GitHubUniverseRecap2024

Transcript

1. あなたの知らない GitHub Actions 小技 集

2. None

3. GitHub Actions Is a CI/CD platform. It lets us automate

   workflows at every step in software development process.

4. Agenda 1. Workflow 2. Environment 3. Deployment view 4. Insight

   5. Immutable Actions

5. Workflow

6. Matrix jobs Workflow • Test multiple versions of dependencies or

   multiple OS versions • Speed up testing processes

7. continue-on-error • Continuously run Actions if a step fails •

   Available for job/step levels Workflow

8. continue-on-error • Handling a failure job like roll backing the

   deployment • Negative test Expected use cases

9. Deployment view

10. Deployment history • Deployment view • Pinging environments (max: 10)

    • More filters on the view ◦ Creators, statues, environments, commits.

11. Environment

12. • Required reviewers • Wait timer • Custom rules with

    GitHub Apps Deployment protection rules Environment

13. • Protected branches only • Selected branches and tags Deployment

    branches and tags Environment

14. Insight

15. Usage metrics Insight • Usage metrics for your organizations

16. Performance metrics Insight • How long did workflows/jobs take to

    complete? • How long did workflows/jobs wait to run? • Which workflows/jobs are consistently failing? • Where is the longest running workflows/jobs?

17. Immutable Actions

18. Immutable Actions Mutable References Actions can be referenced in workflow

    by Git tag, release name, branch name or SHA. Tag in particular are mutable by design. Risk Mutable references can become subject to history overwrite attacks or changes to the target of the Git tags Looks like a released version, but is a Git tag

19. Immutable Actions • Actions is published as OCI packages to

    GitHub Container Registry • Immutable version tags with SemVer SemVer that points at immutable artifact

20. https://support.github.com