Explore core concepts of deploying applications to Google Cloud Platform using GitHub Actions, focusing on automation, secrets management, workflow configuration, and troubleshooting best practices. This quiz will help reinforce essential principles and key steps for reliable cloud deployment pipelines.
Which event should be configured in a GitHub Actions workflow to automatically deploy to GCP after merging changes to the 'main' branch?
Explanation: The 'push' event triggers the workflow when changes are pushed to a branch, making it ideal for automatic deployments after merges. 'issued' is not a valid workflow event. 'schedule' is used for periodic runs, not related to branch updates. 'release' is only appropriate when a release is published, not for general branch deployments.
In a deployment workflow to GCP, what is the recommended method for securely storing and accessing the GCP service account key?
Explanation: Storing sensitive information like service account keys in encrypted repository secrets is the secure and recommended best practice. Keeping it as a plain text file or directly in the workflow file exposes the key to unauthorized access. Base64 encoding does not provide any security; it only changes the format, not the protection, so direct pasting is unsafe.
Before running deployment steps in a GitHub Actions workflow that interacts with GCP, what action must always precede resource deployment?
Explanation: Authenticating with service account credentials is essential to grant permissions for deployment. Updating local configuration files is related to local development, not the workflow. Creating a virtual machine is a separate infrastructure task and not always required. Pushing changes to another branch is irrelevant for triggering cloud authentication.
If your deployment workflow is not triggering as expected, which YAML configuration mistake is most likely the cause?
Explanation: Having incorrect syntax or specifying the wrong event type in the 'on' field will prevent the workflow from running as intended. Omitting 'run' can cause steps to fail, but it doesn't prevent the workflow from triggering. Comments are optional and do not affect execution. YAML syntax uses colons, but using dashes outside of lists rarely disables triggering.
Why is it considered best practice to reference environment variables for values like project IDs or region names in a deployment workflow?
Explanation: Referencing environment variables keeps configurations flexible and reduces the need to change multiple lines when updating values like project IDs or regions. It does not intentionally slow down execution or make credentials visible in logs—those are security risks. Using environment variables is a good practice for all workflows, not only scheduled ones.