# Github Actions Basics

https://docs.github.com/en/actions/about-github-actions/understanding-github-actions#the-components-of-github-actions

## Runners

* A runner is a server that runs your workflows when they're triggered. 
* Each runner can run a single job at a time.

## Workflows

A workflow is a configurable automated process that will run one or more jobs.

## Jobs vs Steps

* Steps are executed in order and are dependent on each other
* Since all steps are executed in the same runner, data can be shared from one step to another. Eg: Build the app, then test the same built app.
* Jobs on the other hand can run in parallel. You can define dependencies between jobs.

## Actions

Actions is a custom application.

# Syntax 

https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#jobsjob_idcontainer
https://docs.github.com/en/actions/writing-workflows/quickstart

## Inbuilt values

### Contexts

https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/accessing-contextual-information-about-workflow-runs

### Variables

Environment Variables

* CI : always true
* GITHUB_BASE_REF: target branch. Usually `main`
* GITHUB_HEAD_REF: source branch of pull request. `feature-branch-1`
* github.sha: The commit SHA. Eg ffac537e6cbbf934b08745a378932722df287a53
* 
https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables

### Getting SHA ID first 8 chars

https://github.com/orgs/community/discussions/26625#discussioncomment-3252582

# Grype

https://anchorecommunity.discourse.group/t/how-to-act-on-go-module-vulnerabilities/186/2

## Getting the word "main" (branch name) during builds

If the build (was triggered by) is a merge of a pull request, GITHUB_BASE_REF will contain main. 
But if it is a direct commit on the main branch, then GITHUB_REF_NAME will contain main

```yaml
env:
  BRANCH_NAME: ${{ github.base_ref || github.ref_name }}
```