02 Quiz: Automation and CI/CD
October 2025 (2387 Words, 14 Minutes)
Chapter 02 Quiz: Automation and CI/CD
Instructions
- This quiz tests your understanding of key concepts from Chapter 02 (Feature Development)
- Each question has 4 options with exactly one correct answer
- Try to answer without referring to the lecture materials
- Focus on understanding concepts, not memorizing details
Question 1: The Core Problem CI/CD Solves
What is the fundamental problem that Continuous Integration (CI) addresses in software development?
A) It makes code run faster by optimizing compilation
B) It prevents “works on my machine” issues by testing code in a standardized environment
C) It automatically writes documentation for your code
D) It reduces the cost of cloud hosting by using fewer servers
Show Answer
Correct Answer: B
CI addresses the classic “integration hell” problem where code works fine on individual developers’ machines but breaks when merged together. By automatically testing every change in a clean, standardized environment, CI catches integration issues minutes after they’re introduced rather than days or weeks later. Options A, C, and D describe unrelated benefits or are simply not what CI is designed for.
Question 2: Understanding Continuous Delivery vs Continuous Deployment
What is the key difference between Continuous Delivery and Continuous Deployment?
A) Continuous Delivery is faster than Continuous Deployment
B) Continuous Deployment requires manual approval before production, Continuous Delivery is fully automated
C) Continuous Delivery prepares code for deployment with manual approval, Continuous Deployment automatically deploys to production
D) They are the same thing with different names
Show Answer
Correct Answer: C
Continuous Delivery automatically prepares code for deployment but requires manual approval before releasing to production (common in enterprises), while Continuous Deployment goes further by automatically deploying every change that passes tests directly to production with no manual intervention. Option B has it backwards, and options A and D are incorrect characterizations of these practices.
Question 3: GitHub Actions Workflow Structure
In a GitHub Actions workflow, what is the relationship between workflows, jobs, and steps?
A) Workflows contain multiple jobs, which contain multiple steps
B) Jobs contain multiple workflows, which contain multiple steps
C) Steps contain multiple jobs, which contain multiple workflows
D) They are all independent components that run separately
Show Answer
Correct Answer: A
A workflow is the top-level automated process defined in a YAML file. Each workflow contains one or more jobs, and each job contains one or more steps. This hierarchical structure allows you to organize complex automation pipelines. Jobs run in parallel by default (unless you specify dependencies), and steps within a job run sequentially.
Question 4: Choosing Action Versions
Why is it recommended to use major version tags (like @v4) instead of exact version tags (like @v4.1.1) for GitHub Actions?
A) Major version tags make workflows run faster
B) Exact versions are deprecated and no longer work
C) Major version tags automatically receive security patches and non-breaking updates
D) Major version tags use less disk space
Show Answer
Correct Answer: C
Using major version tags (e.g., @v4) means you automatically get security patches, bug fixes, and new features within that major version without manual updates. The major version won’t introduce breaking changes (that’s what major version increments are for), so you get the benefits of ongoing maintenance while maintaining stability. This is superior to pinning exact versions, which require manual updates for every patch.
Question 5: Evaluating Action Quality
Which of the following is the strongest indicator that a GitHub Action is trustworthy and well-maintained?
A) It has a colorful logo and professional-looking documentation
B) It’s published by a verified creator (like GitHub, Docker, or AWS) with recent updates and active issue management
C) It has the most stars on GitHub
D) It has the shortest code implementation
Show Answer
Correct Answer: B
Verified creators with blue checkmarks (especially official organizations like actions/*, docker/*, aws-actions/*) combined with recent updates and active maintenance are the strongest quality indicators. While stars (option C) are useful, they can be inflated and don’t guarantee current maintenance. Pretty documentation (A) and short code (D) say nothing about security, reliability, or ongoing support.
Question 6: The Purpose of Pre-commit Hooks
What is the main advantage of using pre-commit hooks compared to only running checks in CI/CD?
A) Pre-commit hooks are more thorough than CI checks
B) Pre-commit hooks catch issues immediately before commit, providing instant feedback and saving CI minutes
C) Pre-commit hooks work without needing an internet connection to GitHub
D) Pre-commit hooks automatically fix all code issues without developer intervention
Show Answer
Correct Answer: B
The primary advantage of pre-commit hooks is speed of feedback. Instead of committing, pushing, and waiting 2+ minutes for CI to fail, pre-commit hooks catch issues in seconds before the commit even happens. This saves time, saves CI minutes, and prevents broken code from reaching the repository. While option C is technically true, it’s not the main advantage. Options A and D are incorrect - pre-commit hooks run the same checks as CI (not more thorough) and typically block commits rather than auto-fix everything.
