28,79 €
Mehr erfahren.
- Herausgeber: Packt Publishing
- Kategorie: Fachliteratur
- Sprache: Englisch
- Veröffentlichungsjahr: 2024
Say goodbye to tedious tasks! GitHub Actions is a powerful workflow engine that automates everything in the GitHub ecosystem, letting you focus on what matters most.
This book explains the GitHub Actions workflow syntax, the different kinds of actions, and how GitHub-hosted and self-hosted workflow runners work. You’ll get tips on how to author and debug GitHub Actions and workflows with Visual Studio Code (VS Code), run them locally, and leverage the power of GitHub Copilot. The book uses hands-on examples to walk you through real-world use cases that will help you automate the entire release process. You’ll cover everything, from automating the generation of release notes to building and testing your software and deploying securely to Azure, Amazon Web Services (AWS), or Google Cloud using OpenID Connect (OIDC), secrets, variables, environments, and approval checks.
The book goes beyond CI/CD by demonstrating recipes to execute IssueOps and automate other repetitive tasks using the GitHub CLI, GitHub APIs and SDKs, and GitHub Token. You’ll learn how to build your own actions and reusable workflows to share building blocks with the community or within your organization.
By the end of this GitHub book, you'll have gained the skills you need to automate tasks and work with remarkable efficiency and agility.
Das E-Book können Sie in Legimi-Apps oder einer beliebigen App lesen, die das folgende Format unterstützen:
Seitenzahl: 224
Ähnliche
GitHub Actions
Cookbook
A practical guide to automating repetitive tasks and streamlining your development process
Michael Kaufmann
GitHub Actions Cookbook
Copyright © 2024 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
Group Product Manager: Preet Ahuja
Publishing Product Manager: Prachi Rana
Book Project Manager: Srinidhi Ram
Senior Editor: Sayali Pingale
Technical Editor: Rajat Sharma
Copy Editor: Safis Editing
Indexer: Tejal Soni
Production Designer: Joshua Misquitta
Developer Relations Marketing Executive: Rohan Dobhal
First published: April 2024
Production reference: 1050424
Published by Packt Publishing Ltd.
Grosvenor House
11 St Paul’s Square
Birmingham
B3 1RB, UK
ISBN 978-1-83546-894-4
www.packtpub.com
To my family, who had to spend many weekends and nights without me. To my colleagues from Xebia and the DevOps community for giving me feedback, challenging my ideas, and giving me the opportunity to learn.
– Michael Kaufmann
Contributors
About the author
Michael Kaufmann believes that developers and engineers can be happy and productive at work. He loves DevOps, GitHub, Azure, and modern work.
Microsoft has awarded him with the title Microsoft Regional Director (RD) and Microsoft Most Valuable Professional (MVP) – the latter in the category of DevOps and GitHub.
Michael is also the founder and managing director of Xebia Microsoft Services, Germany – a consulting company that helps its customers become digital leaders by supporting them in their cloud, DevOps, and digital transformation.
Michael shares his knowledge in books, training, and as a frequent speaker at international conferences.
About the reviewers
Mickey Gousset is a staff DevOps architect at GitHub. He is passionate about DevOps and helping developers achieve their goals. Mickey speaks on DevOps and cloud topics at various user groups, code camps, and conferences around the world.
Jamie O’Meara is a passionate technical and business leader with a strong emphasis on software development and data. He is currently a principal solution engineer at GitHub helping customers establish their GitHub solutions and adopt them at scale. GitHub Copilot has piqued his interest in learning more about the use of generative AI. He has been a speaker at various international conferences (VMworld, SpringOne, Cloud Foundry Summit, and more). He is also very interested in the VC community and an avid follower of the start-up ecosystem.
