Part of the Certy learning platform for the GitHub Actions certification (GH-200).
This repository simulates GitHub Enterprise administration for the GH-200 exam domain 4.0 Manage GitHub Actions for the enterprise, which is the largest single domain on the exam at roughly 27% of the questions.
Most learners do not have access to a real GitHub Enterprise account with administrative permissions, so it is hard to practise the decisions an enterprise admin actually makes. This repository solves that with scenario-based decision exercises instead of code. You read a realistic situation, weigh the trade-offs, and write down your recommendation - exactly the kind of reasoning the exam tests.
- GH-200 exam candidates studying domain 4.0.
- Platform and DevOps engineers who manage (or want to manage) GitHub Actions at organisation or enterprise scale.
- Anyone who needs to recognise the difference between GitHub-hosted runners, self-hosted runners, runner groups, Actions policies, permissions, billing controls, reusable workflows, and audit and governance.
You do not need a paid Enterprise plan to benefit from this repo. The scenarios are designed to be answered from understanding alone.
- Fork this repository to your own account (or clone it locally).
- Open the
scenarios/folder and pick a scenario, starting with01-runner-strategy.md. - Read the situation, the Task, and the Consider checklist.
- Use the frameworks in
decision-matrices/to structure your thinking. - Copy the relevant template from
answer-templates/into a newanswers/folder (you create this folder in your fork) and write your recommendation. Each scenario tells you the exact filename to use, for exampleanswers/01-runner-strategy.md. - Compare your reasoning against the worked example in
answer-templates/example-scenario-02.mdto gauge the expected depth. - Commit your answers to your fork so you build a personal revision log.
There is no automated marking. The value is in articulating a defensible recommendation, because that is the skill the exam rewards.
Tip: the best answers name the specific GitHub setting, state where it lives (repository, organisation, or enterprise level), and explain the trade-off you accepted.
Domain 4.0, "Manage GitHub Actions for the enterprise", covers the administration and governance tasks below. Each scenario targets one or more of them.
| Domain 4.0 topic | Covered by |
|---|---|
| Distribute and manage runners (hosted and self-hosted) | Scenarios 01, 02, 03 |
| Configure runner groups and access | Scenario 03 |
| Manage Actions policies (allowed actions, local-only, selected) | Scenario 04 |
Configure default GITHUB_TOKEN permissions |
Scenario 05 |
| Manage Actions spending, usage limits, and billing | Scenario 06 |
| Share and require reusable workflows across an organisation | Scenario 07 |
| Apply enterprise security controls to Actions | Scenario 08 |
| Use the audit log for governance and compliance | Scenario 09 |
| # | Scenario | Core GH-200 concept |
|---|---|---|
| 01 | Runner strategy | Choosing an overall runner approach for an organisation |
| 02 | Hosted vs self-hosted runners | Trade-offs between GitHub-hosted and self-hosted runners |
| 03 | Runner groups | Isolating and granting access to runners with runner groups |
| 04 | Actions policy | Allow, block, and allow-list Actions and reusable workflows |
| 05 | Workflow permissions | Default GITHUB_TOKEN permissions org-wide |
| 06 | Cost control | Usage limits, spending limits, billing, and minutes |
| 07 | Org-level reusable workflows | Required workflows and sharing reusable workflows |
| 08 | Enterprise security review | Hardening Actions across the enterprise |
| 09 | Audit and governance | Audit log, compliance, and evidence |
Reusable frameworks you can apply to any of the scenarios, and on the exam:
- Runner decision matrix - GitHub-hosted vs self-hosted vs runner groups.
- Policy decision matrix - Actions policies, reusable workflow governance, and permissions.
- Cost control checklist - a practical checklist to keep Actions spend under control.
All under github.com/CertyPro:
- certy-gh200-course-content - the full GH-200 course notes and study guide.
- gh200-student-actions-lab - hands-on starter workflows for beginners.
- gh200-broken-workflows - debugging practice with deliberately broken workflows.
- gh200-custom-actions-lab - build your own composite, Docker, and JavaScript actions.
- gh200-security-challenges - secure your workflows against common attacks.
- gh200-reusable-workflows-library - a library of reusable workflows to study and reuse.
Released under the MIT Licence. See LICENSE.
Built and maintained by Coded Vision Design for Certy. Visit certy.pro for the full learning platform.