Continuous Delivery with GitHub Actions DeliveryConf January 21, 2020 Seattle Washington #GitHubActions #DeliveryConf
Continuous Deliverywith GitHub ActionsDeliveryConf 2020 - Sean Sullivan
View Slide
About me
AgendaCI/CDGitHub ActionsCore conceptsSecurity
CI/CD
“The most important practice forcontinuous integrationto work properly isfrequent check-ins to trunk”
“Continuous integrationwas first written aboutin Kent Beck’s bookExtreme Programming Explained”
GITHUBACTIONS
“GitHub Actions helpyou automate yoursoftware developmentworkflows”source: GitHub.com
“You can writeindividual tasks, calledactions, and combinethem to create acustom workflow”source: GitHub.com
Getting started
Actions tab
Actions tabStarter Workflow
Workflow editor
Workflow editorcheckout@v2
Workflow editorsetup-java@v1
Workflow editorrun: sbt test
Workflow editorclick
.github/workflows
Ruby On RailsusesGitHub Actions
Ruby on Rails
Core concepts
Events ActionsWorkflows
createdeploymentdeployment_statusissue createdpull_requestpushschedulelabel created(and many more)Events trigger workflows
Workflows are customautomated processesthat you can set up inyour repository tobuild, test, package,release, or deploysource: GitHub.com
GitHubwebhooksGitHubActionsworkflows
Actions are individualtasks that you cancombine to create jobssource: GitHub.com
You can create customActions or use Actionsprovided by the GitHubcommunitysource: GitHub.com
action.ymldeclares the inputsand outputs foran actionsource: GitHub.com
Types of Actions:JavaScriptDockersource: GitHub.com
“GitHub Actions isavailable withGitHub Free, GitHubPro, GitHub Team, andGitHub EnterpriseCloud”source: GitHub.com
What if Ialready have anexisting CI toolenabled?
Keep yourexisting CI tooland enableGitHub Actions
Evaluate bothCI toolsrunningside-by-side
Actions runtimeRunnersVirtual Environments
RunnersGitHub-hostedSelf-hosted
Hosted Runners“GitHub hosts Linux and Windowsrunners on Standard_DS2_v2 virtualmachines in Microsoft Azure withthe GitHub Actions runnerapplication installed”source: GitHub.com
Self-Hosted Runners“Self-hosted runners can bephysical, virtual, container,on-premises, or in a cloud”source: GitHub.com
Self-Hosted Runners
Self-Hosted RunnersC Sharp
Virtual Environments
Ubuntu 18.04Ubuntu 16.04Linux support
Third partyactions
AWS ActionsAzure ActionsGoogle Cloud Actions
Pulumi ActionsTerraform ActionsTwilio SMS Action
https://github.com/aws-actions
AWS: action.yml
Security
Secretsaccess protectedkeys using thesecrets contextobjectsource: GitHub.com
Secretssource: GitHub.com
Self-Hosted Runners“do not use self-hosted runners withpublic repositories”source: GitHub.com
Self-Hosted Runners“Forks of your publicrepository can potentiallyrun dangerous code onyour self-hosted runnermachine”source: GitHub.com
Final thoughts
“CI ensures that the code that wecreate, as a team, works by providingus with rapid feedbackon any problems”
“However, CI is not enough”
“end-to-end automationof our build, deploy, test,release processes”
GitHub ActionsEnd-to-end pipelineDeploy with confidenceConclusion
Thank youtwitter.com/tinyrobotsgithub.com/sullis
Bonus slides
THEEND