Continuous Delivery with GitHub Actions - DeliveryConf 2020

Transcript

1. Continuous Delivery with GitHub Actions DeliveryConf 2020 - Sean Sullivan

2. About me

3. None

4. Agenda CI/CD GitHub Actions Core concepts Security

5. CI/CD

6. “The most important practice for continuous integration to work properly

   is frequent check-ins to trunk”

7. “Continuous integration was first written about in Kent Beck’s book

   Extreme Programming Explained”
8. None

9. GITHUB ACTIONS

10. “GitHub Actions help you automate your software development workflows” source:

    GitHub.com

11. “You can write individual tasks, called actions, and combine them

    to create a custom workflow” source: GitHub.com

12. Getting started

13. Actions tab

14. Actions tab Starter Workflow

15. Workflow editor

16. Workflow editor

17. Workflow editor

18. Workflow editor checkout@v2

19. Workflow editor setup-java@v1

20. Workflow editor run: sbt test

21. Workflow editor click

22. Workflow editor click

23. .github/workflows

24. Actions tab

25. Actions tab

26. Actions tab

27. Ruby On Rails uses GitHub Actions

28. Ruby on Rails

29. Ruby on Rails

30. Ruby on Rails

31. Ruby on Rails

32. Core concepts

33. Events Actions Workflows

34. create deployment deployment_status issue created pull_request push schedule label created

    (and many more) Events trigger workflows

35. Workflows are custom automated processes that you can set up

    in your repository to build, test, package, release, or deploy source: GitHub.com

36. GitHub webhooks GitHub Actions workflows

37. Actions are individual tasks that you can combine to create

    jobs source: GitHub.com

38. You can create custom Actions or use Actions provided by

    the GitHub community source: GitHub.com

39. action.yml declares the inputs and outputs for an action source:

    GitHub.com

40. Types of Actions: JavaScript Docker source: GitHub.com

41. “GitHub Actions is available with GitHub Free, GitHub Pro, GitHub

    Team, and GitHub Enterprise Cloud” source: GitHub.com

42. What if I already have an existing CI tool enabled?

43. Keep your existing CI tool and enable GitHub Actions

44. Evaluate both CI tools running side-by-side

45. Actions runtime Runners Virtual Environments

46. Runners GitHub-hosted Self-hosted

47. Hosted Runners “GitHub hosts Linux and Windows runners on Standard_DS2_v2

    virtual machines in Microsoft Azure with the GitHub Actions runner application installed” source: GitHub.com

48. Self-Hosted Runners “Self-hosted runners can be physical, virtual, container, on-premises,

    or in a cloud” source: GitHub.com

49. Self-Hosted Runners

50. Self-Hosted Runners C Sharp

51. Virtual Environments

52. Ubuntu 18.04 Ubuntu 16.04 Linux support

53. Third party actions

54. AWS Actions Azure Actions Google Cloud Actions

55. Pulumi Actions Terraform Actions Twilio SMS Action

56. https://github.com/aws-actions

57. None

58. AWS: action.yml

59. Security

60. Secrets access protected keys using the secrets context object source:

    GitHub.com

61. Secrets source: GitHub.com

62. Secrets source: GitHub.com

63. Secrets source: GitHub.com

64. Secrets source: GitHub.com

65. Self-Hosted Runners “do not use self- hosted runners with public

    repositories” source: GitHub.com

66. Self-Hosted Runners “Forks of your public repository can potentially run

    dangerous code on your self-hosted runner machine” source: GitHub.com

67. Final thoughts

68. “CI ensures that the code that we create, as a

    team, works by providing us with rapid feedback on any problems”

69. “However, CI is not enough”

70. “end-to-end automation of our build, deploy, test, release processes”

71. GitHub Actions End-to-end pipeline Deploy with confidence Conclusion

72. Thank you twitter.com/tinyrobots github.com/sullis

73. Bonus slides

74. None

75. THE END