diff --git a/.github/README.md b/.github/README.md
index e69de29..cf11ba4 100644
--- a/.github/README.md
+++ b/.github/README.md
@@ -0,0 +1,78 @@
+# Github Actions Basics
+
+https://docs.github.com/en/actions/about-github-actions/understanding-github-actions#the-components-of-github-actions
+
+## Runners
+
+* A runner is a server that runs your workflows when they're triggered. 
+* Each runner can run a single job at a time.
+
+## Workflows
+
+A workflow is a configurable automated process that will run one or more jobs.
+
+## Jobs vs Steps
+
+* Steps are executed in order and are dependent on each other
+* Since all steps are executed in the same runner, data can be shared from one step to another. Eg: Build the app, then test the same built app.
+* Jobs on the other hand can run in parallel. You can define dependencies between jobs.
+
+## Actions
+
+Actions is a custom application.
+
+# Syntax 
+
+https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#jobsjob_idcontainer
+https://docs.github.com/en/actions/writing-workflows/quickstart
+
+## Inbuilt values
+
+### Contexts
+
+https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/accessing-contextual-information-about-workflow-runs
+
+### Variables
+
+Environment Variables
+
+* CI : always true
+* GITHUB_BASE_REF: target branch. Usually `main`
+* GITHUB_HEAD_REF: source branch of pull request. `feature-branch-1`
+* github.sha: The commit SHA. Eg ffac537e6cbbf934b08745a378932722df287a53
+* 
+https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables
+
+### Getting SHA ID first 8 chars
+
+https://github.com/orgs/community/discussions/26625#discussioncomment-3252582
+
+# Grype
+
+https://anchorecommunity.discourse.group/t/how-to-act-on-go-module-vulnerabilities/186/2
+
+Within the image:
+```bash
+curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sudo sh -s -- -b ./bin
+
+#To check vulnerabilities
+grypd .
+#To save detailed output
+grype $MY_IMAGE -o json > vuln.json
+#OR
+grype . -o json > vuln.json
+
+#To explain the issue:
+cat vuln.json | grype explain --id CVE-2023-24537
+cat vuln2.json | grype explain --id CVE-2023-45853
+```
+
+## Getting the word "main" (branch name) during builds
+
+If the build (was triggered by) is a merge of a pull request, GITHUB_BASE_REF will contain main. 
+But if it is a direct commit on the main branch, then GITHUB_REF_NAME will contain main
+
+```yaml
+env:
+  BRANCH_NAME: ${{ github.base_ref || github.ref_name }}
+```