
Ryan is looking for the GitHub Actions workflow files for his repository. Where should he look? the .github/workflows directory of the repository - The correct location to find GitHub Actions workflow files within a repository is the .github/workflows directory. This directory is the standard location where GitHub looks for workflow files to execute when triggered by events.
Sam would like to trigger a workflow when a push is made to any branch in the repository, or somebody creates a tag. How can Sam specify these events within the GitHub workflow configuration? on: [push, create]
Steve wants to create a configuration variable for use across multiple workflows. He has learned that he can define this variable at the organization, repository, or environment level. Which value takes precedence if Steve configures a variable with the same name at each level? environment-level
Steve would like to use an action in his GitHub project but wants to validate that it is trustworthy before using it. What steps can Steve take to verify the integrity of a GitHub action before deciding to use it? (select three) Review the action's action.yml file to make sure the code does what it says it does e Check if the action is in the GitHub Marketplace e Check if the action is verified in the GitHub Marketplace
The ACTIONS_STEP_DEBUG can be set to true to enable step debug logging. How can this setting be configured? as a secret or variable with the value of the secret taking precedence
The IT governance team needs to create policies for using GitHub Actions to ensure compliance and security. What is the most effective approach to achieving this objective? implement organization-wide templates defining approved GitHub Actions workflows with pre-configured security measures
The workflow logs do not provide enough detail to diagnose the problem with the recent Javascript action you completed. What steps should you take to continue troubleshooting the issue? enable debug logging to increase the verbosity of the job's logs
Tom has built a workflow that sends requests to a service that is currently unavailable. What is an appropriate action for Tom to take so that his workflow doesn't log errors until the service is restored? disable the workflow
Tony would like to include a job that echoes the current repository name. Which of the following code snippets provides an example that Tony could use? name: Code Repository on: push: branches: - main jobs: example-job: runs-on: ubuntu-latest steps: - name: Print Repository Information run: | echo "Current Repository: $GITHUB_REPOSITORY"
What accurately defines the scope of encrypted secrets in GitHub Actions? Encrypted secrets can be defined at the repository or organization level, with access limited to specific workflows.
What action must be taken if the "Publish" checkbox is disabled when attempting to release an action to GitHub Marketplace? accept the GitHub Marketplace Developer Agreement
What action should be taken if you want to find the expiration date of a specific artifact? execute a specific API call to retrieve the expiration date
What additional parameter can be added to the workflow status badge URL to display the status of a specific branch? ?branch=BRANCH-NAME
What additional steps does GitHub add to each job in a workflow run? "Set up job" and "Complete job" GitHub adds the "Set up job" step at the beginning of each job to prepare the environment and set up any necessary configurations. The "Complete job" step is added at the end of the job to finalize any actions or clean up resources used during the job execution
What advantage do composite run steps actions offer when compared to other methods of task automation in GitHub Actions? they allow for the direct execution of shell scripts without the need for additional setup
What advantage do JavaScript actions offer over Docker container actions in GitHub Actions? JavaScript actions run directly on runner machines, simplifying action code and improving execution speed
What are actions in the context of GitHub development workflows? individual tasks that can be customized to perform specific actions within development workflows
What are indicators that a GitHub Action is trustworthy? The action is published by a known organization, has a significant number of stars, and thorough documentation.
What are the benefits of reusing workflows in an organization? (select four) can build on the work of others e promotes best practice throughout the organization w makes workflows easier to maintain w avoids duplication
What are the benefits of using organization-templated workflows? (select three) promotes consistency, saves time, promotes best practices
What are the downsides to consider when choosing to use self-hosted runners in GitHub Actions? (select three) maintenance overhead for managing and updating the runner environment, the requirement of stable network connectivity for runner operation, managing the potential security risks associated with self-hosted infrastructure
What are the requirements to publish an action to the GitHub Marketplace? the action must be in a public repository - To publish an action to the GitHub Marketplace, the action must be in a public repository. This allows other users to discover and use the action through the Marketplace.
What are the steps needed to publish your action to the GitHub Marketplace? add the action's metadata file to the repository root directory, draft a release, select "Publish this Action to the GitHub Marketplace," choose categories, set a version tag, and publish the release
What are valid custom actions types within GitHub? (select three) docker container actions, composite actions, JavaScript actions
What are valid ways to specify the version of the checkout action within a GitHub workflow configuration? (select three) - uses: actions/checkout@main , - uses: actions/checkout@v4, - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3
What can be viewed directly on the Actions tab in GitHub? (select three) the branch for each workflow run e the length of time for each workflow run e the status of each workflow run
What can you understand by reading a GitHub Actions workflow configuration file? The specific steps and actions that the workflow will execute, along with the events that trigger it.
What can you understand by reading a GitHub Actions workflow configuration file? The specific steps and actions that the workflow will execute, along with the events that trigger it.
What capability does GitHub provide to enable runners to download actions from internal or private repositories, ensuring access control and security? GitHub creates a scoped installation token with read access to the repository, automatically expiring after one hour - GitHub provides runners with a scoped installation token that has read access to the repository where the actions are stored. This token is automatically generated and expires after one hour, ensuring access control and security by limiting the duration of access to the actions.
What condition prevents a user from approving a deployment from a workflow run they initiated? the targeted environment variable has a self-approval prevention configuration
What considerations should be made when developing JavaScript actions for GitHub Actions to ensure compatibility with all GitHub-hosted runners? write the JavaScript code to be pure JavaScript and not dependent on other binaries to ensure compatibility with all GitHub-hosted runners
What directory is used to store workflow files within a code repository? .github/workflows - The correct directory to store workflow files within a code repository for GitHub Actions is ".github/workflows". This directory structure is the standard convention recommended by GitHub for organizing workflow files, making it easier to locate and manage them within the repository.
What distinguishes JavaScript actions from traditional Node.js projects regarding their development and distribution? JavaScript actions involve committing dependent packages alongside the code and can be published as tagged releases to the GitHub Marketplace
What distinguishes YAML syntax from JSON when configuring workflow jobs in GitHub Actions? YAML allows significant newlines and indentation
What does this badge indicate about a GitHub Action within the Marketplace? verified creator badge
What essential step is involved in deploying a release to a cloud provider using a GitHub Actions workflow? defining deployment steps in the GitHub Actions workflow YAML file
What functionality does a composite action offer in GitHub Actions? combining multiple workflow steps into one action for streamlined execution - Composite actions in GitHub Actions allow users to combine multiple workflow steps into a single reusable action. This helps streamline the execution of workflows by encapsulating complex logic or repeated steps into a single unit, making workflows easier to read and maintain.
What happens if a job is not approved within 30 days while awaiting review in a workflow? the job will automatically fail - If a job is not approved within 30 days while awaiting review in a workflow, the job will automatically fail as the approval process has not been completed within the specified timeframe. This ensures that the workflow does not get stuck indefinitely and allows for proper handling of job statuses.
What happens if a job marked as a dependency fails in a workflow with a dependent job? the entire workflow is marked as failed
What impact does configuring IP allow lists have on GitHub-hosted and self-hosted runners? It restricts runner access to only those IP addresses specified in the allow list, enhancing security.
What information is essential when drafting a new release and publishing an action to GitHub Marketplace? the action's metadata file's category must match an existing GitHub Marketplace category - When drafting a new release and publishing an action to GitHub Marketplace, it is essential that the action's metadata file's category matches an existing GitHub Marketplace category. This ensures that the action is listed in the correct category for users to discover and use effectively.
What is a best practice for distributing custom actions in GitHub Actions? Ensure the action is well-documented, including clear instructions on usage, inputs, and outputs.
What is a best practice for distributing custom actions in GitHub Actions? Ensure the action is well-documented, including clear instructions on usage, inputs, and outputs.
What is a best practice for maintaining self-hosted runners in GitHub Actions? Regularly update the runners' software and monitor their performance and logs
What is a best practice for managing encrypted secrets at the repository level in GitHub Actions? Use the repository settings to add encrypted secrets that are specific to the repository.
What is a common purpose of using custom environment variables? to store and reuse non-sensitive configuration information
What is a critical consideration when deleting an artifact? once deleted, an artifact cannot be restored ou irreversibility of the deletion.
What is a crucial aspect of monitoring self-hosted runners in an enterprise environment? Regularly checking the status and performance metrics of runners to ensure they operate optimally.
