Microsoft GH-200 - GitHub Actions Exam

The correct minimal syntax for declaring an output in GitHub Actions is by using the foo key under outputs, and associating it with a value (in this case, Some value). This is the simplest form to define an output in a workflow or action.

The $GITHUB_ENV environment variable is used to set environment variables that persist across steps in a workflow job. By echoing FOO=bar into $GITHUB_ENV, the variable FOO will be available in subsequent steps within the same job.

GitHub Actions allows you to configure environment protection rules, where you can require specific users or teams to approve the deployment before the workflow proceeds to the next step. This ensures that the required reviewers approve the workflow before any sensitive actions (such as deployment) occur.

You can enable specific actions for the organization by identifying them and providing version control, ensuring only trusted versions are used in workflows.

GitHub-verified actions can be enabled at the enterprise level, providing an extra layer of security by ensuring that only trusted actions are available to workflows.

Actions can be published to an internal marketplace, allowing organizations to share reusable actions securely within their enterprise without exposing them to the public.

The workflow_call event is used to trigger a reusable workflow from another workflow. This allows you to create workflows that can be reused in multiple places within your organization, enabling better modularity and reducing duplication.

The first image shows a workflow trigger with an option for the test suite, and the chosen YAML configuration matches this interface. Specifically, the test suite input is defined with type: choice and includes the option value: functional, which aligns with the visible UI elements in the first image.

The core.warning() function from the @actions/core package is used to create a warning message in the workflow logs. This is an annotation type that informs users about issues that don't require failing the build but still need attention.

Using a corporate secret store like HashiCorp Vault provides a secure, centralized location for sensitive information. GitHub Actions can then retrieve and store the token securely during deployment by setting it as an environment variable, ensuring the token remains secure and accessible at runtime.

Storing the token as an organizational-level encrypted secret in GitHub ensures it is accessible across multiple repositories, minimizing management overhead. GitHub Actions can then use this secret during deployment by setting it as an environment variable, allowing the microservice to access it securely at runtime.

Once the runner is properly configured and labeled, users should be informed to select the specific runner by identifying the label or group name when defining the runner in their workflows.

Adding a custom label (like custom-software) to the runner makes it easier for users to select the runner in their workflows by using the runs-on key, which allows them to choose this specific runner based on its label.