Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Launching GitHub's Public GraphQL API

359024e7132672aaeef4a3e792be4ae5?s=47 Brooks Swinnerton
May 21, 2017
Technology
2
440

Launching GitHub's Public GraphQL API

359024e7132672aaeef4a3e792be4ae5?s=128

Brooks Swinnerton

May 21, 2017
Tweet

More Decks by Brooks Swinnerton

See All by Brooks Swinnerton
359024e7132672aaeef4a3e792be4ae5?s=48 bswinnerton
2
53
359024e7132672aaeef4a3e792be4ae5?s=48 bswinnerton
4
480
359024e7132672aaeef4a3e792be4ae5?s=48 bswinnerton
2
350
359024e7132672aaeef4a3e792be4ae5?s=48 bswinnerton
4
88
359024e7132672aaeef4a3e792be4ae5?s=48 bswinnerton
0
230
359024e7132672aaeef4a3e792be4ae5?s=48 bswinnerton
0
53
359024e7132672aaeef4a3e792be4ae5?s=48 bswinnerton
0
80

Other Decks in Technology

See All in Technology
D8730970396729af16546cc69ce63b44?s=48 shwars
0
110
1e210dc7083cc282628ff071926b9351?s=48 nnstt1
2
120
6848c06ef647ab606c668cc5264c0fc9?s=48 thorstenhans
0
100
7a4968fbcd56e81f95a4f3c186141b52?s=48 kateinoigakukun
0
120
53850955f15249a1a9dc49df6113e400?s=48 line_developers
PRO
1
360
2cf373725ded741824c50fd571eda6e1?s=48 udzura
0
150
Fecdd3417cd7375cc0bd0352d72db27e?s=48 1ftseabass
PRO
0
120
3373c144fef1d3518b9b3f24a6b46ad0?s=48 lmi
5
3.7k
53850955f15249a1a9dc49df6113e400?s=48 line_developers
PRO
2
450
4b2f3a64637b51e81813accbe8a98083?s=48 miura55
0
170
525442fc70ca92f82ae503f826956137?s=48 finengine
0
350
Fb025419ed38f98df595eb2eafc859f4?s=48 ihcomega56
2
900

Featured

See All Featured
E837d2996f52008ace055a08fbfff992?s=48 frogandcode
128
20k
E190023b66e2b8aa73a842b106920c93?s=48 zenorocha
296
40k
20bfe76b3d6105641f879fe45cfc9272?s=48 bkeepers
PRO
322
53k
9952dfcd5d338f8a8e7175c8a8f65fb5?s=48 wjessup
340
16k
027d1ebf66cc039a0bd3b55eeadbe75d?s=48 sachag
267
17k
C7393b7ba7ec9c8890dd77d209fbb3c9?s=48 maltzj
502
36k
15f2b8221f247985a27a627d2ece72f0?s=48 pauljervisheath
195
15k
9fa239b3154a0169d99ab7bf1422dd12?s=48 marcelosomers
221
15k
56c4053438af8e8b90d6f53cbb7573be?s=48 jakevdp
776
200k
C9b18d9dff88a9dd2393364c2b3b21bd?s=48 colly
66
3k
8ec1383b240b5ba15ffb9743fceb3c0e?s=48 philnash
10
680
168ccec72eee0530b818d44f3fedaacf?s=48 shlominoach
176
7.6k

Transcript

  1. + a

  2. Hi, I’m Brooks

  3. I work at !

  4. let’s talk about launching the GitHub GraphQL API

  5. How our GraphQL API came to be

  6. March 20th, 2016 proposal submitted

  7. we had dreams of APIv4

  8. multiple resources in one roundtrip

  9. schema introspection

  10. April 6th, 2016 proof of concept done

  11. { current_user { login repositories(affiliation: "owner") { id name }

    } }

  12. April 12th, 2016 New team created

  13. September 14th, 2016 early access

  14. Today >100 million queries/day

  15. We learned some things along the way

  16. Tooling

  17. documentation

  18. https://github.com/gjtorikian/graphql-docs

  19. GraphiQL all-in-one

  20. "but we’re going to need a Ruby client"

  21. github/graphql-client

  22. objects in exchange for a query

  23. collocate our queries with our views

  24. but in Rails

  25. query profiling

  26. query { repository(owner:"rails", name:"rails") { viewerHasStarred } }

  27. { "data": { "repository": { "viewerHasStarred": false } }, "extensions":