What is a crucial step when configuring a workflow to publish an image to the GitHub Container Registry? Authenticating with the GitHub Container Registry and pushing the image using appropriate commands within a workflow run
What is a drawback of using tags for versioning GitHub Actions, and what is the recommended alternative? Tags may not accurately represent the commit history and can be prone to deletion or movement. The recommended alternative is to use commit SHAs for versioning
What is a key advantage of using self-hosted runners in a CI/CD pipeline? allow users to customize the runner and environment
What is a key benefit of using service containers in a workflow for testing databases and services? easy access to actual or simulated external dependencies
What is a key consideration when creating a release strategy for a GitHub Action? Implement versioning to track changes, facilitate backward compatibility, and manage releases effectively.
What is a key consideration when creating a release strategy for a GitHub Action? Implement versioning to track changes, facilitate backward compatibility, and manage releases effectively.
What is a key consideration when selecting the appropriate runners to support specific workloads? Select runners based on workload requirements, such as processing power or specific software dependencies.
What is a key difference between GitHub-hosted and self-hosted runners in GitHub Actions? GitHub-hosted runners provide a predefined environment, while self-hosted runners offer more control and customization options.
What is a key difference between GitHub-hosted and self-hosted runners in GitHub Actions? GitHub-hosted runners provide a predefined environment, while self-hosted runners offer more control and customization options.
What is a key step when publishing to GitHub Packages using a GitHub Actions workflow? Configure the workflow to authenticate with GitHub Packages and push the package using the appropriate command.
What is a necessary step when configuring a GitHub Actions workflow to deploy a release to a cloud provider? Configure the workflow to authenticate with the cloud provider and use the provider's deployment tools or CLI within the workflow steps.
What is a primary method for diagnosing a failed GitHub Actions workflow run? Checking the workflow run history and logs to identify error messages and the steps where the failure occurred.
What is a recommended practice for users when referencing a GitHub Action in their workflows? specify a major version when using the action, and direct to a more specific version only if issues arise
What is a requirement for publishing an action to GitHub Marketplace? the action’s metadata file must be in the root directory of the repository
What is a valid workflow configuration to automatically publish a Node.js package to GitHub Packages when a release is published? name: Node.js Package on: release: types: [published] jobs: publish: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 with: node-version: '20.x' registry-url: 'https://npm.pkg.github.com/' - run: npm ci - run: npm publish env: NODE_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}
What is an essential aspect of defining the syntax for jobs in a GitHub Actions workflow file? Jobs should be defined with correct indentation and encapsulated within the jobs keyword.
What is an essential step when configuring self-hosted runners for enterprise use? Configure network settings, including proxies and IP allow lists, to ensure secure and efficient operation within the enterprise environment.
What is an essential step when publishing an action to the GitHub Marketplace? Ensure the action's repository is public and includes a README file with detailed usage instructions.
What is an essential step when publishing an action to the GitHub Marketplace? Ensure the action's repository is public and includes a README file with detailed usage instructions.
What is crucial for the correct syntax of jobs in a GitHub Actions workflow file? Jobs should be defined under the jobs key with proper indentation to ensure the structure is correctly interpreted.
What is crucial for the correct syntax of jobs in a GitHub Actions workflow file? Jobs should be defined under the jobs key with proper indentation to ensure the structure is correctly interpreted.
What is crucial to include in the action.yml file when defining a new GitHub Action? The name, description, inputs, outputs, and runs steps for the action.
What is essential for correctly defining the syntax of jobs in a GitHub Actions workflow file? Jobs should be defined under the jobs key, with proper indentation and structure to ensure correct parsing and execution.
What is one of the main reasons for hosting a GitHub Action in a separate repository when making it public? it makes it easier for developers to extend and fix issues with the action
What is required to manually run a private repository's workflow using the GitHub REST API? Personal Access Token - A Personal Access Token is required to authenticate and authorize API requests when running a private repository's workflow using the GitHub REST API. This token acts as a substitute for your GitHub password and provides a secure way to access GitHub resources without compromising your actual password.
What is the best practice for updating self-hosted runners? Implementing a regular update schedule to ensure runners have the latest features and security patches.
What is the correct syntax for defining custom environment variables in a step of a GitHub Actions workflow? steps: - name: Example step run: echo "Hello world" env: CUSTOM_VAR: "value"
What is the correct syntax for defining custom environment variables in a step of a GitHub Actions workflow? steps:- name: Example step run: echo "Hello world" env:CUSTOM_VAR: "value"
What is the difference between disabling and deleting a workflow in GitHub Actions? Disabling a workflow stops it from being triggered but retains the workflow file in the repository, while deleting a workflow removes the file entirely.
What is the difference between disabling and deleting a workflow in GitHub Actions? Disabling a workflow stops it from being triggered but retains the workflow file in the repository, while deleting a workflow removes the file entirely.
What is the filename of the metadata file that defines the inputs, outputs, and runs configuration for your action? action.yaml - The filename "action.yaml" is correct because it is the standard filename for the metadata file that defines the inputs, outputs, and runs configuration for a GitHub Action. This file is essential for configuring and defining the behavior of the action within a repository.
What is the GITHUB_TOKEN secret used for in a workflow? to authenticate on behalf of GitHub Actions - The GITHUB_TOKEN secret is used to authenticate GitHub Actions when they interact with the GitHub API on behalf of the workflow. It provides the necessary permissions for actions to perform tasks such as checking out code, pushing code changes, creating issues, and more.
What is the maximum number of jobs that a matrix can generate per workflow run? 256 jobs
What is the minimum time granularity available for scheduling GitHub Actions? five minutes - GitHub Actions allows for scheduling workflows with a minimum time granularity of five minutes. This means that workflows can be scheduled to run at specific times or intervals with a precision of five minutes, providing flexibility in automation and execution timing.
What is the most effective approach for distributing actions within an enterprise? Create a centralized shared repository and utilize GitHub's internal networking features for distribution.
What is the primary benefit of being able to move self-hosted runners into and between groups? It allows for flexible resource management and adapts to changing project needs or organizational structures.
What is the primary benefit of configuring caching for workflow dependencies in GitHub Actions? To speed up workflow execution by reusing previously downloaded or built dependencies.
What is the primary purpose of an automated release management strategy? prioritize security by only committing dependencies to tagged release commits and performing builds during a release
What is the primary purpose of caching dependencies in a GitHub Actions workflow? decrease network utilization, runtime, and cost - Caching dependencies in a GitHub Actions workflow helps decrease network utilization, runtime, and cost by storing and reusing dependencies that have already been downloaded or built. This reduces the need to fetch dependencies from external sources repeatedly, leading to faster workflow execution and lower costs associated with data transfer and processing.
What is the primary purpose of creating a comprehensive README.md file for a custom GitHub Action? facilitate the action's adoption by other users by offering detailed documentation
What is the primary purpose of custom labels in GitHub Actions for self-hosted runners? routing jobs to specific types of self-hosted runners based on their labels - Custom labels in GitHub Actions are primarily used for routing jobs to specific types of self-hosted runners based on their labels. This allows for better resource management and optimization by ensuring that jobs are executed on the most suitable runners based on their capabilities and configurations.
What is the primary purpose of dependent jobs in a workflow? to define sequential execution order within a workflow - Dependent jobs in a workflow are used to define the sequential execution order within the workflow. This means that one job will only start after the successful completion of the job it depends on, ensuring a specific order of execution.
What is the primary purpose of organization-level secrets? organization-level secrets enable sharing secrets between multiple repositories, reducing the need for duplicate secrets
What is the primary purpose of the marketplace in the context of actions, workflows, jobs, steps, and runs? providing a platform for publishing and sharing actions
What is the primary purpose of using CodeQL in a GitHub Actions workflow? To automatically analyze the codebase for vulnerabilities and code quality issues as part of the CI/CD process.
What is the primary purpose of using workflow commands as a run step in a GitHub Actions workflow? to communicate instructions and information to the runner environment
What is the purpose of a job and its associated steps when using job steps for actions and shell commands? define a specific task or unit of work with a sequence of steps
What is the purpose of adding a workflow status badge to a repository? To provide a visual representation of the workflow's status (e.g., passing, failing) on the repository's README or other web pages.
What is the purpose of adding a workflow status badge to a repository? To provide a visual representation of the workflow's status (e.g., passing, failing) on the repository's README or other web pages.
