Training Agenda

GitLab CI / GitHub Actions

GitLab CI and GitHub Actions are the two dominant cloud-native CI/CD platforms, each deeply integrated with their respective source control systems. GitLab CI offers powerful pipeline features with granular environment control; GitHub Actions brings a massive reusable workflow ecosystem and tight OIDC integration for passwordless cloud authentication.

2 days On-site, remote, or hybrid Up to 20 participants German or English
What We Cover
Production CI/CD pipelines on both major cloud-native platforms
Day 1

GitLab CI — Pipelines, Runners & Environments

  • .gitlab-ci.yml syntax: stages, jobs, script, before_script, after_script, image, services
  • Rules and workflow: rules with if/changes/exists conditions, workflow rules for push vs MR pipelines
  • DAG pipelines: needs keyword for job-level dependencies bypassing stage ordering, parallel matrix jobs
  • Runner types: shared runners, group runners, specific runners — Docker, Kubernetes, and shell executors
  • Docker-in-Docker vs socket mounting: DinD security implications, Kaniko and Buildah as alternatives
  • Environments and deployments: environment: keyword, protected environments, deployment approval gates
  • Artifacts and caching: artifacts expire_in, paths, reports (JUnit, coverage, SAST); cache keys and policy
Day 2

GitHub Actions — Workflows, OIDC & Security

  • Workflow syntax: on triggers (push, pull_request, schedule, workflow_dispatch), jobs, steps, uses vs run
  • Reusable workflows: workflow_call trigger, inputs and secrets passing, calling from other workflows
  • Composite actions: bundling multiple steps into a reusable action with action.yml
  • Runner types: GitHub-hosted runners (ubuntu, windows, macos), self-hosted runners, Actions Runner Controller on Kubernetes
  • OIDC for cloud auth: configuring trust in AWS (IAM role), Azure (federated identity), GCP (Workload Identity) — no long-lived secrets
  • Secrets and environments: repository vs environment secrets, required reviewers for environment protection
  • Actions security: pinning actions to full commit SHA, permissions: block scoping, GITHUB_TOKEN least-privilege
Learning Outcomes
What your team walks away with

Participants can build and maintain CI/CD pipelines in both GitLab CI and GitHub Actions — covering everything from basic job configuration to advanced security and reusability patterns.

Book the GitLab CI / GitHub Actions training

Reach out to schedule a session for your team — remote, on-site, or hybrid, in German or English.

Get in touch