feat: intermediate badge submission - tasks 4-7 completed

[PruthuviDe]

Completing intermediate badge tasks 4-7 with evidence of successful execution.

Tasks Completed:

• ✅ Task 4: Create a Custom Workflow
• ✅ Task 5: Use Environment Variables
• ✅ Task 6: Use GitHub Secrets
• ✅ Task 7: Matrix Testing

See .github/submissions/intermediate-pruthuvi.md for full details and evidence documentation.

Summary by CodeRabbit

• Documentation

  • Added submission documentation for GitHub Actions beginner and intermediate task completion

• Chores

  • Created new custom workflow for develop branch
  • Updated CI/CD workflows: upgraded GitHub Actions versions, expanded Node.js test matrix to include version 20.x, added environment configuration, and integrated secret management

[coderabbitai]

Important

Review skipped

Review was skipped due to path filters

⛔ Files ignored due to path filters (4)

• .github/submissions/task4-custom-workflow.png is excluded by !**/*.png
• .github/submissions/task5-environment-variables.png is excluded by !**/*.png
• .github/submissions/task6-github-secrets.png is excluded by !**/*.png
• .github/submissions/task7-matrix-testing.png is excluded by !**/*.png

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 7e982a26-9c8a-4090-8be0-4ea15f9cb04a

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

📝 Walkthrough

Walkthrough

This PR adds two submission documentation files documenting beginner and intermediate GitHub Actions task completions, introduces a new custom workflow triggered on develop branch pushes, upgrades workflow action versions from v3 to v4, expands Node.js matrix testing to include version 20.x, adds environment variables to build-test workflow, and integrates secret handling in hello-world workflow.

Changes

Cohort / File(s)	Summary
Submission Documentation .github/submissions/beginner-pruthuvi.md, .github/submissions/intermediate-pruthuvi.md	Two new submission files documenting completion of beginner and intermediate GitHub Actions tasks with task checklists, evidence sections, and learning summaries.
GitHub Actions Workflow Updates .github/workflows/build-test.yml, .github/workflows/hello-world.yml	build-test.yml: upgraded action versions (v3→v4), added environment variables (NODE_ENV, LOG_LEVEL), expanded Node.js matrix to include 20.x, switched from npm ci to npm install, removed caching config. hello-world.yml: added step to read and print TEST_SECRET length.
New Custom Workflow .github/workflows/custom.yml	New workflow triggered on develop branch pushes; runs Node.js 18 setup, installs dependencies, and executes tests in sample-app directory.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 New workflows bound with joy and care,
Secrets masked and versions fresh in air!
From three to four, the actions leap and grow,
Node versions tested in a matrix glow,
Task by task, the learner's path laid bare! 📋✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The pull request title clearly and specifically summarizes the main change: completing intermediate badge tasks 4-7, which is the primary objective documented in the PR.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch working-intermediate-pruthuvi

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/custom.yml:
- Around line 10-11: The workflow uses outdated action versions; update the uses
references for actions/checkout and actions/setup-node from `@v3` to a current
major like `@v4` (or `@v6` for latest) so the steps use runners with Node.js 20+;
locate the lines with "uses: actions/checkout@v3" and "uses:
actions/setup-node@v3" and change the tags to the chosen newer major (e.g.,
actions/checkout@v4 and actions/setup-node@v6), then run or validate the
workflow to ensure compatibility.

In @.github/workflows/hello-world.yml:
- Around line 36-40: The "Access secret" step currently assigns SECRET="${{
secrets.TEST_SECRET }}" and continues even if the secret is empty; add an
explicit runtime check in that step after assigning SECRET to verify it's
non-empty (e.g., test SECRET with -z) and immediately echo a clear error and
exit 1 when missing so the job fails fast; update the step that defines SECRET
in the "Access secret" step to perform this validation before printing the
length.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 1ff08619-7195-46c8-b187-e28f81d4a973

📥 Commits

Reviewing files that changed from the base of the PR and between de6927e and 117dd4a.

⛔ Files ignored due to path filters (4)

• .github/submissions/task1-workflow.png is excluded by !**/*.png
• .github/submissions/task2-push-trigger.png is excluded by !**/*.png
• .github/submissions/task3-browser.png is excluded by !**/*.png
• .github/submissions/task3.1-browser.png is excluded by !**/*.png

📒 Files selected for processing (5)

• .github/submissions/beginner-pruthuvi.md
• .github/submissions/intermediate-pruthuvi.md
• .github/workflows/build-test.yml
• .github/workflows/custom.yml
• .github/workflows/hello-world.yml

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail
rg -n 'uses:\s*actions/(checkout|setup-node)@v3' .github/workflows/custom.yml .github/workflows/build-test.yml .github/workflows/hello-world.yml

Repository: PruthuviDe/github-actions-learning

Length of output: 1834

---

🌐 Web query:

actions/checkout v3 deprecated v4 upgrade

💡 Result:

actions/checkout@v3 is not formally deprecated and continues to receive security updates, but it runs on Node.js 16, which is end-of-life. GitHub Actions runners now default to Node.js 20+, causing warnings or compatibility issues on older self-hosted runners. Upgrade to @v4 (Node 20) or newer (@v6 latest as of 2026) for modern Node support, better performance, and new features like partial checkout filters. Upgrade steps: 1. Change uses: actions/checkout@v3 to uses: actions/checkout@v4 (or @v6). 2. No breaking changes; most inputs compatible. 3. Add recommended permissions: permissions: contents: read 4. Test workflows; v4 adds support for --no-progress fetch and Node 20. Current latest: v6.0.2 (improved credential security). Repo actively maintained with v4+ getting updates.