    { "totalDuration": 42.06737782806158, "trackedAssociations": {}, "profiling": { "Repository:viewerHasStarred": { "type": "Boolean!", "sql": [ { "duration": 2.07, "sql": "SELECT 1 AS one FROM `repositories` INNER JOIN `stars` ON `repositories`.`id` = `stars`.`starrable_id` WHERE `stars`.`user_id` = 934497 AND `stars`.`starrable_type` = 'Repository' AND `repositories`.`id` = 8514 LIMIT 1 " } ] } } } }

  28. Authorization

  29. reusing the OAuth logic from our REST API

  30. OAuth scopes are granted to a token

  31. token is used to make a request

  32. familiar to our users

  33. less for us to build

  34. Organization = GraphQL::ObjectType.define do name "Organization" accepted_scopes ["read:org", "admin:org"] end

  35. Organization = GraphQL::ObjectType.define do name "Organization" accepted_scopes ["read:org", "admin:org"] end

  36. but with ✨ GraphQL ✨…

  37. we can analyze the query before resolution

  38. query { organization(login:"github") { members { totalCount } } }

  39. query { organization(login:"github") { members { totalCount } } }

  40. Organization = GraphQL::ObjectType.define do name "Organization" accepted_scopes ["read:org", "admin:org"] end

  41. but this isn’t perfect

  42. in some cases you need to perform resolution first

  43. repo vs public_repo

  44. we’ve introduced an authz layer for resolution

  45. Schema design

  46. first off

  47. there’s more than one

  48. one for new & sensitive features

  49. one for everyone else

  50. Organization = GraphQL::ObjectType.define do name "Organization" accepted_scopes ["read:org"] end

  51. Organization = GraphQL::ObjectType.define do name "Organization" accepted_scopes ["read:org"] visibility :public

    end

  52. Organization = GraphQL::ObjectType.define do name "Organization" accepted_scopes ["read:org"] visibility :public

    end

  53. CoolNewFeature = GraphQL::ObjectType.define do name "CoolNewFeature" accepted_scopes ["repo"] visibility :internal

    end

  54. mandatory first/last arguments on connections

  55. query { viewer { repositories(last:30) { edges { node {

    name } } } } }

  56. query { viewer { repositories(last:30) { edges { node {

    name } } } } }

  57. is/has/can prefix

  58. query { repository(owner:"rails", name:"rails") { isFork hasIssuesEnabled viewerCanAdminister } }

  59. query { repository(owner:"rails", name:"rails") { isFork hasIssuesEnabled viewerCanAdminister } }

  60. avoiding fields that should be types

  61. query { repository(owner:"rails", name:"rails") { ownerLogin } }

  62. query { repository(owner:"rails", name:"rails") { ownerLogin } }

  63. query { repository(owner:"rails",name:"rails") { owner { login } } }

  64. Feature Parity

  65. schema driven development* *stay tuned!

  66. with our REST API

  67. new features were developed for the UI

  68. then staff-shipped

  69. then released

  70. REST API work started after the ship

  71. but, today…

  72. all new features are built with GraphQL

  73. from the start

  74. CoolNewFeature = GraphQL::ObjectType.define do name "CoolNewFeature" accepted_scopes ["repo"] visibility :internal

    end

  75. CoolNewFeature = GraphQL::ObjectType.define do name "CoolNewFeature" accepted_scopes ["repo"] visibility :internal

    end

  76. CoolNewFeature = GraphQL::ObjectType.define do name "CoolNewFeature" accepted_scopes ["repo"] visibility :public

    end

  77. this allows us to build a true public API

  78. this allows us to build a true public API

  79. this allows us to build a true platform

  80. shared between GitHubbers and integrators

  81. but change is scary

  82. GraphQL-backed REST APIs

  83. this works great for new features

  84. but what about legacy features?

  85. GET https://api.github.com/user

  86. enter Scientist

  87. github/scientist

  88. measure data discrepancies

  89. measure the difference in performance

  90. None

  91. Where we’re headed

  92. static analysis of schema during code review

  93. rate limiting

  94. expose global relay IDs in REST API

  95. preview new fields and objects with headers

  96. Thank you
 @bswinnerton on Twitter & GitHub @brooks on Slack