Demystifying GitHub Actions - Harnessing the power of automation to streamline your development process
VictorSzoltysek
31 views
43 slides
Sep 09, 2024
Slide 1 of 52
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
About This Presentation
Dive into this deck on GitHub Actions, where we blend essential automation tips with fun movie-themed memes! Learn how to optimize your workflows, secure projects, and identify all the film references. Perfect for developers eager to enhance their GitHub skills and add efficiency to their processes....
Slide Content
By: Victor Szoltysek
Aug 30th / 2024
RAVL EIP
Harnessing the power of automation to
streamline your development process
DEMYSTIFYING
GITHUB ACTIONS
Aug 30th / 2024
RAVL EIP
Harnessing the power of automation to
streamline your development process
DEMYSTIFYING
GITHUB ACTIONS
GITHUB ACTIONS IS EASY
Essentially a scheduler and runner that's incredibly simple to use.
Free for public repositories on GitHub.
Just add a GitHub Action file to define what to do and when.
Meant to be used by developer (directly).
GitHub Actions: a Developer's Best Friend
Essentially a scheduler and runner that's incredibly simple to use.
Free for public repositories on GitHub.
Just add a GitHub Action file to define what to do and when.
Meant to be used by developer (directly).
GitHub Actions: a Developer's Best Friend
When
What
What
HOW DO I BUILD THIS AGAIN?
Avoid the "works on my machine" syndrome.
Implement from day one—you'll thank me later.
Simplify your current 47-step build process.
Build Consistency: Once and for all
Avoid the "works on my machine" syndrome.
Implement from day one—you'll thank me later.
Simplify your current 47-step build process.
Build Consistency: Once and for all
On Code Commit
Checkout
Code
Setup Java
Run Build
Checkout
Code
Setup Java
Run Build
WHO BROKE THE BUILD?
Immediate action required if the build fails: fix or roll back.
Temporary red builds are fine; permanent red is not.
Tip: Use Webhooks (MS Teams) to keep everyone informed.
Keeping the Build Green
Immediate action required if the build fails: fix or roll back.
Temporary red builds are fine; permanent red is not.
Tip: Use Webhooks (MS Teams) to keep everyone informed.
Keeping the Build Green
Custom Action
Easy to create custom
MS Teams Incoming
Webhook (just
copy+paste the URL)
MS Teams Incoming
Webhook (just
copy+paste the URL)
ENHANCING YOUR BUILD PROCESS
As a dev team, add additional checks to ensure quality.
Linting, Code Analysis, Unit Testing etc.
Use the same checks locally and on GitHub Actions.
Automate More, Stress Less
As a dev team, add additional checks to ensure quality.
Linting, Code Analysis, Unit Testing etc.
Use the same checks locally and on GitHub Actions.
Automate More, Stress Less
Note - one call (not
multiple)
multiple)
PRESERVING BUILDS
By default, builds are temporary—learn to save what matters.
Preserve build artifacts for deployment and future
reference.
Ensure the availability and integrity of your artifacts.
Securing Your Build Artifacts
By default, builds are temporary—learn to save what matters.
Preserve build artifacts for deployment and future
reference.
Ensure the availability and integrity of your artifacts.
Securing Your Build Artifacts
WHAT’S IN THE BUILD?
Eliminate the "Is it deployed yet?" and "What’s in the build?"
confusion — you’re thank me later.
Uniquely version your builds — it’s easy! Don’t make it hard !
Unique filename and runtime check of version including GitHash /
Build Time / and version number.
Know Your Build Inside Out
Eliminate the "Is it deployed yet?" and "What’s in the build?"
confusion — you’re thank me later.
Uniquely version your builds — it’s easy! Don’t make it hard !
Unique filename and runtime check of version including GitHash /
Build Time / and version number.
Know Your Build Inside Out
Gradle (Java) Build Script Snippet
Auto GitHub Environment
Variable
Auto GitHub Environment
Variable
You know exactly
what’s deployed
endpoint
what’s deployed
endpoint
WHERE’S THE DEPLOY BUTTON?
Prevent the scramble for deployment procedures and credentials due to
infrequent use.
Set up automated deployments from Day 1 — You’ll thank me later.
Don’t store secrets/passwords in source control—use GitHub Secrets instead.
You can also add manual gates (approval steps).
Deployment at a Click
Prevent the scramble for deployment procedures and credentials due to
infrequent use.
Set up automated deployments from Day 1 — You’ll thank me later.
Don’t store secrets/passwords in source control—use GitHub Secrets instead.
You can also add manual gates (approval steps).
Deployment at a Click
MY BUILDS ARE SLOW
Builds slow down as projects grow
Keep core builds under 10 minutes for fast feedback
Profile builds and fix slow steps
Managing Build Performance
Builds slow down as projects grow
Keep core builds under 10 minutes for fast feedback
Profile builds and fix slow steps
Managing Build Performance
MY BUILDS ARE SLOW
The term "Pipeline" is deceptive; it implies sequential steps for DevOps.
Parallelize builds across actions, steps and agents to save time.
Avoiding making multiple sequential calls just to get the pretty pipeline
steps.
