GitHub Actions overview December 16, 2021
GitHub Actions2021-12-16 Sean Sullivan
View Slide
AgendaGitHub ActionsCore conceptsSecurity
GITHUBACTIONS
“GitHub Actions helpyou automate yoursoftware developmentworkflows”source: GitHub.com
“You can writeindividual tasks, calledactions, and combinethem to create acustom workflow”source: GitHub.com
Getting started
Actions tab
Actions tabStarter Workflow
Workflow editor
Workflow editorcheckout
Workflow editorsetup-java
Workflow editorrun: sbt test
Workflow editorclick
.github/workflows
Ruby On RailsusesGitHub Actions
Ruby on Rails
RedisDropwizardLog4jOpen source projectsusing GitHub Actionstwilio-javaGuardrailNetflix Zuul
Core concepts
Events ActionsWorkflows
createdeploymentdeployment_statusissue createdpull_requestpushschedulelabel created(and many more)Events trigger workflows
Workflows are customautomated processesthat you can set up inyour repository tobuild, test, package,release, or deploysource: GitHub.com
GitHubwebhooksGitHubActionsworkflows
Actions are individualtasks that you cancombine to create jobssource: GitHub.com
You can create customActions or use Actionsprovided by the GitHubcommunitysource: GitHub.com
action.ymldeclares the inputsand outputs foran actionsource: GitHub.com
Types of Actions:JavaScriptDockersource: GitHub.com
“GitHub Actions isavailable withGitHub Free, GitHubPro, GitHub Team, andGitHub Enterprise”source: GitHub.com
What if Ialready have anexisting CI toolenabled?
Keep yourexisting CI tooland enableGitHub Actions
Evaluate bothCI toolsrunningside-by-side
Actions runtimeRunnersVirtual Environments
RunnersGitHub-hostedSelf-hosted
Hosted Runners“GitHub hosts Linux and Windowsrunners on Standard_DS2_v2 virtualmachines in Microsoft Azure withthe GitHub Actions runnerapplication installed”source: GitHub.com
Self-Hosted Runners“Self-hosted runners can bephysical, virtual, container,on-premises, or in a cloud”source: GitHub.com
Self-Hosted Runners
Self-Hosted RunnersC Sharp
Virtual Environments
Ubuntu 20.04Ubuntu 18.04Linux support
Third partyactions
AWS ActionsAzure ActionsGoogle Cloud Actions
Pulumi ActionsTerraform ActionsDocker Actions
https://github.com/aws-actions
AWS: action.yml
Security
Secretsaccess protectedkeys using thesecrets contextobjectsource: GitHub.com
Secretssource: GitHub.com
Self-Hosted Runners“do not use self-hosted runners withpublic repositories”source: GitHub.com
Self-Hosted Runners“Forks of your publicrepository can potentiallyrun dangerous code onyour self-hosted runnermachine”source: GitHub.com
Final thoughts
“CI ensures that the code that wecreate, as a team, works by providingus with rapid feedbackon any problems”
GitHub ActionsYAMLAutomationConclusion
Thank youtwitter.com/tinyrobotsgithub.com/sullis
Bonus slides
THEEND