What is the purpose of setting a default working default directory for run commands in a workflow? specify the location of the script files within the repository
What is the purpose of the continue-on-error keyword in a GitHub Actions step? it allows the workflow to continue even if the step fails
What is the purpose of the GITHUB_ACTIONS variable? it always evaluates to true when GitHub Actions is running in the workflow
What is the purpose of the jobs section in a GitHub Actions workflow? to organize and define the steps to be executed in parallel or sequentially
What is the purpose of the jobs..runs-on configuration in a GitHub Actions workflow? specifies the operating system and virtual environment for job execution
What is the purpose of the restore-keys parameter in the GitHub Actions cache action? provide alternative keys to use in case of a cache miss
What is the purpose of the timeout-minutes keyword in a step? it specifies the maximum number of minutes to run the step before killing the process
What is the purpose of the workflow_dispatch event? enables manual triggering of the workflow
What is the purpose of using conditional keywords in steps within a GitHub Actions workflow? To control the execution of specific steps based on the outcome of previous steps or the context of the workflow run.
What is the purpose of using conditional keywords in steps within a GitHub Actions workflow? To control the execution of specific steps based on the outcome of previous steps or the context of the workflow run
What is the purpose of using conditional keywords in steps within a GitHub Actions workflow? To run steps only if certain conditions are met, adding flexibility and control to the workflow.
What is the recommended approach for storing secrets larger than 48 KB? use a workaround involving encryption with GPG and storing the decryption passphrase as a secret
What is the recommended practice for treating environment variables in GitHub Actions, regardless of the operating system and shell used? treat environment variables as case-sensitive
What is the recommended way to pass data between jobs in a GitHub Actions workflow? Use artifacts to share data between jobs, ensuring the output from one job is available to subsequent jobs.
What is the recommended way to pass data between jobs in a GitHub Actions workflow? Use artifacts to share data between jobs, ensuring the output from one job is available to subsequent jobs.
What is the role of approval gates in GitHub Actions workflows? To introduce manual approval steps in the workflow, allowing stakeholders to review and approve changes before they proceed.
What is the role of CodeQL when used as a step in a GitHub Actions workflow? To automatically analyze the codebase for vulnerabilities and code quality issues.
What is the role of implementing workflow commands as a run step in a GitHub Actions workflow? To communicate with the runner, setting environment variables or altering the workflow behavior.
What is the standard syntax for referencing secrets so you can use the GITHUB_TOKEN? ${{ secrets.GITHUB_TOKEN }}
What is the URL for the GitHub Container Registry? ghcr.io
What is true about the following workflow configuration if triggered against the myorg/my-dev-repo repository? the production-deploy job will be marked as skipped
What level of access is required on a GitHub repository in order to delete log files from workflow runs? write
What level of access is required to download workflow artifacts? read
What metadata keywords within an action.yml file is used to indicate the type of action being executed? runs: using:
What network requirement is necessary for self-hosted runners in GitHub Actions for connectivity to GitHub? permitindo conectividade de saída para hosts GitHub usando long polling
What scope levels can you create an encrypted secret in a GitHub organization? (select three) repository w organization w environment
What should be considered when configuring self-hosted runners for enterprise use? Configure networking, proxies, and labels appropriately to adhere to enterprise policies and infrastructure.
What status should you filter on to see only failed workflow runs on the GitHub Actions tab? failure - Filtering on "failure" will show only the workflow runs that have failed specifically. This is the correct status to filter on if you want to see only the failed workflow runs on the GitHub Actions tab.
What step should you take to verify the environment variables passed to your Docker container action? use the env command within the Docker container action to display the environment variables
What will be the 4 colors echoed back for the jobs in the workflow configuration below? My color is green 🎉 My favorite color is blue 🎉 My color is 🎉 My favorite color is orange
What will occur if the .github/workflows directory contains an invalid workflow file? GitHub Actions generates a failed workflow run for every new commit
What will the value of the NAME variable be when this workflow is triggered? My Action 3
When a GitHub repository contains multiple custom actions, where is the recommended location to store the action files? .github/actions with separate subdirectories for each action
When are service containers created and destroyed for each configured service? created for each job and destroyed when the job is completed
When assessing the trustworthiness of a GitHub Action, what should you look for? The action has positive reviews, is maintained actively, and the source code is publicly available for review.
When authoring a custom GitHub Action that integrates with an external API, how should you handle potential API rate limits to prevent disruptions in user workflows? Implement logic in the action to detect rate limit errors and automatically retry the request after a sensible delay AND Provide an option for users to input their own API keys, allowing them to manage their rate limits independently.
When authoring a custom GitHub Action that integrates with an external API, how should you handle potential API rate limits to prevent disruptions in user workflows? Provide an option for users to input their own API keys, allowing them to manage their rate limits independently. AND Implement logic in the action to detect rate limit errors and automatically retry the request after a sensible delay.
When authoring a custom GitHub Action that integrates with an external API, how should you handle potential API rate limits to prevent disruptions in user workflows? Provide an option for users to input their own API keys, allowing them to manage their rate limits independently.,Implement logic in the action to detect rate limit errors and automatically retry the request after a sensible delay. e
When authoring a custom GitHub Action to be used across multiple projects within an organization, what is the best practice for handling updates to the action to minimize disruptions in those projects? Release new versions of the action using version tags, and instruct projects to use specific versions rather than the latest commit on the main branch.
When authoring a custom GitHub Action, what is the best practice for managing and versioning the action to ensure stability and ease of maintenance for users? Create specific releases or tags for stable versions of the action, and advise users to reference these in their workflows.
When authoring a JavaScript-based custom GitHub Action, what is the recommended approach to manage third-party dependencies that the action requires? Bundle the dependencies with a tool like Webpack, and commit the bundled file along with your action code to the repository.
When authoring and maintaining workflows in GitHub Actions, which of the following statements is accurate? Workflows are defined in YAML files and should be placed in the .github/workflows directory of the repository
When authoring and maintaining workflows in GitHub Actions, which statement is correct regarding the use of jobs..strategy in a workflow file? Within strategy, the matrix keyword can be used to run tests across multiple versions of a language or operating system.
When configuring IP allow lists for GitHub-hosted and self-hosted runners, what is the primary effect? It restricts which IP addresses can interact with your runners, enhancing security.
When consuming workflows in GitHub Actions, how can you ensure that a workflow is triggered only when a new release is published in another repository within the same organization? Configure a repository_dispatch event in the source repository and trigger it manually when a new release is published.
When creating a custom action for GitHub Actions, which of the following files are required? (select three) Dockerfile for containerized actions, main.js or index.js for JavaScript actions e action.yml or action.yaml for action metadata
When creating a custom GitHub Action in a public repository, what is the best practice for ensuring the action's code adheres to consistent coding standards and best practices? Implement a linter in the action's development workflow to automatically check code submissions for adherence to defined coding standards.
When creating a custom GitHub Action in a public repository, what is the best practice for ensuring the action's code adheres to consistent coding standards and best practices? Implement a linter in the action's development workflow to automatically check code submissions for adherence to defined coding standards.
When creating a custom GitHub Action in a public repository, what is the best practice for ensuring the action's code adheres to consistent coding standards and best practices? Implement a linter in the action's development workflow to automatically check code submissions for adherence to defined coding standards.
When creating a custom GitHub Action that integrates with third-party services, what approach should be adopted to handle service outages or downtime to ensure minimal impact on workflow execution? Implement retry logic in the action to attempt reconnection to the third-party service a set number of times before failing., Provide users with the option to skip steps dependent on the third-party service during outages, through input parameters in the action.
When creating a custom GitHub Action that integrates with third-party services, what approach should be adopted to handle service outages or downtime to ensure minimal impact on workflow execution? Implement retry logic in the action to attempt reconnection to the third-party service a set number of times before failing. e Provide users with the option to skip steps dependent on the third-party service during outages, through input parameters in the action.
When creating a custom GitHub Action that is expected to evolve and scale over time, how should version control and release management be handled to ensure backward compatibility and minimize disruption for users? Implement semantic versioning for the action, using tags to mark stable release versions, and instruct users to reference specific versions.
When creating a new GitHub action, what are the valid names of the metadata file that can be used? (select two) action.yaml and action.yml
When designing a custom GitHub Action to automatically update documentation based on code changes, what is the best approach to ensure that the documentation remains synchronized with the codebase across different branches? Trigger the action on every push event across all branches, ensuring documentation updates occur in parallel with code changes. AND Implement logic in the action to detect code changes that affect documentation and update relevant branches accordingly.