Why 'Pipeline' Can Be a Misnomer
The term "Pipeline" is deceptive; it implies sequential steps for DevOps.
Parallelize builds across actions, steps and agents to save time.
Avoiding making multiple sequential calls just to get the pretty pipeline
steps.
Why 'Pipeline' Can Be a Misnomer
MY BUILDS ARE SLOW
Use caching actions to avoid redundant operations.
Treat every build as a release candidate; avoid multiple
identical builds (i.e. 4 instead of 1)
Skip builds for changes that don’t affect the final product.
Reducing Redundancy in Builds
Use caching actions to avoid redundant operations.
Treat every build as a release candidate; avoid multiple
identical builds (i.e. 4 instead of 1)
Skip builds for changes that don’t affect the final product.
Reducing Redundancy in Builds
Cache Maven (Java) Dependencies
Skip build on non-code changes
MY BUILDS ARE SLOW
Externalize slow, less critical tests into separate, less frequent
workflows.
Parallize execution (across agents) to reduce bottlenecks.
Handle slow, mandatory checks imposed by other teams in a
separate workflow, using CODEOWNER files to manage access rights.
Separating and Optimizing Slow Steps
Externalize slow, less critical tests into separate, less frequent
workflows.
Parallize execution (across agents) to reduce bottlenecks.
Handle slow, mandatory checks imposed by other teams in a
separate workflow, using CODEOWNER files to manage access rights.
Separating and Optimizing Slow Steps
Nightly Security Check
.github/OWNERS file — lock access for security check
KEY TAKEAWAYS
Try GitHub Actions on your next GitHub Public repo
Use ChatGPT to write your GitHub Actions scripts
Advocate for fast automated builds, quick feedback, auto deploys, and versioned
artifacts on your teams.
If things are brittle, slow, and manual — automate them and do them more often.
Action To Take
Try GitHub Actions on your next GitHub Public repo
Use ChatGPT to write your GitHub Actions scripts
Advocate for fast automated builds, quick feedback, auto deploys, and versioned
artifacts on your teams.
If things are brittle, slow, and manual — automate them and do them more often.
Action To Take
[email protected]
www.victorszoltysek.com
www.victorszoltysek.com
Reusable Workflows: Utilize reusable workflows to avoid duplication and maintain consistent standards across projects. Allow
for custom workflows when specific needs arise to maintain flexibility.
Custom Actions Development: Develop custom actions to automate unique processes tailored to your projects, enhancing
efficiency. Allow standard actions to be used alongside custom ones to avoid reinventing the wheel and opt for battle-tested,
official actions.
Use of CODEOWNERS Files: Implement CODEOWNERS files to secure and manage access to critical code changes.
Specifically, lock down workflow modifications to designated teams like Security or QA, ensuring controlled updates.
Dynamic Status Badges: Incorporate dynamic status badges in project READMEs to instantly show workflow health with a
dash of visual flair—adding some razzle-dazzle to your project's visibility.
Dependency Graphs Over Sequential Pipelines: Design workflows as dependency graphs rather than traditional sequential
pipelines. This approach optimizes execution paths and reduces waiting times by highlighting interdependencies and allowing
for concurrent executions.
Utilization of Built-in Variables: Leverage GitHub’s built-in environment variables for dynamic configuration management
across your workflows, minimizing manual setup and maintenance.
Secure Secrets Management: Use GitHub Secrets to securely manage sensitive information within your workflows, ensuring
that credentials are shielded and compliance is maintained.
Scheduled Workflows: Optimize resource utilization by scheduling non-critical workflows to run during off-peak hours,
reducing load and improving efficiency.
Essential GitHub Actions Insights for Advanced Workflows
for custom workflows when specific needs arise to maintain flexibility.
Custom Actions Development: Develop custom actions to automate unique processes tailored to your projects, enhancing
efficiency. Allow standard actions to be used alongside custom ones to avoid reinventing the wheel and opt for battle-tested,
official actions.
Use of CODEOWNERS Files: Implement CODEOWNERS files to secure and manage access to critical code changes.
Specifically, lock down workflow modifications to designated teams like Security or QA, ensuring controlled updates.
Dynamic Status Badges: Incorporate dynamic status badges in project READMEs to instantly show workflow health with a
dash of visual flair—adding some razzle-dazzle to your project's visibility.
Dependency Graphs Over Sequential Pipelines: Design workflows as dependency graphs rather than traditional sequential
pipelines. This approach optimizes execution paths and reduces waiting times by highlighting interdependencies and allowing
for concurrent executions.
Utilization of Built-in Variables: Leverage GitHub’s built-in environment variables for dynamic configuration management
across your workflows, minimizing manual setup and maintenance.
Secure Secrets Management: Use GitHub Secrets to securely manage sensitive information within your workflows, ensuring
that credentials are shielded and compliance is maintained.
Scheduled Workflows: Optimize resource utilization by scheduling non-critical workflows to run during off-peak hours,
reducing load and improving efficiency.
Essential GitHub Actions Insights for Advanced Workflows
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 31
- Slides 43
- Age 447 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
44 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
21
Know for Certain
DaveSinNM
19 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views