Nice article! Only thing I'd add is that at step 4, you don't have to give read and write access to all your github repositories! I wrote a blog post myself about how you can still have CD without giving away all your access conorsheehan1.hashnode.dev/netlify-deployments-fr…
I'd say that's especially relevant now with the recent breach at heroku.
IMO it's always better to push your code to a hosting service, rather than giving them a broad scope of access and letting them pull it.