When designing a custom GitHub Action to facilitate code reviews by automatically assigning reviewers based on the type of changes made, what method should be used to determine the most appropriate reviewers for each pull request? Use a configuration file in the repository that maps specific types of changes to relevant reviewers, allowing for easy updates and customization.
When developing a composite run steps action in GitHub Actions, what is the recommended way to include external scripts or code files that the action depends on? Include the external scripts or code files in the same repository as the action and reference them using relative paths in the runs.steps entries.
When developing a custom Docker-based GitHub Action, what is the recommended method for passing input parameters from the workflow to the Docker container? Define input parameters in the action's metadata file (action.yml) and access them as environment variables inside the Docker container.
When developing a custom GitHub Action for automating dependency updates in a multi-language project environment, what is the most efficient approach to handle updates across different programming languages and package managers? Implement a modular action with plug-ins or scripts for each language and package manager, allowing the action to be extended as needed.
When developing a custom GitHub Action for code analysis and linting, how can you best ensure that the action remains up-to-date with the latest coding standards and practices in a rapidly evolving programming language ecosystem? Allow users to specify their own set of rules or link to an external ruleset in their workflow configuration. E Integrate the action with a popular, actively maintained linting tool or library, automatically updating to the latest version on each run.
When developing a custom GitHub Action for code analysis and linting, how can you best ensure that the action remains up-to-date with the latest coding standards and practices in a rapidly evolving programming language ecosystem? Integrate the action with a popular, actively maintained linting tool or library, automatically updating to the latest version on each run. AND Allow users to specify their own set of rules or link to an external ruleset in their workflow configuration.
When developing a custom GitHub Action for code analysis and linting, how can you best ensure that the action remains up-to-date with the latest coding standards and practices in a rapidly evolving programming language ecosystem? Integrate the action with a popular, actively maintained linting tool or library, automatically updating to the latest version on each run. e Allow users to specify their own set of rules or link to an external ruleset in their workflow configuration.
When developing a custom GitHub Action that interacts with external APIs, what is the best strategy to manage and rotate API keys or tokens to enhance security? Store the API keys or tokens as encrypted secrets in the GitHub repository and reference them in the action's code.
When developing a custom GitHub Action that involves complex computational tasks, what is the best approach to optimize performance and reduce execution time? Implement caching mechanisms in the action to store and reuse computational results where possible. AND Offload the computational tasks to an external server or cloud service, and have the action interact with that service.
When developing a custom GitHub Action that involves complex computational tasks, what is the best approach to optimize performance and reduce execution time? Offload the computational tasks to an external server or cloud service, and have the action interact with that service. and Implement caching mechanisms in the action to store and reuse computational results where possible.
When developing a custom GitHub Action that involves complex computational tasks, what is the best approach to optimize performance and reduce execution time? Offload the computational tasks to an external server or cloud service, and have the action interact with that service. e Implement caching mechanisms in the action to store and reuse computational results where possible.
When diagnosing a failed GitHub Actions workflow run, which of the following steps are appropriate? Review the workflow run history to identify patterns or recurring issues. AND Use GitHub's REST API to programmatically fetch logs for the failed workflow run.
When establishing corporate standards for managing GitHub Actions workflows within a large organization, which of the following elements are essential to document for optimal clarity and organization? (select three) repositories used for storing different workflow components e plans for ongoing maintenance and version control of workflows e naming conventions for files and folders within workflows
When implementing a GitHub Actions workflow, how can you conditionally skip a job unless a manual trigger is activated, such as a comment in a pull request? Use the on: issue_comment trigger combined with a job-level if condition checking the comment content.
When implementing a GitHub Actions workflow, how can you conditionally skip a job unless a manual trigger is activated, such as a comment in a pull request? Use the on: issue_comment trigger combined with a job-level if condition checking the comment content.
When implementing workflow commands within an action to communicate with the runner, what is important to consider? Always use exit codes to communicate the status of the action to the runner.
When managing and publishing GitHub Actions, which of the following practices are recommended? Provide comprehensive documentation, including usage instructions, input and output descriptions, and example workflows. AND Regularly update and maintain your actions, ensuring they are compatible with the latest GitHub features and security standards. AND Use clear and descriptive naming conventions for your actions and repositories.
When managing and publishing GitHub Actions, which of the following practices are recommended? Regularly update and maintain your actions, ensuring they are compatible with the latest GitHub features and security standards. and Use clear and descriptive naming conventions for your actions and repositories. AND Provide comprehensive documentation, including usage instructions, input and output descriptions, and example workflows.
When managing and publishing GitHub Actions, which of the following practices are recommended? Use clear and descriptive naming conventions for your actions and repositories., Provide comprehensive documentation, including usage instructions, input and output descriptions, and example workflows., Regularly update and maintain your actions, ensuring they are compatible with the latest GitHub features and security standards.
When managing repository-level encrypted secrets, what is an important practice? Secrets should be scoped to specific environments or branches, limiting access where necessary.
When managing repository-level encrypted secrets, what is an important practice? Secrets should be scoped to specific environments or branches, limiting access where necessary.
When managing repository-level encrypted secrets, what is an important practice? Secrets should be scoped to specific environments or branches, limiting access where necessary.
When managing runners for an enterprise, which of the following practices should be implemented? Select runners based on the specific workload requirements, including the necessary operating system and hardware needs. AND Regularly monitor, troubleshoot, and update self-hosted runners to ensure they are secure and functioning optimally. AND Configure IP allow lists to control access to both GitHub-hosted and self-hosted runners.
When might it be appropriate to use a combination of GitHub-hosted and self-hosted runners in a workflow? when dealing with resource-intensive tasks - Using a combination of GitHub-hosted and self-hosted runners can be beneficial when dealing with resource-intensive tasks. GitHub-hosted runners may have limitations in terms of resources, so adding self-hosted runners with higher capabilities can help handle tasks that require more processing power or memory.
When selecting a runner for GitHub Actions that is cost-effective and requires minimal management, which option would be most suitable? GitHub-hosted runners provided by GitHub
When selecting the appropriate runners for support workloads in GitHub Actions, what factor is essential to consider specifically concerning supported operating systems? compatibility of the operating system with the tools and dependencies required for support tasks
When setting up a CI/CD pipeline, how should you select the appropriate runners to support your workloads? Choose runners based on the workload requirements, such as the necessary operating system or specific hardware needs.
When setting up a GitHub Actions workflow, how can you ensure that a job is only executed if a previous job in the workflow has failed? Use the if: failure() condition combined with the needs keyword, like needs: [previous_job] and if: failure() in the job definition.
When setting up a GitHub Actions workflow, how can you ensure that a job is only executed if a previous job in the workflow has failed? Use the if: failure() condition combined with the needs keyword, like needs: [previous_job] and if: failure() in the job definition.
When setting up a GitHub Actions workflow, which of the following components are required? (select three) action metadata file, workflow file in YAML format e trigger events to initiate the workflow
When the workflow below is triggered, what will the Print name step evaluate to? Hello My Action. We are currently running the Build job. Using Java Version 11 - This choice is correct because it correctly evaluates the environment variables and prints the values of NAME, BUILD, and JAVA_VERSION. The output will be "Hello My Action. We are currently running the Build job. Using Java Version 11".
When troubleshooting a Docker container action in a GitHub Actions workflow, you notice that the action fails to start. Which of the following steps should you take first? Check the Dockerfile for any syntax errors or missing dependencies.
When troubleshooting issues related to custom environment variables in a workflow, what is a recommended step? review workflow logs and documentation for configuration details
When using job steps for actions, which YAML key is used to specify the GitHub Action to be executed within a job step? uses
When using required: true for inputs in a GitHub Actions workflow file, what behavior should you expect when manually running the workflow with workflow_dispatch? GitHub will automatically prompt the user to specify inputs before running the workflow
When working with encrypted secrets in GitHub Actions, what determines the scope of an encrypted secret? Whether the secret is stored at the organization level or the repository level.
When you specify an input in a workflow file or use a default input value, what naming convention does GitHub use to create the corresponding environment variable? it converts input names to uppercase letters and replaces spaces with _ characters
Where can custom environment variables be set in a GitHub Actions workflow? In the env key at the workflow, job, or step level.