Table of Contents
Preface
1
GitHub Actions Workflows
Technical requirements
The GitHub ecosystem
Hosting and pricing for GitHub
Pricing for GitHub Actions
GitHub Marketplace
Using the workflow editor for writing workflows
Getting ready
How to do it…
How it works…
There’s more…
Using secrets and variables
Getting ready
How to do it…
There’s more…
Creating and using environments
Getting ready
How to do it…
There’s more…
2
Authoring and Debugging Workflows
Using Visual Studio Code for authoring workflows
Getting ready…
How to do it…
How it works…
There’s more…
Developing workflows in branches
Getting ready…
How to do it…
How it works…
There’s more…
Linting workflows
Getting ready…
How to do it…
How it works…
There’s more…
Writing messages to the log
Getting ready…
How to do it…
How it works…
Enabling debug logging
How to do it…
There’s more…
Running your workflows locally
Getting ready…
How to do it…
How it works…
There’s more…
3
Building GitHub Actions
Technical requirements
Creating a Docker container action
Getting ready…
How to do it…
How it works…
There’s more…
Adding output parameters and using job summaries
Getting ready…
How to do it…
How it works…
There’s more…
Creating a TypeScript action
Getting ready…
How to do it…
How it works…
There’s more…
Creating a composite action
Getting ready…
How to do it…
How it works…
There’s more…
Using github-script in a composite action to add a comment to an issue
How to do it…
How it works…
There’s more…
Sharing actions to the marketplace
Getting ready…
How to do it…
How it works…
There’s more…
4
The Workflow Runtime
Technical requirements
Setting up a self-hosted runner
Getting ready…
How to do it…
How it works…
There’s more…
Auto-scaling self-hosted runners
Getting ready…
How to do it…
How it works…
There’s more…
Scaling self-hosted runners with Kubernetes using ARC
Getting ready…
How to do it…
How it works…
There’s more…
Runners and runner groups
Getting ready…
How to do it…
GitHub-hosted runners
Getting ready…
How to do it…
How it works…
5
Automate Tasks in GitHub with GitHub Actions
Technical requirements
Creating an issue template
Getting ready…
How to do it…
How it works…
There is more…
Using the GitHub CLI and GITHUB_TOKEN to access resources
Getting ready…
How to do it…
How it works…
Using environments for approvals and checks
Getting ready…
How to do it…
How it works…
There is more…
Reusable workflows and composite actions
Getting ready…
How to do it…
How it works…
There is more…
6
Build and Validate Your Code
Technical requirements
Building and testing your code
Getting ready
How to do it…
How it works…
There’s more…
Building different versions using a matrix
Getting ready
How to do it…
How it works…
There’s more…
Informing the user on details of your build and test results
Getting ready
How to do it…
How it works…
There’s more…
Finding security vulnerabilities with CodeQL
Getting ready
How to do it…
How it works…
There’s more…
Creating a release and publishing the package
Getting ready
How to do it…
How it works…
There’s more…
Versioning your packages
Getting ready
How to do it…
How it works…
There’s more…
Generating and using SBOMs
Getting ready
How to do it…
How it works…
There’s more…
Using caching in workflows
Getting ready
How to do it…
How it works…
There’s more…
7
Release Your Software with GitHub Actions
Technical requirements
Building and publishing a container
Getting ready…
How to do it…
How it works…
There’s more…
Using OIDC to securely deploy to any cloud
Getting ready…
How to do it…
How it works…
Environment approval checks
Getting ready…
How to do it…
How it works…
Releasing the container application to AKS
Getting ready…
How to do it…
How it works…
There’s more…
Automating the update of your dependencies
Getting ready…
How to do it…
How it works…
There’s more…
Clean up
Summary
Index
Other Books You May Enjoy
Preface
GitHub is more than just a platform for hosting and sharing code. With millions of developers from all over the world collaborating on projects of every type and size, it has become the beating heart of the open source community. With GitHub Actions, GitHub now has its own workflow platform that allows engineers and developers to automate all kinds of repetitive engineering tasks – from Continuous Integration (CI) and Continuous Deployment (CD) to IssueOps, automatic issue triaging, and ChatOps.
This book will show you how to make the most of GitHub Actions in your day-to-day life. It is a practical book – so we will have you do as much as possible and explain the theory alongside the individual recipes.
Who this book is for
If you are looking for a practical approach to learning GitHub Actions, this book is for you, whether you are a software developer or a DevOps engineer. If you have already played around with Actions on your own but want to learn more; you have experience with other CI/CD tools, such as Jenkins or Azure Pipelines; or you are completely new to the topic – it doesn’t matter, you’ll find this book helpful.
In order to learn from this book, you should have a basic understanding of at least one programming or script language, Git as a version control system, and infrastructure topics such as Docker, the Linux and Windows filesystems, and authentication.
What this book covers
Chapter 1, GitHub Actions Workflows, will introduce you to GitHub Actions workflows and what you can do with them. You will learn about YAML basics, events that trigger workflows, and expressions, as well as how to use GitHub Actions from the marketplace to automate all kinds of tasks.
