Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
GitHub ActionsでDevSecOpsごっこ
Search
Akira Moroo
June 13, 2022
Programming
0
64
GitHub ActionsでDevSecOpsごっこ
Akira Moroo
June 13, 2022
Tweet
Share
More Decks by Akira Moroo
See All by Akira Moroo
svc-hook: hooking system calls on ARM64 by binary rewriting
retrage
1
31
Exploring x86 MSR Space
retrage
0
1.4k
LLMでバイナリ解析支援
retrage
0
200
Practical Rust (Hypervisor) Firmware
retrage
3
1.7k
Bypassing UEFI Secure Boot with Thin-Hypervisor
retrage
0
1.2k
Porting Linux to Nabla Containers
retrage
0
1.2k
Network Boot from Bell Labs
retrage
2
1.7k
Unikernelで始める自作OS/OS Development with Unikernel
retrage
1
610
LLVM Backend Development for EFI Byte Code
retrage
2
1k
Other Decks in Programming
See All in Programming
「コードは上から下へ読むのが一番」と思った時に、思い出してほしい話
panda728
PRO
39
26k
從冷知識到漏洞,你不懂的 Web,駭客懂 - Huli @ WebConf Taiwan 2025
aszx87410
2
3.1k
AIコーディングエージェント(Gemini)
kondai24
0
280
GoLab2025 Recap
kuro_kurorrr
0
780
Java 25, Nuevas características
czelabueno
0
120
Patterns of Patterns
denyspoltorak
0
370
AIエンジニアリングのご紹介 / Introduction to AI Engineering
rkaga
8
3.4k
PC-6001でPSG曲を鳴らすまでを全部NetBSD上の Makefile に押し込んでみた / osc2025hiroshima
tsutsui
0
190
AtCoder Conference 2025「LLM時代のAHC」
imjk
2
600
SwiftUIで本格音ゲー実装してみた
hypebeans
0
510
AIコーディングエージェント(NotebookLM)
kondai24
0
240
AI Agent Tool のためのバックエンドアーキテクチャを考える #encraft
izumin5210
4
1.3k
Featured
See All Featured
How to Build an AI Search Optimization Roadmap - Criteria and Steps to Take #SEOIRL
aleyda
1
1.8k
Ecommerce SEO: The Keys for Success Now & Beyond - #SERPConf2024
aleyda
1
1.7k
Kristin Tynski - Automating Marketing Tasks With AI
techseoconnect
PRO
0
110
ラッコキーワード サービス紹介資料
rakko
0
1.8M
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
twada
PRO
115
94k
Future Trends and Review - Lecture 12 - Web Technologies (1019888BNR)
signer
PRO
0
3.1k
Bioeconomy Workshop: Dr. Julius Ecuru, Opportunities for a Bioeconomy in West Africa
akademiya2063
PRO
0
31
The Spectacular Lies of Maps
axbom
PRO
1
400
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
46
2.6k
Sam Torres - BigQuery for SEOs
techseoconnect
PRO
0
150
How to build an LLM SEO readiness audit: a practical framework
nmsamuel
1
590
Bootstrapping a Software Product
garrettdimon
PRO
307
120k
Transcript
GitHub ActionsͰ DevSecOpsͬ͜͝ June 13, 2022 ୈ5ճLTձ Akira Moroo (@retrage)
GitHub Actions (GHA) • GitHubʹ౷߹͞Ε͍ͯΔ • ઃఆϑΝΠϧΛஔ͢Δ͚ͩ • ߏԽ͞Ε͍ͯΔ •
࠷খ୯Ґ: step • ίϚϯυ࣮ߦ or action࣮ߦ • actionࣗ࡞Մೳ CI/CDαʔϏεͷ1ͭ Job Work f low Step
actionͷ࡞Γํ • GitHubϦϙδτϦԼʹ action.yamlΛஔ • action.yaml: actionΛఆٛ • ೖྗ (▪)
• ग़ྗ (▪) • ࣮ߦޙͷstepͰࢀরՄೳ • ࣮ߦํ๏ (▪) Yamlϙϯஔ͖Ͱ؆୯
actionͷछྨ ࣮ߦํ๏ʹΑͬͯ3छྨʹ͚ΒΕΔ • JavaScript action: JavaScriptͷΈͰهड़ • Docker container action:
ίϯςφΛ࣮ߦ • Composite action: ࠶ར༻ՄೳͳGHA work f low (stepͷू·Γ) • Docker container action͕Ұ൪ࣗ༝͕ߴ͍: • 👉 ڥΛด͡ࠐΊͯ͋͛Ε͓खܰʹDevSecOpsͬ͜͝Ͱ͖ͦ͏
Actionࣗ࡞ͯ͠Έͨ • ࣗ࡞UEFI SMM੩తղੳGhidraϓ ϥάΠϯΛར༻ • non-GUI GhidraΛ࣮ߦ • ೖྗ
(▪): ղੳରͷόΠφϦ • ग़ྗ (▪): ղੳ݁Ռ • ࣮ߦํ๏ (▪): Docker container
Actionࣗ࡞ͯ͠Έͨ • ೖྗ (▪) όΠφϦ͚ͩ • ϓϩϓϥͰOK • ग़ྗ (▪)
JUnit XML format • ղੳ݁Ռͷ࠶ར༻ੑ্ • ӈͷྫͰղੳ݁ՌΛطଘ ͷactionʹ͍ͯ͠Δ (▪) ϙΠϯτ
Actionࣗ࡞ͯ͠Έͨ: ղੳ݁Ռྫ ղੳ݁ՌͷJUnit XML formatग़ྗ ݕग़ͨ݁͠ՌΛΤϥʔͱͯ͠ใࠂ
Actionࣗ࡞ͯ͠Έͨ: ղੳ݁Ռྫ JUnit XML formatͰग़ྗ͢Δ͜ͱͰۤ࿑ͤͣʹղੳ݁ՌΛCIʹΈࠐΊͨ
Actionࣗ࡞ͯ͠Έͨ: վળ • ݡ͘ղੳ݁ՌΛग़ྗ͍ͨ͠ • ࠓճղੳϩάΛPythonͰύʔεͯ͠ແཧΓJUnit XML formatʹม • ϓϥάΠϯ͕JSON/XMLΛग़ྗ͢Δ͖
• ·ͱͳόΠφϦͷղੳ݁Ռදࣔػೳ͕΄͍͠ • JUnit XML formatGHAίʔυͷߦͱྻϨϕϧͷΞϊςʔγϣϯͷΈ • ؤுͬͯΤϥʔʹٯΞηϯϒϧ݁ՌΛදࣔ͢Δ͔͠ͳ͍
·ͱΊ • GitHub ActionsGitHubʹ౷߹͞ΕͨCI/CDαʔϏε • GHAͷaction؆୯ʹࣗ࡞Մೳ • Action3छྨ͋Δ͕ɺDocker container action͕Ұ൪ࣗ༝͕ߴ͍
• ࣗ࡞UEFI SMM੩తղੳGhidraϓϥάΠϯͷactionΛ࡞ͬͯΈͨ • JUnit XML formatͰग़ྗ͢Δ͜ͱͰղੳ݁Ռͷ࠶ར༻ੑ͕ߴ͘ͳͬͨ • ݱঢ়ͰόΠφϦͷղੳ݁Ռද͕ࣔඞཁ
retrage
panda728
aszx87410
kondai24
kuro_kurorrr
czelabueno
denyspoltorak
rkaga
tsutsui
imjk
hypebeans
izumin5210
aleyda
techseoconnect
rakko
twada
signer
akademiya2063
axbom
bcantrill
nmsamuel
garrettdimon