Where can you access the logs of a GitHub Actions workflow run from the GitHub user interface? In the 'Actions' tab of the repository, by selecting the specific workflow run.
Where can you locate a workflow file in a GitHub repository? In the .github/workflows directory at the root of the repository.
Where can you set custom environment variables in a workflow? in the workflow file
Where should sensitive information, such as access tokens and passwords, be stored when configuring GitHub Actions workflows? As encrypted secrets, which can be accessed in the workflow via the secrets context.
Which action can be used to download artifacts from a GitHub Actions workflow? the actions/download-artifact action
Which API does GitHub Actions use to output statuses, results, and logs for a workflow? Checks API - The Checks API is the correct choice because GitHub Actions use this API to output statuses, results, and logs for a workflow. It allows workflows to create detailed status checks, annotations, and summaries for each job and step in the workflow, providing visibility into the execution and results of the workflow.
Which are valid names for a workflow within GitHub actions? (select two) name: learn-github-actions e name: ${{ 'learn-github-actions' }}
Which aspect is least likely to contribute to the trustworthiness of an action listed on the GitHub Marketplace? The action is published by an individual with no prior contributions to open source.
Which configuration allows a workflow to be triggered by multiple events in GitHub Actions? Use the on keyword to specify a list of events, like push, pull_request, and schedule.
Which configuration allows a workflow to be triggered by multiple events in GitHub Actions? Use the on keyword to specify a list of events, like push, pull_request, and schedule
Which configuration is appropriate for triggering a workflow on a commit to a feature branch? on: push: branches: - 'feature/*'
Which configuration is appropriate for triggering a workflow on a pull request? on: pull_request: branches: - main - This configuration is correct as it specifies that the workflow should be triggered on a pull request specifically for the 'main' branch. This ensures that the workflow runs when a pull request is opened, updated, or synchronized for the 'main' branch
Which configuration is appropriate for triggering a workflow to run on webhook events related to check_run actions? on: check_run: types: [created, completed]
Which configuration is appropriate for triggering a workflow when a release is published? on: release: types: [published]
Which configuration provides a valid check to proceed with the steps only if the main branch triggered the workflow? (select two) name: CI on: push jobs: prod-check: if: github.ref == 'refs/heads/main' runs-on: ubuntu-latest steps: - run: echo "the main branch triggered this workflow"
Which configuration will trigger a workflow when an issue is opened in the repository? all of the above
Which context property can be used to access information about the event that triggered a workflow run? github.event
Which default environment variables cannot be overwritten using the GITHUB_ENV file in a workflow? GITHUB_* and RUNNER_* - The default environment variables starting with "GITHUB_" and "RUNNER_" cannot be overwritten using the GITHUB_ENV file in a workflow. These variables are reserved and cannot be modified to maintain the integrity and security of GitHub Actions workflows.
Which event configuration correctly triggers a workflow in GitHub Actions? Using the on keyword in the workflow file to specify the type of event, such as push, pull_request, or schedule.
Which event configuration correctly triggers a workflow in GitHub Actions? Using the on keyword in the workflow file to specify the type of event, such as push, pull_request, or schedule.
Which key in a workflow file is used to set a custom environment variable for a single workflow? env
Which keyword is used to conditionally execute a step based on a specific expression or condition? if - The 'if' keyword is used in GitHub Actions to conditionally execute a step based on a specific expression or condition. It allows you to define when a step should run based on the result of the expression provided.
Which keyword within a GitHub workflow configuration is used to match a triggering event? on:
Which method can be used to access the logs of a GitHub Actions workflow run using GitHub's REST API? Send a GET request to the appropriate endpoint with the workflow run ID to retrieve the logs.
Which method can be used to access the logs of a GitHub Actions workflow run using GitHub's REST API? Send a GET request to the appropriate endpoint with the workflow run ID to retrieve the logs.
Which method can be used to access the logs of a GitHub Actions workflow run using GitHub's REST API? Send a GET request to the appropriate endpoint with the workflow run ID to retrieve the logs.
Which of the following are advanced configurations in GitHub Actions workflows? Adding environment protections to ensure workflows run only in safe, approved contexts., Defining a matrix of different job configurations to test across multiple environments. and Removing workflow artifacts after a certain period to manage storage and maintain cleanliness.
Which of the following are advanced configurations in GitHub Actions workflows? Removing workflow artifacts after a certain period to manage storage and maintain cleanliness. AND Adding environment protections to ensure workflows run only in safe, approved contexts AND Defining a matrix of different job configurations to test across multiple environments.
Which of the following are benefits of reusing templates for actions and workflows in GitHub Actions? (Choose 2) Significantly reduces the time required for onboarding new team members., Ensures consistency and best practices across multiple projects.
Which of the following are best practices for managing encrypted secrets in GitHub Actions? Regularly rotate secrets to minimize the risk of exposure., Use environment-specific secrets to tailor access based on deployment stages. and Audit access to secrets and review usage in workflows regularly.
Which of the following are best practices for managing encrypted secrets in GitHub Actions? Use environment-specific secrets to tailor access based on deployment stages., Audit access to secrets and review usage in workflows regularly., Regularly rotate secrets to minimize the risk of exposure.
Which of the following are components of a GitHub Actions workflow? Conditional keywords that control the execution of jobs and steps based on certain conditions. AND Jobs, which group together individual steps that run as part of the workflow. AND Steps, which represent individual tasks like running a script or an action.
Which of the following are deployment protections that can be configured on an environment? (select three) restrict which branches can deploy to the environment e prevent self-reviews for deployment e require reviewers before deployment
Which of the following are effective troubleshooting steps for self-hosted runners? (Choose 2) Verifying network connectivity and access controls., Reviewing logs for error messages or warnings.
Which of the following are true about Javascript actions? (select three) You can speed up development by using the GitHub Actions toolkit, Javascript actions run directly on the runner and will use existing binaries e Javascript actions can run on Linux, Windows, or macOS runners
Which of the following are true regarding the components and integration of actions, workflows, jobs, steps, runs, and the marketplace in GitHub Actions? Marketplace is a platform where pre-built actions can be published and used within workflows without custom coding., Conditional keywords can be used in steps to control their execution based on certain conditions. and Workflows are automated processes defined by jobs, which in turn consist of steps that can include actions or shell commands.
Which of the following are true regarding the components and integration of actions, workflows, jobs, steps, runs, and the marketplace in GitHub Actions? Workflows are automated processes defined by jobs, which in turn consist of steps that can include actions or shell commands., Marketplace is a platform where pre-built actions can be published and used within workflows without custom coding. e Conditional keywords can be used in steps to control their execution based on certain conditions.
Which of the following are valid steps to troubleshoot a JavaScript action in a GitHub Actions workflow? Examine the action's documentation for any known issues or requirements. AND Check the package.json file to ensure all dependencies are correctly listed and versions are compatible. AND Review the workflow logs for any error messages or indications of where the process is failing.
Which of the following default environment variables contains the operating system of the runner executing the job? RUNNER_OS
Which of the following events can trigger workflows? (select three) when a commit is pushed to the repository - When a commit is pushed to the repository, it can trigger workflows in GitHub Actions. This event is essential for automating tasks such as running tests, building the project, or deploying changes after a code commit.
Which of the following is a benefit of manually triggering workflows? allows for the testing of workflows in a controlled environment
Which of the following is a best practice for managing and leveraging reusable components in an enterprise setting? Utilize a dedicated repository for storage and establish clear naming conventions for files and folders.
Which of the following is an advantage of using shell commands in job steps within a GitHub Actions workflow? shell commands provide flexibility in executing custom scripts and commands
Which of the following practices are recommended when managing releases for a GitHub Action using tags? (select three) introduce a new major version tag for changes that will break existing workflows, move the major version tag to point to the Git ref of the current release e release major versions with a beta tag to indicate their status
Which of the following should be included in a comprehensive README.md file for a custom GitHub Action? (select five) detailed description of what the action does e secrets the action uses w optional input and output arguments w required input and output arguments w environment variables the action uses
Which of the following statements accurately describes the behavior of workflow jobs referencing an environment's protection rules? workflow jobs won't start until all of the environment's protection rules pass
Which of the following statements accurately describes the syntax rules for indentation in YAML used for defining workflow jobs in GitHub Actions? YAML allows significant newlines and indentation, similar to Python, but unlike Python, it prohibits the use of literal tab characters for indentation
Which of the following statements are correct regarding the use of environment variables in GitHub Actions workflows? Default environment variables provide predefined context about the workflow run, like the branch name or commit SHA., Custom environment variables can be set at the workflow, job, or step level using the env keyword. and The GITHUB_ENV workflow command can be used to set environment variables for subsequent steps in a job.
