あなたの知らない GitHub Actions 小技 集

No content

GitHub Actions Is a CI/CD platform. It lets us automate workflows at every step in software development process.

Agenda 1. Workflow 2. Environment 3. Deployment view 4. Insight 5. Immutable Actions

Workflow

Matrix jobs Workflow ● Test multiple versions of dependencies or multiple OS versions ● Speed up testing processes

continue-on-error ● Continuously run Actions if a step fails ● Available for job/step levels Workflow

continue-on-error ● Handling a failure job like roll backing the deployment ● Negative test Expected use cases

Deployment view

Deployment history ● Deployment view ● Pinging environments (max: 10) ● More filters on the view ○ Creators, statues, environments, commits.

Environment

● Required reviewers ● Wait timer ● Custom rules with GitHub Apps Deployment protection rules Environment

● Protected branches only ● Selected branches and tags Deployment branches and tags Environment

Insight

Usage metrics Insight ● Usage metrics for your organizations

Performance metrics Insight ● How long did workflows/jobs take to complete? ● How long did workflows/jobs wait to run? ● Which workflows/jobs are consistently failing? ● Where is the longest running workflows/jobs?

Immutable Actions

Immutable Actions Mutable References Actions can be referenced in workflow by Git tag, release name, branch name or SHA. Tag in particular are mutable by design. Risk Mutable references can become subject to history overwrite attacks or changes to the target of the Git tags Looks like a released version, but is a Git tag

Immutable Actions ● Actions is published as OCI packages to GitHub Container Registry ● Immutable version tags with SemVer SemVer that points at immutable artifact

https://support.github.com