Chapter 2, Authoring and Debugging Workflows, will teach you best practices for authoring workflows: how to use Visual Studio Code and GitHub Codespaces and various add-ins to efficiently create, edit, and run workflows, check them for errors with powerful linters, develop them in branches, and run them locally. You will also learn how you can debug them and turn on advanced logging.
Chapter 3, Building GitHub Actions, explains the different types of GitHub actions, and you will learn how to use input and output. You will write your own Docker container action, a TypeScript action, and a composite action.
Chapter 4, The Workflow Runtime, is about the different runtime options for your workflows. You will learn how to use different GitHub-hosted runners and how to set up and scale ephemeral, self-hosted runners in Docker containers and Kubernetes with GitHub Actions Controller (GHAC).
Chapter 5, Automate Tasks in GitHub with GitHub Actions, will show you how to use Issue-Ops to automate common tasks within GitHub. You will learn how to authenticate with GitHub Apps, use GITHUB_TOKEN and workflow permissions, use the GitHub CLI to automate tasks, use environments for approvals and checks, and use reusable workflows and composite actions to share logic across workflows and repositories.
Chapter 6, Build and Validate Your Code, is about CI. You will learn how to build and test different versions of your code with the same workflow, find security vulnerabilities in your code with CodeQL, attach a Software Bill of Materials (SBOM) to your release, automate the versioning of your software, and use caching to speed up your workflows.
Chapter 7, Release Your Software with GitHub Actions, covers continuous delivery and continuous deployment. You will learn how to securely deploy to the cloud using OpenID Connect (OIDC) and how to deploy containers to Kubernetes – whether it is Microsoft Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), or Elastic Container Services (ECS). You will also learn how to use Dependabot together with GitHub Actions to completely automate the update of your dependencies.
To get the most out of this book
You will need the following:
Software/hardware covered in the book
OS requirements
GitHub
All operating systems are compatible. You will need an account on https://github.com.
Visual Studio Code
All operating systems are compatible. If you want, you can use GitHub Codespaces for all recipes. In this case, you don’t have to install anything locally. If you want to work locally, then you’ll need Visual Studio Code (https://code.visualstudio.com/download) and the subsequent tools.
Git
Only required if you work locally. All operating systems are compatible. You should have an up-to-date version of Git installed (at least version 2.23).
GitHub CLI
Only required if you work locally. Install the GitHub CLI (https://cli.github.com/).
Node.js
Only required if you work locally. You’ll need an up-to-date version of Node.js (I’m using 21 at the time of writing). All operating systems are compatible. Download the latest version here: https://nodejs.org/en/download/current.
Docker
Only required if you work locally. Get Docker for all operating systems here: https://docs.docker.com/get-docker/.
Azure and the Azure CLI
For some chapters, you’ll need an Azure account and the Azure CLI. A free test version will be sufficient (https://azure.microsoft.com/en-us/free). If you want to work locally, you’ll also need the Azure CLI.
All recipes can be done with a free GitHub account in public repositories. You can use GitHub Codespaces to do anything in a virtual environment. This will use up your 120 free hours per month (180 with GitHub Pro). Be aware of that. Once the free hours are used, you’ll have to pay per minute for Codespaces.
If you are using the digital version of this book, we advise you to type the code yourself or access the code via the GitHub repository (link available in the next section). Doing so will help you avoid any potential errors related to the copying and pasting of code.
Download the example code files
You can download the example code files for this book from GitHub at https://github.com/PacktPublishing/GitHub-Actions-Cookbook. If there’s an update to the code, it will be updated in the GitHub repository.
We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!
Conventions used
There are a number of text conventions used throughout this book.
Code in text: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: “We can do this, for example, using the sed 's/./&/g' command.”
A block of code is set as follows:
jobs: build-and-push-image: runs-on: ubuntu-latest permissions: packages: writeWhen we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:
"dependencies": { "@wulfland/package-recipe": "^2.0.5", "express": "^4.18.2" }Any command-line input or output is written as follows:
$ npm start > [email protected] start > node src/index.js Server running at http://localhost:3000Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: “In your repository, navigate to Settings | Secrets and Variables | Actions.”
Tips or important notes
Appear like this.
Sections
In this book, you will find several headings that appear frequently (Getting ready, How to do it..., How it works..., and There’s more...).
To give clear instructions on how to complete a recipe, use these sections as follows:
Getting ready
This section tells you what to expect in the recipe and describes how to set up any software or any preliminary settings required for the recipe.