Which of the following statements are correct regarding the use of environment variables in GitHub Actions workflows? The GITHUB_ENV workflow command can be used to set environment variables for subsequent steps in a job. AND Default environment variables provide predefined context about the workflow run, like the branch name or commit SHA AND Custom environment variables can be set at the workflow, job, or step level using the env keyword.
Which of the following statements are true regarding GitHub default environment variables? (select three) default environment variables are all uppercase e default environment variables are not accessible through the env context w default environment variables are available to every step in a workflow
Which option correctly configures a GitHub Actions workflow to run for multiple events? Use the on keyword in the workflow file to list multiple events like push, pull_request, and schedule.
Which statement accurately describes the accessibility of default environment variables? default environment variables are set by GitHub are are available at every step in a workflow
Which statement accurately describes the difference between GitHub-hosted and self-hosted runners? GitHub-hosted runners are fully managed by GitHub, offering convenience but less control over the environment.
Which statement accurately describes the difference between GitHub-hosted and self-hosted runners? GitHub-hosted runners are fully managed by GitHub, offering convenience but less control over the environment.
Which statement best explains why a workflow triggered by the check_suite event is not executing when run from a feature branch? the check_suite event is designed to exclusively trigger workflow runs on the default branch
Which statement describes how GitHub utilizes an action's metadata on the GitHub Marketplace page? the actions' metadata is used to provide key information and details about the action
Which variable would you set to true in order to enable step debug logging? ACTIONS_STEP_DEBUG
Which version of the actions/checkout action will be used for the following workflow configuration? no version, - uses: actions/checkout is an invalid syntax
Which workflow command is commonly used to set an output variable that can be consumed by subsequent steps in a workflow? echo
Which YAML keyword is used to specify the events that should trigger a workflow? on - The YAML keyword "on" is used to specify the events that should trigger a workflow in GitHub Actions. This keyword allows you to define the specific events, such as push, pull request, schedule, or other custom events, that will cause the workflow to run.
While executing a complex GitHub Actions workflow, you realize that the workflow logs are becoming cluttered, and you need to improve readability and organization. Which workflow command should you use to accomplish this task? group
While executing a GitHub Actions workflow, you encounter an issue where one of the actions fails unexpectedly. How does GitHub interpret the exit code of an action? GitHub interprets a zero exit code as success, indicating that the action was completed successfully and other tasks can proceed
Why does GitHub recommend using variables to access the filesystem instead of hardcoded file paths? variables provide a dynamic way to adapt to different runner environments - Using variables to access the filesystem allows for a more dynamic approach, enabling workflows to adapt to different runner environments seamlessly. This flexibility is crucial for ensuring consistent behavior across various environments and configurations.
Why is it important to avoid passing secrets between processes from the command line? passing secrets through the command line may expose them to other users and security audits
Why is it important to ensure that the repository only includes the metadata file, code, and files necessary for the action? to package the action in a single unit for tagging and releasing
Why might it be beneficial to configure workflows to authenticate directly to a cloud provider that supports OpenID Connect? enhance security by avoiding the storage of long-lived credentials as secrets
You are a developer working on a project hosted on GitHub, and you've created a custom action to automate the process of deploying your application to a staging environment. The action is designed to run in a Docker container and requires several input variables to function correctly. This action could benefit other developers in the GitHub community and want to share it. What steps should you take to share your custom action with the GitHub community? ensure your repository is public, define the action's inputs, outputs, and environment variables, and publish the action as a Docker container
You are an administrator for your GitHub organization and need to make a secret available to multiple repositories. How do you manage this secret? Store the secret at the organization level and grant access to the required repositories.
You are building a new custom action and must pass data from one step to subsequent steps in a GitHub Actions workflow. Which key should you use in the action's metadata syntax? outputs - The correct key to use in the action's metadata syntax for passing data from one step to subsequent steps in a GitHub Actions workflow is 'outputs'. This key allows you to define output parameters in your custom action that can be used by other steps in the workflow.
You are collaborating with a colleague using their repository in GitHub, but you are having trouble adding a secret for a workflow. What action is required to resolve the issue? request your colleague, who is the repository owner, to add the secret to the workflow
You are creating a new GitHub Action. What is the necessary file and directory structure you should set up? A directory at the root of the repository containing a Dockerfile or a JavaScript file, and an action.yml file.
You are creating a new GitHub Action. What is the necessary file and directory structure you should set up? A directory at the root of the repository containing a Dockerfile or a JavaScript file, and an action.yml file.
You are creating a new GitHub Action. What is the necessary file and directory structure you should set up? A directory at the root of the repository containing a Dockerfile or a JavaScript file, and an action.yml file.
You are creating a workflow and want to include the branch name that triggered the workflow run in the job. Which default environment variable should you use? GITHUBREFNAME
You are drafting organizational use policies for GitHub Actions. Which of the following should be included in your policies? Implement monitoring and auditing mechanisms to track the usage and performance of actions. , Define clear guidelines on the creation, sharing, and usage of GitHub Actions within the organization. e Regularly review and update actions to ensure compliance with security standards and best practices.
You are integrating a new action into your workflow. How can you identify the action's type, required inputs, and expected outputs? By reading the action's README.md file and the action metadata file (action.yml or action.yaml).
You are integrating a new action into your workflow. How can you identify the action's type, required inputs, and expected outputs?By reading the action's README.md file and the action metadata file (action.yml or action.yaml).
You are managing a set of self-hosted runners for your enterprise on GitHub Actions. How can you effectively manage access and organize these runners? Create groups for runners and assign runners to groups based on usage or department needs.
You are managing GitHub Actions workflows in your organization's repositories. Which of the following practices should you follow? Use encrypted secrets to store and access sensitive information like API keys and passwords in workflows., Review and integrate updates to actions cautiously, ensuring they do not break existing workflows. and Regularly review and update the actions used in your workflows to ensure they receive security updates and improvements.
You are managing GitHub Actions workflows in your organization's repositories. Which of the following practices should you follow? Use encrypted secrets to store and access sensitive information like API keys and passwords in workflows.
You are managing secrets for a specific repository in your organization. What should you consider when creating repository-level encrypted secrets? Repository-level secrets are best for sensitive data specific to one repository and are not accessible by other repositories.
You are managing secrets for a specific repository in your organization. What should you consider when creating repository-level encrypted secrets? Repository-level secrets are best for sensitive data specific to one repository and are not accessible by other repositories.
You are planning to manage reusable workflows for your organization within GitHub Actions. Which approach is recommended for optimal organization and maintainability? create a dedicated repository to store and manage all reusable workflows
You are planning to release a series of updates for your GitHub Action. What approach should you take to create an effective release strategy? Use semantic versioning to tag releases, providing clear information about the nature of each update.nnels.
You are responsible for ensuring that GitHub Actions are used securely and appropriately within your enterprise. How can you control access to these actions? Implement role-based access controls at the organization level and integrate with the enterprise's identity management system.
You are responsible for ensuring that GitHub Actions are used securely and appropriately within your enterprise.How can you control access to these actions? Implement role-based access controls at the organization level and integrate with the enterprise's identity management system.
You are reviewing a Docker container action and see this code as part of the entrypoint.sh file. What does this code indicate? a task has failed, and the code is setting a failure exit code
You are reviewing a GitHub Actions workflow and encounter an action defined in the workflow file. How can you identify the type of action used (e.g., JavaScript, Docker container, or composite)? By checking the runs section in the action's action.yml or action.yaml file.
You are setting up a CI/CD pipeline for a project that requires a specific operating system. How should you select an appropriate runner? Choose a GitHub-hosted runner that supports the required operating system.
You are setting up encrypted secrets for your projects. How does the scope of encrypted secrets differ between organization-level and repository-level in GitHub Actions? Organization-level secrets can be made available to multiple repositories, while repository-level secrets are accessible only to the repository they are set in.
You are setting up encrypted secrets for your projects. How does the scope of encrypted secrets differ between organization-level and repository-level in GitHub Actions? Organization-level secrets can be made available to multiple repositories, while repository-level secrets are accessible only to the repository they are set in.
