GitHub GH-200 glossary of workflows, runners, artifacts, secrets, and CI/CD terms.
Use this glossary when GitHub Actions (Actions) terms start to blur together. The goal is practical recognition, not encyclopedia coverage.
| Term | Exam meaning |
|---|---|
| Workflow | YAML automation file triggered by GitHub events. |
| Runner | Machine that executes workflow jobs. |
| Job | Set of steps that runs on a runner. |
| OIDC | Federated identity pattern for cloud auth without long-lived secrets. |
| Environment | Deployment target with protection rules and secrets. |
| Reusable workflow | Workflow called by another workflow to standardize automation. |
| Pair | How to separate them |
|---|---|
| Workflow structure vs CI/CD design | Ask which layer the scenario is testing, then match the answer to that layer only. |
| Control vs evidence | A control changes behavior; evidence proves behavior or supports investigation. |
| Managed service vs custom build | Managed services win for lower operational effort unless the requirement needs unsupported customization. |
| Prevention vs detection | Prevention blocks or reduces a bad event; detection finds or reports that it happened. |
Do not memorize terms in isolation. For each term, write one scenario where it is the best answer, one scenario where it is a distractor, and one signal that proves it worked.