GitHub Actions Advanced mit Claude Code: CI/CD Pipelines 2026

# Prompt: "Erstelle einen Reusable Workflow für Node.js Build + Test # der von mehreren Repositories genutzt werden kann" # .github/workflows/node-build.yml (im zentralen Repo): name: Node.js Build & Test on: workflow_call: inputs: node-version: type: string default: '20' working-directory: type: string default: '.' secrets: NPM_TOKEN: required: false jobs: build-and-test: runs-on: ubuntu-latest defaults: run: working-directory: ${{ inputs.working-directory }} steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 with: node-version: ${{ inputs.node-version }} cache: 'npm' - run: npm ci - run: npm run build - run: npm test # In anderen Repos nutzen: # .github/workflows/ci.yml jobs: build: uses: myorg/shared-workflows/.github/workflows/node-build.yml@main with: node-version: '20' secrets: NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

# Prompt: "Teste unsere App gegen Node 18/20/22 und Ubuntu/Windows gleichzeitig" strategy: fail-fast: false # Alle Matrix-Jobs laufen durch, auch bei Fehler matrix: node-version: [18, 20, 22] os: [ubuntu-latest, windows-latest] include: # Extra-Kombination: Node 22 + macOS - node-version: 22 os: macos-latest exclude: # Node 18 auf Windows überspringen - node-version: 18 os: windows-latest runs-on: ${{ matrix.os }} steps: - uses: actions/setup-node@v4 with: node-version: ${{ matrix.node-version }} # Dynamic Matrix (von JSON generiert): jobs: generate-matrix: outputs: matrix: ${{ steps.set-matrix.outputs.matrix }} steps: - id: set-matrix run: echo "matrix=$(cat .github/test-matrix.json)" >> $GITHUB_OUTPUT test: needs: generate-matrix strategy: matrix: ${{ fromJson(needs.generate-matrix.outputs.matrix) }}

# Prompt: "Optimiere unsere GitHub Actions Pipeline mit intelligentem Caching" # npm cache (via setup-node — automatisch!): - uses: actions/setup-node@v4 with: cache: 'npm' # Cached node_modules automatisch # Eigenes Caching (für Build-Outputs): - name: Cache Next.js Build uses: actions/cache@v4 with: path: | .next/cache ${{ runner.temp }}/.next-cache key: ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json') }}-${{ hashFiles('**/*.ts', '**/*.tsx') }} restore-keys: | ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json') }}- ${{ runner.os }}-nextjs- # Docker Layer Caching mit Buildx: - uses: docker/setup-buildx-action@v3 - uses: docker/build-push-action@v5 with: cache-from: type=gha cache-to: type=gha,mode=max

# Prompt: "AWS-Deployment ohne hardcodierte Credentials — OIDC nutzen" permissions: id-token: write # OIDC Token anfordern contents: read steps: - name: Configure AWS via OIDC uses: aws-actions/configure-aws-credentials@v4 with: role-to-assume: arn:aws:iam::123456789:role/GitHubActionsRole aws-region: eu-central-1 # Kein AWS_ACCESS_KEY_ID nötig! - name: Deploy to ECS run: aws ecs update-service --cluster prod --service api --force-new-deployment # Environments: Genehmigung vor Production-Deploy: jobs: deploy-prod: environment: name: production url: https://api.example.com # → Reviewer müssen in GitHub UI genehmigen!