GitHub Actions Tutorial 2026 🔥 Episode 4: The CI Pipeline Most Developers Are Missing

🔥 Welcome to Episode 4 of the GitHub Actions Tutorial Series 2026! In this video, you’ll learn how to build a SMART CI Pipeline for FastAPI that automatically tests, analyzes, and secures your code before deployment 🚀 👉 Stop bad code BEFORE it reaches production! 💡 What You’ll Learn in This Video: ✅ Run automated tests using pytest ✅ Measure code coverage with pytest-cov (80% threshold) ✅ Generate HTML & XML test reports ✅ Perform linting using flake8 (clean code practices) ✅ Run security scans using bandit 🔐 ✅ Detect vulnerable dependencies using pip-audit ⚠️ ✅ Build a centralized pipeline status system (status.json) ✅ Upload artifacts & create CI reports dashboard ⚙️ Tech Stack Covered: * FastAPI * GitHub Actions CI/CD * pytest + pytest-cov + pytest-html * flake8 + flake8-html * bandit (security scanning) * pip-audit (dependency vulnerabilities) * Docker-ready pipeline structure 🚀 Why This CI Pipeline is Powerful: This is NOT a basic pipeline. It ensures: ✔ Code quality ✔ Security compliance ✔ Test coverage enforcement ✔ Early bug detection ✔ Production-ready standards 📂 GitHub Repository: (https://github.com/shubhamagrawal17/Tutorial/tree/main/GitHub%20Actions/Day-4/fastapi-app) 📌 Series Playlist: ▶️ Episode 1 – What is GitHub Actions? + First Workflow ▶️ Episode 2 – Build Your First CI Pipeline (Build, Test & Code Quality) ▶️ Episode 3 – Build Your First CD Pipeline (Deploy to Azure) ▶️ Episode 4→ Smart CI Pipeline (This Video) 00:00 👋 Introduction – Episode 4 Overview (CI Pipeline + Docker → ACR) 00:22 📊 Dashboard Preview – Test Reports, Coverage, Lint, Security & Vulnerabilities 00:58 🌐 GitHub Pages – Serving the Static Dashboard 01:34 📝 Test Reports Overview – Pass/Fail, Code Coverage Breakdown 02:42 ⚠️ Lint Warnings Demo – Unused JWT Module Example 03:00 💻 pipeline.yml Walkthrough – File Structure Explained 03:42 ⚙️ Workflow Setup – Name, Triggers & Global Environment Variables 04:07 🏃 Test Job – Ubuntu Runner, Code Checkout, Python 3.11 + Caching 05:26 📦 Installing Dependencies – pip install, pytest, pytest-coverage, pytest-html 07:16 🧪 Running pytest – JUnit XML Report + HTML Conversion + 80% Coverage Threshold 08:41 📈 Extracting Coverage % – Inline Python Script → status.json Artifact 10:30 🔄 status.json Deep Dive – Shared Artifact Across Jobs 12:43 🧹 Lint Stage – Flake8 Setup + Downloading Artifacts 14:21 🚫 Bypassing Flake8 Errors – double pipe true Explained 16:08 🛡️ Security Stage – Bandit Scan + Hardcoded Credentials Warning 19:20 🐛 Dependency Scan Stage – pip audit + Vulnerability Detection 21:16 🚀 Deploy Reports Stage – Collecting Reports → site Folder → GitHub Pages 23:44 🌐 Enabling GitHub Pages – Repository Settings + gh-pages Branch 24:54 🚀 GitHub Pages Action – peaceiris/actions-gh-pages@v3 Setup 26:45 🐳 Build & Push Stage – Docker Image → ACR with OIDC Authentication 27:36 ☁️ Azure Setup – ACR + App Registration + Federated Credentials + ACR Push Role 31:16 🔑 GitHub Secrets – ACR Name, Client ID & Tenant ID 33:49 🚀 Triggering the Workflow – Live Run (Test + Lint Jobs) 35:36 📊 Pipeline Success – Reports Deployed + Docker Image Pushed to ACR 36:56 🔄 Dashboard Refresh – Confirming Updated Reports (Timestamp Verified) 37:26 🐞 Django Vulnerability Highlighted – Intentional Demo in requirements.txt 37:58 ❌ Removing double pipe true – Forcing a Real Lint Failure 39:38 🛑 Lint Job Fails – Pipeline Correctly Catches Errors 40:00 👋 Outro – Next Episode: Deploy to Azure Kubernetes Services (AKS) #githubactions #devops #fastapi #cicd #python #automation #softwareengineering #testing #security #docker #cloudops #azure #gitops #git #code #clouds