GitHub Actions CI/CD

# GitHub Actions

## Basic workflow
`.github/workflows/ci.yml`
```yaml
name: CI
on:
  push: { branches: [main] }
  pull_request:

jobs:
  test:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        node: [18, 20]
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: ${{ matrix.node }}
          cache: 'npm'
      - run: npm ci
      - run: npm test
```

## Secrets
Use `${{ secrets.NAME }}`. Set in repo settings -> Secrets and variables -> Actions.

## Conditional steps
```yaml
- if: github.ref == 'refs/heads/main'
  run: npm run deploy
```

## Cache
```yaml
- uses: actions/cache@v4
  with:
    path: ~/.npm
    key: npm-${{ hashFiles('package-lock.json') }}
```

## Reusable workflows
`workflow_call` makes a workflow callable from others via `uses: ./.github/workflows/x.yml`.

## Common third-party actions
- `docker/build-push-action@v5` -- build/push images
- `peaceiris/actions-gh-pages@v3` -- deploy to gh-pages
- `softprops/action-gh-release@v1` -- create releases