CI/CD Pipeline Skill
GitHub Actions for Next.js
Main CI Workflow
yaml
# .github/workflows/ci.yml
name: CI
on:
push:
branches: [main, develop]
pull_request:
branches: [main]
jobs:
lint-and-test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Lint
run: npm run lint
- name: Type check
run: npm run type-check
- name: Run tests
run: npm test
- name: Build
run: npm run build
deploy-preview:
needs: lint-and-test
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: amondnet/vercel-action@v25
with:
vercel-token: ${{ secrets.VERCEL_TOKEN }}
vercel-org-id: ${{ secrets.VERCEL_ORG_ID }}
vercel-project-id: ${{ secrets.VERCEL_PROJECT_ID }}
deploy-production:
needs: lint-and-test
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: amondnet/vercel-action@v25
with:
vercel-token: ${{ secrets.VERCEL_TOKEN }}
vercel-org-id: ${{ secrets.VERCEL_ORG_ID }}
vercel-project-id: ${{ secrets.VERCEL_PROJECT_ID }}
vercel-args: '--prod'
Database Migrations
yaml
# .github/workflows/migrate.yml
name: Database Migration
on:
push:
branches: [main]
paths:
- 'supabase/migrations/**'
jobs:
migrate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Supabase CLI
uses: supabase/setup-cli@v1
with:
version: latest
- name: Run migrations
run: supabase db push
env:
SUPABASE_ACCESS_TOKEN: ${{ secrets.SUPABASE_ACCESS_TOKEN }}
SUPABASE_DB_PASSWORD: ${{ secrets.SUPABASE_DB_PASSWORD }}
Scheduled Jobs
yaml
# .github/workflows/scheduled.yml
name: Scheduled Tasks
on:
schedule:
- cron: '0 6 * * *' # Daily at 6 AM UTC
jobs:
daily-tasks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run daily cleanup
run: npm run daily-cleanup
env:
DATABASE_URL: ${{ secrets.DATABASE_URL }}
Secrets Required
code
VERCEL_TOKEN VERCEL_ORG_ID VERCEL_PROJECT_ID SUPABASE_ACCESS_TOKEN SUPABASE_DB_PASSWORD DATABASE_URL
Branch Protection Rules
- •Require PR reviews before merging
- •Require status checks to pass
- •Require branches to be up to date
- •Require linear history (optional)
Deployment Environments
- •Preview: Auto-deploy PRs to unique preview URLs
- •Staging: Deploy develop branch
- •Production: Deploy main branch only