Question 7: GitHub Actions Workflow Triggers
When would you use the workflow_dispatch trigger in a GitHub Actions workflow?
A) To automatically run the workflow when code is pushed
B) To allow manual triggering of the workflow from the GitHub UI
C) To run the workflow on a scheduled basis (like daily or weekly)
D) To trigger the workflow when issues are opened
Show Answer
Correct Answer: B
The workflow_dispatch trigger adds a “Run workflow” button in the GitHub Actions UI, allowing you to manually trigger the workflow on demand. This is useful for deployment workflows, maintenance tasks, or any process that needs to run on-demand rather than automatically. Option A describes the push trigger, option C describes schedule, and option D describes issues trigger.
Question 8: Branch Protection Purpose
What is the primary purpose of implementing branch protection rules on the main branch?
A) To make the repository run faster
B) To prevent direct pushes and enforce quality requirements (like passing CI and code review) before merging
C) To automatically delete old branches
D) To encrypt the code in the main branch
Show Answer
Correct Answer: B
Branch protection rules enforce quality gates by preventing direct pushes to important branches and requiring pull requests, passing CI checks, and code reviews before changes can be merged. This creates a safety net that prevents broken code from reaching production and encourages collaboration through code review. Options A, C, and D are unrelated to branch protection functionality.
Question 9: The Role of uv in CI/CD
Why does this course recommend using astral-sh/setup-uv instead of actions/setup-python in GitHub Actions workflows?
A) uv is faster to install than Python
B) uv manages both Python versions and dependencies, provides built-in caching, and matches the local development workflow
C) actions/setup-python is deprecated and no longer maintained
D) uv actions are free while setup-python requires payment
Show Answer
Correct Answer: B
Using astral-sh/setup-uv provides a unified tool that handles Python version management, dependency installation, and caching - matching exactly what we do in local development with uv python pin and uv sync. This consistency between local and CI environments reduces “works locally but fails in CI” issues. Option A is misleading (both are fast), option C is false (setup-python is actively maintained), and option D is false (both are free for public repos).
Question 10: Matrix Testing Strategy
What is the main benefit of using a matrix strategy in GitHub Actions?
A) It makes your workflow file look more professional
B) It allows you to test your code against multiple configurations (like different Python versions) in parallel
C) It automatically fixes bugs found during testing
D) It reduces the total number of lines in your workflow file
Show Answer
Correct Answer: B
Matrix strategies let you test the same code against multiple configurations simultaneously - for example, testing against Python 3.12 and 3.13 at the same time. This ensures your code works across different environments without writing separate workflows for each configuration. The jobs run in parallel, giving you fast feedback across all configurations. Options A, C, and D are not benefits of matrix strategies.
Question 11: Custom Actions Decision
According to the lecture, when should you consider creating a custom GitHub Action?
A) Whenever you write any workflow, always create a custom action first
B) When you have complex logic repeated across multiple workflows or organization-specific needs
C) Never - you should only use official GitHub actions
D) Only if you want to sell your action on the marketplace
Show Answer
Correct Answer: B
Custom actions make sense when you have reusable logic that appears in multiple workflows or when you need organization-specific automation that existing actions don’t provide. However, if a simple run: command or existing action suffices, creating a custom action is unnecessary overhead. The lecture emphasizes using existing actions first and only creating custom ones when you have a specific need that isn’t met by available actions.
Question 12: Using GitHub Copilot for Workflows
According to the lecture’s guidance on using GitHub Copilot for creating workflows, what is the best approach?
A) Always let Copilot generate workflows without reviewing them since AI is perfect
B) Learn workflow fundamentals first, then use Copilot to accelerate creation while carefully reviewing output
C) Never use AI tools - only write workflows manually
D) Use Copilot only for commenting your code, not for generating workflows
Show Answer
Correct Answer: B
The lecture emphasizes a balanced approach: first learn the fundamentals (Parts 3-4), then leverage AI tools like Copilot to speed up your work while using your foundational knowledge to review and validate what AI generates. This “AI amplifies your skills” approach combines the best of both worlds - human understanding with AI efficiency. Options A and C represent extremes that miss this balanced approach.