Citations:

• 1: Bump actions/checkout from 3 to 4 actions/checkout#1697
• 2: [Github Actions] actions/checkout@v3 should be upgraded to v4 denoland/fresh#2285
• 3: https://github.com/actions/checkout
• 4: https://github.com/actions/checkout/blob/main/CHANGELOG.md
• 5: https://github.com/marketplace/actions/checkout
• 6: https://github.com/actions/checkout/releases
• 7: https://github.com/actions/checkout/blob/v3.1.0/CHANGELOG.md
• 8: https://www.tce-colombia.com
• 9: https://github.blog/changelog/2025-02-12-notice-of-upcoming-deprecations-and-breaking-changes-for-github-actions
• 10: checkout@v3 using node20 instead of node16 actions/checkout#1809
• 11: Node.js 16 actions are deprecated actions/checkout#1596

---

🌐 Web query:

actions/setup-node v3 deprecated v4

💡 Result:

actions/setup-node v3 is deprecated due to its use of Node.js 16 runtime, which GitHub Actions deprecated in late 2023/early 2024. Users should upgrade to v4 or later. Current latest version is v6.3.0 (released March 2026). Key upgrade path: - v3 -> v4: Updated to Node.js 20 runtime (released ~2023-2024). - v4 -> v5: Added automatic caching with package manager detection; upgraded to Node.js 24 (September 2025). - v5 -> v6: Further caching refinements for npm; removed deprecated always-auth input. Migration example: # Old (v3) - uses: actions/setup-node@v3 with: node-version: '20' # New (v6 recommended) - uses: actions/setup-node@v6 with: node-version: '24' No breaking changes block v3 to v4 upgrade directly, but review v5+ changes for caching behavior. Use v6 for latest features and Node.js 24 compatibility ahead of Node 20 deprecation (summer 2026).

Citations:

• 1: https://github.com/actions/setup-node/blob/main/README.md
• 2: https://github.com/actions/setup-node/releases
• 3: https://github.com/actions/setup-node
• 4: Node 16 deprecation actions/setup-node#850
• 5: https://github.blog/changelog/2024-03-06-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
• 6: https://stackoverflow.com/questions/77992218/github-actions-failing-after-upgrading-to-node-v20

---

Upgrade outdated GitHub Actions versions.

Lines 10–11 use @v3, which runs on Node.js 16 (end-of-life). Upgrade to @v4 (or @v6 for the latest) to use Node.js 20+ and ensure compatibility with current GitHub Actions runners.

Proposed fix

-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- uses: actions/checkout@v3
	- uses: actions/setup-node@v3
	- uses: actions/checkout@v4
	- uses: actions/setup-node@v4

🧰 Tools

🪛 actionlint (1.7.11)

[error] 10-10: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

---

[error] 11-11: the runner of "actions/setup-node@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/custom.yml around lines 10 - 11, The workflow uses
outdated action versions; update the uses references for actions/checkout and
actions/setup-node from `@v3` to a current major like `@v4` (or `@v6` for latest) so
the steps use runners with Node.js 20+; locate the lines with "uses:
actions/checkout@v3" and "uses: actions/setup-node@v3" and change the tags to
the chosen newer major (e.g., actions/checkout@v4 and actions/setup-node@v6),
then run or validate the workflow to ensure compatibility.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fail fast if TEST_SECRET is missing.

At Line 38, an unset secret becomes an empty string and the job still succeeds. Add an explicit check so this step validates configuration instead of silently passing.

Proposed fix

       - name: Access secret
-        run: |
-          SECRET="${{ secrets.TEST_SECRET }}"
-          echo "Secret length: ${`#SECRET`}"
+        env:
+          SECRET: ${{ secrets.TEST_SECRET }}
+        run: |
+          if [ -z "$SECRET" ]; then
+            echo "TEST_SECRET is not configured"
+            exit 1
+          fi
+          echo "TEST_SECRET is configured"

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- name: Access secret
	run: |
	SECRET="${{ secrets.TEST_SECRET }}"
	echo "Secret length: ${#SECRET}"
	- name: Access secret
	env:
	SECRET: ${{ secrets.TEST_SECRET }}
	run: |
	if [ -z "$SECRET" ]; then
	echo "TEST_SECRET is not configured"
	exit 1
	fi
	echo "TEST_SECRET is configured"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/hello-world.yml around lines 36 - 40, The "Access secret"
step currently assigns SECRET="${{ secrets.TEST_SECRET }}" and continues even if
the secret is empty; add an explicit runtime check in that step after assigning
SECRET to verify it's non-empty (e.g., test SECRET with -z) and immediately echo
a clear error and exit 1 when missing so the job fails fast; update the step
that defines SECRET in the "Access secret" step to perform this validation
before printing the length.