
Two quick GitHub Actions examples
Example: minimal scripted-style workflowLocate the Jenkins pipeline and repository
The Jenkins job we’re migrating is a manual-trigger job (no SCM webhook triggers). It is stored in this GitHub repository:- Repository:
https://github.com/jenkins-demo-org/solar-system - Branch:
main
.github/workflows/.

Review the Jenkinsfile: what to map
Inspect the Jenkinsfile to identify stages, tools, agents, and credentials. Here is a simplified excerpt showing the key structure and stages to map to Actions:Key mapping considerations
- Jenkins stages can be mapped to:
- Separate GitHub Actions jobs — good for parallelism and isolation, and for using
needs:to control ordering. - Steps inside a single job — keeps everything on the same runner sequentially, useful if you need a consistent environment between stages.
- Separate GitHub Actions jobs — good for parallelism and isolation, and for using
- Jenkins
toolsandagent { docker { image } }choices:- Use
actions/setup-nodeto install Node on the runner, or - Use
container: node:24at the job level to run all steps inside that Docker image (closer to Jenkins Docker agent behavior).
- Use
- Jenkins credentials become GitHub Secrets (repository or org-level). Use
secrets.in Actions to pass them as environment variables. - Test reports: in Jenkins the pipeline used
junit. In Actions you can uploadtest-results.xmlas an artifact and/or use community actions to parse JUnit output and annotate the run.
Recommended mapping table
| Jenkins concept | GitHub Actions equivalent | Notes / example |
|---|---|---|
agent / runner label | runs-on (job) | runs-on: ubuntu-latest or specific self-hosted runner. |
| Docker agent | container: (job level) | container: node:24 runs every step inside the image. |
| Tool installers (Node) | actions/setup-node@v4 | uses: actions/setup-node@v4 with node-version. |
| Jenkins credentials | GitHub Secrets | Settings → Secrets & variables → Actions; reference as ${{ secrets.MONGO_URI }}. |
junit test results | actions/upload-artifact or test report parsers | Upload test-results.xml and/or use actions to annotate results. |
| Stage ordering | needs: (job-level dependency) | Use needs: [test] to order jobs. |
Minimal functional conversion
A minimal conversion that mirrors Jenkins “Installing Dependencies” and “Unit Testing” as steps in a single GitHub Actions job looks like this. Save as.github/workflows/solar-system-ci.yml:
- To run the job inside the same Node Docker image used by Jenkins, uncomment
container: node:24. Then all steps execute inside that container. - The app’s unit tests may require MongoDB connection details. In Jenkins these were injected via credentials — in Actions you must supply equivalent secrets (see the callout below).
Store sensitive values like
MONGO_URI, MONGO_USERNAME, and MONGO_PASSWORD as GitHub Secrets (Repository → Settings → Secrets & variables → Actions). Reference them in the workflow with env: or per-step env: using the secrets. context (for example env: MONGO_URI: ${{ secrets.MONGO_URI }}).Example: passing secrets to the job
Common runtime failure: undefined DB URI
When this workflow was first executed, thenpm test step failed because the MongoDB URI was not supplied. Example trimmed output:
- The tests attempt to connect to MongoDB via a URI provided by environment variables. The workflow did not inject those secrets, so
mongoose.connect()receivedundefinedand the test runner exited with a non-zero code.
- Add the required secrets to the repository or organization (recommended for real credentials), or
- Use a GitHub Actions service container to run a temporary MongoDB instance for tests, or
- Mock the database connections in tests so they do not require a running DB.
Converting remaining stages
Convert the remaining Jenkins stages (dependency scanning, coverage, image build & publish, Trivy scanning) into discrete jobs. Recommendations:- Model each logical Jenkins stage as an Actions job for clarity and failure isolation:
dependency-scan(uses language-specific scanners),unit-test(JUnit reporting, upload test artifacts),coverage(upload coverage artifacts, publish to coverage services),build-and-publish-image(build Docker image, push to registry using secrets),trivy-scan(scan image artifacts; fail on high-severity vulnerabilities).
- Use
needs:to preserve ordering (e.g.,coverageshouldneed: [unit-test], andbuild-and-publish-imageshouldneed: [coverage]). - Use
actions/upload-artifactfor test reports and coverage files, or use community actions to parse JUnit and produce GitHub annotations.
Links and references
- GitHub Actions docs: https://docs.github.com/actions
- actions/checkout: https://github.com/actions/checkout
- actions/setup-node: https://github.com/actions/setup-node
- actions/upload-artifact: https://github.com/actions/upload-artifact
- Trivy (Aqua Security): https://github.com/aquasecurity/trivy
- Mocha: https://mochajs.org/
- Mongoose: https://mongoosejs.com/
- MongoDB: https://www.mongodb.com/
- Wiring up repository/organization secrets,
- Adding JUnit parsing and annotations,
- Converting the remainder of the Jenkins pipeline with
needs:and containerized jobs, - Using the GitHub Actions importer to help automate the migration.