Continuous Delivery with GitHub Actions - DeliveryConf 2020

by https://speakerdeck.com/sullis

Slide 1

Slide 1 text

Continuous Delivery with GitHub Actions DeliveryConf 2020 - Sean Sullivan

Slide 2

Slide 2 text

About me

Slide 3

Slide 3 text

No content

Slide 4

Slide 4 text

Agenda CI/CD GitHub Actions Core concepts Security

Slide 5

Slide 5 text

CI/CD

Slide 6

Slide 6 text

“The most important practice for continuous integration to work properly is frequent check-ins to trunk”

Slide 7

Slide 7 text

“Continuous integration was ﬁrst written about in Kent Beck’s book Extreme Programming Explained”

Slide 8

Slide 8 text

No content

Slide 9

Slide 9 text

GITHUB ACTIONS

Slide 10

Slide 10 text

“GitHub Actions help you automate your software development workﬂows” source: GitHub.com

Slide 11

Slide 11 text

“You can write individual tasks, called actions, and combine them to create a custom workﬂow” source: GitHub.com

Slide 12

Slide 12 text

Getting started

Slide 13

Slide 13 text

Actions tab

Slide 14

Slide 14 text

Actions tab Starter Workﬂow

Slide 15

Slide 15 text

Workﬂow editor

Slide 16

Slide 16 text

Workﬂow editor

Slide 17

Slide 17 text

Workﬂow editor

Slide 18

Slide 18 text

Workﬂow editor checkout@v2

Slide 19

Slide 19 text

Workﬂow editor setup-java@v1

Slide 20

Slide 20 text

Workﬂow editor run: sbt test

Slide 21

Slide 21 text

Workﬂow editor click

Slide 22

Slide 22 text

Workﬂow editor click

Slide 23

Slide 23 text

.github/workﬂows

Slide 24

Slide 24 text

Actions tab

Slide 25

Slide 25 text

Actions tab

Slide 26

Slide 26 text

Actions tab

Slide 27

Slide 27 text

Ruby On Rails uses GitHub Actions

Slide 28

Slide 28 text

Ruby on Rails

Slide 29

Slide 29 text

Ruby on Rails

Slide 30

Slide 30 text

Ruby on Rails

Slide 31

Slide 31 text

Ruby on Rails

Slide 32

Slide 32 text

Core concepts

Slide 33

Slide 33 text

Events Actions Workﬂows

Slide 34

Slide 34 text

create deployment deployment_status issue created pull_request push schedule label created (and many more) Events trigger workﬂows

Slide 35

Slide 35 text

Workﬂows are custom automated processes that you can set up in your repository to build, test, package, release, or deploy source: GitHub.com

Slide 36

Slide 36 text

GitHub webhooks GitHub Actions workﬂows

Slide 37

Slide 37 text

Actions are individual tasks that you can combine to create jobs source: GitHub.com

Slide 38

Slide 38 text

You can create custom Actions or use Actions provided by the GitHub community source: GitHub.com

Slide 39

Slide 39 text

action.yml declares the inputs and outputs for an action source: GitHub.com

Slide 40

Slide 40 text

Types of Actions: JavaScript Docker source: GitHub.com

Slide 41

Slide 41 text

“GitHub Actions is available with GitHub Free, GitHub Pro, GitHub Team, and GitHub Enterprise Cloud” source: GitHub.com

Slide 42

Slide 42 text

What if I already have an existing CI tool enabled?

Slide 43

Slide 43 text

Keep your existing CI tool and enable GitHub Actions

Slide 44

Slide 44 text

Evaluate both CI tools running side-by-side

Slide 45

Slide 45 text

Actions runtime Runners Virtual Environments

Slide 46

Slide 46 text

Runners GitHub-hosted Self-hosted

Slide 47

Slide 47 text

Hosted Runners “GitHub hosts Linux and Windows runners on Standard_DS2_v2 virtual machines in Microsoft Azure with the GitHub Actions runner application installed” source: GitHub.com

Slide 48

Slide 48 text

Self-Hosted Runners “Self-hosted runners can be physical, virtual, container, on-premises, or in a cloud” source: GitHub.com

Slide 49

Slide 49 text

Self-Hosted Runners

Slide 50

Slide 50 text

Self-Hosted Runners C Sharp

Slide 51

Slide 51 text

Virtual Environments

Slide 52

Slide 52 text

Ubuntu 18.04 Ubuntu 16.04 Linux support

Slide 53

Slide 53 text

Third party actions

Slide 54

Slide 54 text

AWS Actions Azure Actions Google Cloud Actions

Slide 55

Slide 55 text

Pulumi Actions Terraform Actions Twilio SMS Action

Slide 56

Slide 56 text

https://github.com/aws-actions

Slide 57

Slide 57 text

No content

Slide 58

Slide 58 text

AWS: action.yml

Slide 59

Slide 59 text

Security

Slide 60

Slide 60 text

Secrets access protected keys using the secrets context object source: GitHub.com

Slide 61

Slide 61 text

Secrets source: GitHub.com

Slide 62

Slide 62 text

Secrets source: GitHub.com

Slide 63

Slide 63 text

Secrets source: GitHub.com

Slide 64

Slide 64 text

Secrets source: GitHub.com

Slide 65

Slide 65 text

Self-Hosted Runners “do not use self- hosted runners with public repositories” source: GitHub.com

Slide 66

Slide 66 text

Self-Hosted Runners “Forks of your public repository can potentially run dangerous code on your self-hosted runner machine” source: GitHub.com

Slide 67

Slide 67 text

Final thoughts

Slide 68

Slide 68 text

“CI ensures that the code that we create, as a team, works by providing us with rapid feedback on any problems”