Question 13: Effective AI Prompting for Workflows
What makes a GitHub Copilot prompt effective when creating a workflow?
A) Using as few words as possible
B) Writing in all caps to emphasize importance
C) Being specific about requirements (triggers, actions, dependencies, runners, etc.)
D) Asking Copilot to “make it work” without details
Show Answer
Correct Answer: C
Effective prompts are specific and detailed. Instead of vague requests like “create a workflow,” specify exactly what you need: which events trigger it, which actions to use (like astral-sh/setup-uv@v4), what dependencies to install, which quality checks to run, and which runner to use. The more context you provide, the better Copilot’s output will match your needs. Generic prompts lead to generic (often incorrect) results.
Question 14: Layered Quality Gates
Why does the lecture recommend a “layered” approach to quality checks (IDE → Pre-commit → CI → Code Review)?
A) Because more layers always means better quality, regardless of what they check
B) Each layer catches different types of issues at different stages, creating a quality funnel that prevents bugs from reaching production
C) To make development slower and more bureaucratic
D) Because GitHub requires all four layers to be present
Show Answer
Correct Answer: B
The layered approach creates a quality funnel where each layer catches different issues: the IDE catches syntax errors immediately, pre-commit catches linting issues before commit, CI catches environment-specific problems, and code review catches logical issues. This “defense in depth” strategy means most issues are caught early (fast feedback) and only rare edge cases make it through all layers. It’s not about bureaucracy (C) but about strategic placement of automated checks.
Question 15: CI/CD for Student Projects
Why does the lecture recommend using public repositories for student projects in terms of CI/CD?
A) Public repositories are required by the university
B) Private repositories don’t support GitHub Actions
C) Public repositories get unlimited free GitHub Actions minutes and provide portfolio benefits
D) Public repositories automatically get better grades
Show Answer
Correct Answer: C
Public repositories on GitHub receive unlimited free CI/CD minutes, making them perfect for student projects where you want to implement professional practices without cost concerns. Additionally, public repositories serve as portfolio pieces that future employers can review. Private repositories have limited free minutes, which could constrain learning. Options A, B, and D are false - there’s no university requirement, private repos do support Actions, and visibility doesn’t affect grades.
Scoring Guide
- 13-15 correct: Excellent! You have a strong grasp of CI/CD and automation concepts
- 10-12 correct: Good understanding! Review the areas you missed to solidify your knowledge
- 7-9 correct: Fair understanding. Revisit the lecture materials for key concepts, especially workflow structure and quality gates
- Below 7: Please review the lecture carefully and reach out during office hours if you need clarification
Key Takeaways to Remember
-
CI/CD prevents integration hell - Automated testing in standardized environments catches issues minutes after they’re introduced, not weeks later
-
Workflows contain jobs contain steps - Understanding this hierarchy is fundamental to building effective GitHub Actions workflows
-
Use major version tags (@v4) - Get automatic security patches and updates without breaking changes
-
Verify action quality before use - Look for official/verified creators, recent updates, and active maintenance
-
Pre-commit hooks provide instant feedback - Catch issues in seconds before they reach GitHub, saving time and CI minutes
-
uv unifies your development workflow - Using
astral-sh/setup-uvin CI matches your local development environment exactly -
Matrix strategies test multiple configurations - Run parallel tests against different Python versions or environments efficiently
-
Create custom actions only when needed - Start with existing actions; create custom ones for repeated complex logic
-
AI amplifies foundational knowledge - Learn workflows manually first, then use Copilot to accelerate while reviewing carefully
-
Layer your quality gates - IDE → Pre-commit → CI → Code Review creates a funnel that catches different issue types at optimal stages
-
Branch protection enforces standards - Prevent direct pushes to main and require CI passing + code review before merging
-
Specific prompts yield better AI results - Detail your requirements (triggers, actions, checks, runners) for Copilot to generate accurate workflows
-
Public repos get unlimited CI/CD - Perfect for student projects that serve as both learning experiences and portfolio pieces
-
Fast feedback is crucial - The sooner you catch issues, the cheaper they are to fix (remember the 1x/10x/100x/1000x cost escalation)
-
Automate what humans forget - If it requires remembering, it won’t happen consistently - automate quality checks instead