You are tasked with creating a new custom GitHub Action for your organization's workflow. What metadata and syntax are essential to define in the action's configuration file for it to function correctly? An action.yml or action.yaml file containing the metadata and inputs, outputs, and runs sections.
You are the maintainer of a GitHub Action used by various teams in your organization. Recently, you made significant changes to the action that will break compatibility with existing workflows. How should you manage the release of this new version using tags? introduce a new major version tag v2.0.0 on the main branch and update the action's metadata accordingly
You are trying to print a debug message using workflow commands but cannot locate it in the debug logs. What could be the issue? debug messages are not displayed in the logs by default
You are trying to run a new Docker container action but getting a permission denied error when running the entrypoint.sh script. How can you resolve this? modify the entrypoint.sh script to explicitly set executable permissions before running - Modifying the entrypoint.sh script to explicitly set executable permissions before running will resolve the permission denied error. By setting the executable permissions, the script will be allowed to run as intended within the Docker container action.
You are working on a project within your organization that requires a custom GitHub Action. However, due to the sensitive nature of the project, you cannot make the action public. What approach should you take to ensure you can still utilize this action within your project? allow GitHub Actions workflows in your private repository to access another private repository containing the custom action
You encounter an issue while executing a GitHub Actions workflow and need to print a debug message to the log for troubleshooting. How can you accomplish this? echo "::debug::executing the setup script" - The correct way to print a debug message to the log in GitHub Actions is by using theecho "::debug::message"syntax. This will output the specified message as a debug message in the workflow log, allowing you to troubleshoot the issue effectively.
You have a workflow configured to run on branch protection rule events in your GitHub repository. However, you want to limit the workflow execution to exclude the deletion of branch protection rules. Which configuration should you use in your workflow file? on: branch_protection_rule: types: [created, edited] - By specifying the event types as [created, edited], the workflow will only run when branch protection rules are created or edited, excluding the deletion of branch protection rules. This configuration ensures that the workflow execution is limited to the desired events.
You have been tasked with creating a GitHub Action to automate the deployment process of your organization's web application. What would be the appropriate directory to store the workflow files? the appropriate directory is .github/workflows for workflow files
You have committed the required files to your GitHub repo for the Docker container action, but the action is failing to run. What could be the issue? the file names are case-sensitive, therefore change dockerfile to Dockerfile
You have created a GitHub Action that requires a specific Linux operating system and custom tools to run. What type of action is best suited for this environment? Docker container action - Docker container actions are best suited for environments that require specific operating systems and custom tools. By using a Docker container, you can package all the necessary dependencies and tools within the container, ensuring that the action runs consistently across different environments without the need for manual setup.
You have created a secret named api_key to use in a workflow that deploys a new application. Which of the following is the correct syntax to reference the secret as an environment variable? steps: - shell: bash env: ENV_API_KEY: ${{ secrets.api_key }} run: | ./app_install.sh The correct syntax to reference a secret as an environment variable in a GitHub Actions workflow is to use the${{ secrets.secret_name }}syntax. In this case, the secret named api_key is referenced as$}within theenvsection of the workflow step. This allows the secret value to be securely accessed and used as an environment variable during the workflow execution.
You have created a YAML workflow file for a common task for your team's testing. However, you are unsure where to store it in your organization. Where do the workflow file and associated metadata file need to be placed? in the .github/workflows directory within the repository where the task will be executed
You have developed a new GitHub Action and want to share it with the greater community. Where should you publish it? GitHub Marketplace - GitHub Marketplace is the official platform where developers can share their GitHub Actions with the broader community. Publishing your GitHub Action on GitHub Marketplace makes it easily discoverable by other users and allows for seamless integration into their workflows.
You have multiple types of self-hosted runners in your organization provisioned for different workloads. Which GitHub Actions feature allows you to categorize these different runners and easily incorporate them into workflows? runner labels
You have two GitHub repositories: Repository A and Repository B. You want to configure a workflow in Repository A to automatically trigger whenever a new pull request is created in Repository B. What is the best way to set up this integration? Configure a webhook in Repository B to trigger a repository_dispatch event in Repository A whenever a pull request is created.
You need to create a custom Javascript action for your organization, but there are problems in the actions.yml file in the code snippet shown below. What is the problem with the code? The Javascript action does not use the steps argument. Change it and use the main argument instead
You need to create a new action metadata file. What syntax should you use? YAML
You need to monitor the status of the self-hosted runners that have been deployed in your organization. After logging into the GitHub UI, what valid status types can you expect to see? (select three) active, idle, offline
You need to programmatically retrieve the logs of a specific GitHub Actions workflow run. How can you achieve this? Use GitHub's REST API and send a GET request to the appropriate endpoint with the workflow run ID.
You need to reference the value created by the step, as shown in the code below. What value should you use for the output? steps.random-number-generator.outputs.random-id
You need to reorganize your self-hosted runners due to changes in project allocations. How can you move a runner from one group to another? Use GitHub's runner management interface to reassign the runner to a different group.
You need to store a sensitive database password for your organization's GitHub Actions workflows. As an organization owner, how can you create a secure secret accessible only to specific repositories within your organization? create an organization-level secret and configure a policy to limit access to only the specific repositories that can use it
You notice that a workflow was triggered and completed a series of tasks in your repository. How can you identify the event that triggered this workflow? Examine the GITHUB_EVENT_NAME environment variable in the workflow run logs to see the type of event that triggered the workflow.
You want to configure a GitHub Actions workflow to run only for specific activity types triggered by a webhook event payload. Which keyword should you use in your workflow configuration, and how can you restrict it to specific activity types? use a typespalavra-chave com uma lista de tipos de atividades específicas
You want to ensure stability in your workflows by using a specific version of an action. How can you correctly reference a specific version of an action in your workflow file? By using the action's name followed by the @ symbol and the version tag or commit SHA (e.g., actions/checkout@v2).
You want to ensure stability in your workflows by using a specific version of an action. How can you correctly reference a specific version of an action in your workflow file? By using the action's name followed by the @ symbol and the version tag or commit SHA (e.g., actions/checkout@v2). AND
You want to ensure that specific GitHub Actions are only used by authorized personnel within your organization. What's an effective way to achieve this? Implement role-based access controls and integrate with the organization's identity management system.
You want to ensure that specific GitHub Actions are only used by authorized personnel within your organization. What's an effective way to achieve this? Implement role-based access controls and integrate with the organization's identity management system.
You want to limit the use of public actions and reusable workflows so that people can only use reusable workflows in your enterprise. Where would this be configured? In the Policies section for the targeted enterprise for your organization - Configuring the limitation of public actions and reusable workflows to only be used within your enterprise would be done in the Policies section for the targeted enterprise for your organization. This setting allows you to define and enforce specific policies and restrictions related to GitHub Actions usage within your organization.
You want to publish your new action on the GitHub Marketplace to allow others to use it. What are some of the requirements that must be met to be immediately published? (select five) you must accept the terms of service to publish actions in GitHub Marketplace and the action must be in a public repository
You want to publish your new action on the GitHub Marketplace to allow others to use it. What are some of the requirements that must be met to be immediately published? (select five) you must accept the terms of service to publish actions in GitHub Marketplace e the action must be in a public repository e the name cannot match an existing GitHub Marketplace category e the name in the action's metadata file must be unique e the action's metadata file (action.yml) must be in the root directory of the repository
You were provided a secret used by your production application, so you create a secret in the repository where the application code is managed. After creating the secret, users are complaining they can't access the secret when deploying from their own repository. What can you do to fix this? create the secret at the organization level and configure a policy that permits access to use the secret in the required repositories
You're assisting a colleague who wants to understand the differences between GitHub-hosted runners and self-hosted runners. They must choose the best option for running their team's GitHub Actions workflows. What key points would you include in your explanation to differentiate these two runner types effectively? (select three) Github-hosted runners use an ephemeral environment, which means each job typically runs on a fresh virtual machine, which means you start with a clean slate every time. e Self-hosted runners enable access to resources within your private network, unlike GitHub-hosted runners e Self-host runners often run on a persistent environment and can, if desired, retain custom configurations, software, and caching between jobs.
You're developing a custom GitHub Action for your organization's CI/CD pipeline. You're considering how to manage versioning for your action. Which practice aligns best with industry standards and simplifies version control? implement semantic versioning for your tag version to clearly communicate changes and maintain compatibility - Implementing semantic versioning for your custom GitHub Action is the best practice as it clearly communicates changes and maintains compatibility with existing workflows. Semantic versioning follows a structured format (major.minor.patch) to indicate the significance of changes, making it easier for users to understand the impact of updates.
You're maintaining a repository and decide that a particular workflow is not needed for the next two months, but it might be useful later. What action would you take? Disable the workflow to temporarily stop it from being triggered
You're using ephemeral runners in containers for your GitHub Actions workflows. However, you've noticed that these runners repeatedly update whenever a new runner version is released, causing disruptions. What action can you take to address this issue? disable automatic updates to have manual control over updating the runner version on the container image - Disabling automatic updates will give you manual control over when to update the runner version on the container image. This way, you can plan and schedule updates during less critical times to avoid disruptions in your workflows.
You've developed a custom GitHub Action for automating deployments. Your action is likely to be beneficial to other projects outside your organization. How should you distribute your action? Publish the action to the GitHub Marketplace to make it publicly available.
You've developed a custom GitHub Action for automating deployments. Your action is likely to be beneficial to other projects outside your organization. How should you distribute your action? Publish the action to the GitHub Marketplace to make it publicly available.
You've developed a custom GitHub Action to automate a specific task in your organization's CI/CD pipeline. What is the recommended first step in creating comprehensive documentation for the action? develop a thorough README.md file containing a detailed description, input and output arguments, secrets, environment variables, and usage examples for the action
You've developed a GitHub Action that automates the deployment process for your organization's web applications. You're thinking about distributing this action publicly or keeping it within your organization's private repositories. What factors might lead you to publish this action in a public repository? you want to foster collaboration and contribution from the broader GitHub community to enhance the features and functionality over time
You've finalized a new GitHub Action that automates code quality checks. How can you publish this action to the GitHub Marketplace? Create a public repository for the action, release it using tags, and then publish it through the marketplace section in your repository settings.
You've just fixed a bug in your application and the CI workflow has run successfully, generating test reports as artifacts. How would you download these artifacts from the GitHub user interface? Navigate to the Actions tab, select the specific workflow run, and find the Artifacts section to download the reports.
You've recently encountered an issue with a custom JavaScript action in your GitHub Actions workflow, where the action fails to execute as expected. What is the recommended approach for troubleshooting this issue? examine os logs do fluxo de trabalho para ver qual etapa causou a falha e revise os logs de compilação da etapa com falha para solucionar o problema
Your company uses GitHub Actions for internal projects. You want to share custom actions and scripts across teams but keep them private. How should you distribute these components? store them in a private repository with access control
Your development team frequently executes steps involving setting up environments, running tests, and deploying applications across various workflows in GitHub Actions. However, configuring these steps individually in each workflow has become cumbersome and repetitive. Which feature of GitHub Actions can help streamline this process? create composite actions to combine multiple workflow steps into a single reusable action
Your development team is responsible for deploying your organization's flagship application, which requires custom software tools for deployment. What type of runner would be ideal for this environment? self-hosted runners on virtual machines managed by the organization
Your development team is troubleshooting connectivity issues with a self-hosted runner. What parameter can be used to validate that a self-hosted runner can access all required network services on GitHub? --check
Your enterprise requires a secure and efficient method to distribute GitHub Actions across multiple teams. What is the best approach? Create a centralized shared repository for actions and enforce access controls.
Your enterprise requires a secure and efficient method to distribute GitHub Actions across multiple teams. What is the best approach? Create a centralized shared repository for actions and enforce access controls.
Your enterprise requires a systematic approach to distributing GitHub Actions across various teams. What is the most effective strategy? Develop a private, centralized repository for actions and manage access using GitHub's built-in permission system.
Your operations team plans to use GitHub-hosted runners for continuous integration tasks, but the security team insists on implementing an IP address allowlist to enhance security measures. Why might this approach be considered cumbersome for your operations team? having to update the allowlist for GitHub-hosted runner IP addresses on a weekly basis could be time-consuming and error-prone - Updating the IP address allowlist for GitHub-hosted runners on a weekly basis can be cumbersome for the operations team because it requires manual effort and is prone to errors. This repetitive task can consume valuable time and resources, leading to potential security vulnerabilities if not done accurately and promptly.
Your organization has a standard workflow template for CI/CD that you want to use in your new project. How do you apply this template to your project's repository? Select the templated workflow from your repository's Actions tab and customize it if necessary.
Your organization has stringent security requirements. What would be the effect of configuring IP allow lists on GitHub-hosted and self-hosted runners? It restricts network access, allowing only traffic from specified IP addresses to interact with the runners.
Your organization has stringent security requirements. What would be the effect of configuring IP allow lists on GitHub-hosted and self-hosted runners? It restricts network access, allowing only traffic from specified IP addresses to interact with the runners.
Your organization primarily runs its workloads on the Windows operating system and wants to start using Docker for building and testing jobs as it rearchitects its primary applications. What requirements must be met before using Docker container actions? the organization must use runners with a Linux operating system and have Docker installed
Your organization requires a runner to execute multiple GitHub Actions workflows that include CPU-intensive tasks and high-memory processes that access sensitive internal resources. Which runner type best aligns with these requirements? self-hosted runner with dedicated hardware
Your organization requires IP allowlists to protect internal resources accessed by GitHub Actions workflows. Most of your workflows run on GitHub-hosted runners, with both Windows and macOS needs. How can you achieve this desired security while ensuring workflow reliability? utilize large runners with static IP address ranges and add these ranges to the allowlist
Your organization uses a self-hosted runner deployed within a network that requires a proxy server for internet access. Which environment variable should you configure on the runner to ensure it can successfully communicate with GitHub? https_proxy - Thehttps_proxyenvironment variable should be configured on the self-hosted runner to specify the proxy server that should be used for HTTPS requests. This ensures that the runner can successfully communicate with GitHub over HTTPS through the proxy server.
Your organization uses GitHub Actions in Enterprise Cloud and wants to ensure automation is reused and maintained when creating new workflows in the organization's repositories. What feature should be used? workflow templates - Workflow templates in GitHub Actions allow organizations to create standardized, reusable automation workflows that can be easily applied to multiple repositories. By using workflow templates, organizations can ensure consistency, reduce duplication of effort, and maintain automation standards across their projects.
Your organization uses self-hosted runners for GitHub Actions and wants to implement security best practices. How can you control access to specific runners for different repositories across teams? assign runners to groups and grant repository access permissions at the group level
Your organization uses various custom actions and scripts within GitHub Actions workflows across projects. To enhance collaboration and manage components, which file and folder naming convention approach would be most beneficial? implement and enforce an organization-wide naming convention that clearly identifies the component type, purpose, and version
Your organization wants to ensure that only specific teams have access to certain self-hosted runners. How can you manage access effectively? Use GitHub's runner management interface to set access permissions for each runner group.
Your organization wants to ensure that only specific teams have access to certain self-hosted runners. How can you manage access effectively? Use GitHub's runner management interface to set access permissions for each runner group.
Your team frequently creates new repositories and wants to standardize the CI/CD process.What's the most effective way to achieve this with GitHub Actions? Utilize workflow templates stored in a designated .github repository and reference them in new repositories.
Your team has developed a GitHub Action that contains sensitive business logic specific to your organization's internal processes. You want to ensure that this action is not accessible outside of your organization. Which distribution model should you select for this action? Store the action in a private repository within your organization and manage access through repository permissions.
Your team manages its own infrastructure costs using a chargeback model and wants to ensure that development workflows do not utilize the runners paid for by your team. Which GitHub Actions feature can help achieve this goal? runner groups
Your team needs to execute a series of shell commands as part of your CI/CD pipeline to set up the environment before deploying your application. Which type of action should you use in your GitHub Actions workflow to accomplish this task? A run step that directly executes the shell commands in the runner's environment.
Your team wants to standardize CI/CD processes across multiple projects. How can workflow and action templates be reused effectively? Use a centralized .github repository to store workflow templates and reference them in individual project repositories.
Your team wants to standardize CI/CD processes across multiple projects. How can workflow and action templates be reused effectively? Use a centralized .github repository to store workflow templates and reference them in individual project repositories.
Your team wants to standardize CI/CD processes across multiple projects. How can workflow and action templates be reused effectively? Use a centralized .github repository to store workflow templates and reference them in individual project repositories.