How to do it…
This section contains the steps required to follow the recipe.
How it works…
This section usually consists of a detailed explanation of what happened in the previous section.
There’s more…
This section consists of additional information about the recipe in order to make you more knowledgeable about the recipe.
Get in touch
Feedback from our readers is always welcome.
General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at [email protected].
Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/support/errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.
Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.
If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.
Share your thoughts
Once you’ve read GitHub Actions Cookbook, we’d love to hear your thoughts! Please click here to go straight to the Amazon review page for this book and share your feedback.
Your review is important to us and the tech community and will help us make sure we’re delivering excellent quality content.
Download a free PDF copy of this book
Thanks for purchasing this book!
Do you like to read on the go but are unable to carry your print books everywhere?
Is your eBook purchase not compatible with the device of your choice?
Don’t worry, now with every Packt book you get a DRM-free PDF version of that book at no cost.
Read anywhere, any place, on any device. Search, copy, and paste code from your favorite technical books directly into your application.
The perks don’t stop there, you can get exclusive access to discounts, newsletters, and great free content in your inbox daily
Follow these simple steps to get the benefits:
Scan the QR code or visit the link belowhttps://packt.link/free-ebook/9781835468944
Submit your proof of purchaseThat’s it! We’ll send your free PDF and other benefits to your email directly1
GitHub Actions Workflows
GitHub is more than just a platform for hosting and sharing code. With millions of developers from all over the world collaborating on projects of every type and size, it has become the beating heart of the open source community. Since its foundation in 2008, GitHub has grown to host over 200 million repositories and 100 million users, with a staggering 3.5 billion contributions made in the last year alone. With GitHub Actions, engineers and developers can now automate all kinds of workflows and repetitive engineering tasks – from Continuous Integration (CI) and Continuous Deployment (CD) to IssueOps, automatic issue triaging, and ChatOps. GitHub Actions is much more than just a CI/CD tool – it’s a comprehensive automation platform that can help streamline your entire development workflow.
This book will show you how to make the most of GitHub Actions in your day-to-day life. It is a practical book – so you will do as much as possible, and I will explain the theory alongside the individual recipes.
In this chapter, you will learn the basics of workflows in GitHub: workflow files, the workflow and YAML syntax, events that trigger workflows, expressions, secrets, and environments, and you will write your first workflows.
We’re going to cover the following main topics in this chapter:
The GitHub ecosystemHosting and pricing for GitHubPricing for GitHub ActionsGitHub MarketplaceUsing the workflow editor for writing workflowsUsing secrets and variablesCreating and using environmentsTechnical requirements
For this chapter, you will need a free GitHub account and a browser. Just sign up under https://github.com/signup if you do not have an account yet.
You will find all the recipes and example code in the repository at https://github.com/wulfland/GitHubActionsCookbook.
The GitHub ecosystem
GitHub is built around the decentralized gitversion control system (VCS), which has played a significant role in transforming the way in which software is developed. But GitHub is more than just hosting of git repositories – it has evolved into a holistic DevOps platform with capabilities in the following areas:
Collaborative codingPlanning and trackingWorkflows and CI/CDDeveloper productivityClient applicationsSecurityFrom the very beginning, GitHub has prioritized a developer-centric approach, resulting in a platform that places utmost importance on webhooks and APIs. Developers can leverage either the REST or the GraphQL API to manipulate all aspects of the GitHub platform. In addition to that, developers can use GitHub as an identity provider (IdP) to access their applications. This approach facilitates seamless integration with other tools and platforms, making GitHub what it is today: the place where the world builds software.
To understand the power of GitHub Actions, one must take into account that you can use it to automate all kinds of tasks in the entire ecosystem – not just code. This includes the following:
Planning and tracking: GitHub offers issues and milestones, GitHub Discussions, and GitHub Projects for planning and tracking. It also integrates seamlessly with other popular planning and tracking solutions such as Jira, Trello, or Azure Boards.Client applications: GitHub provides Visual Studio Code as a code editor that can be accessed directly in the browser (https://github.dev), mobile applications for both iOS and Android platforms, to collaborate from anywhere, a cross-platform desktop application, and has an extensible CLI available.It also integrates with all the common IDEs such as Visual Studio, Visual Studio Code, and Eclipse, and with popular chat platforms such as Slackand Teams.
Security: GitHub Advanced Security provides software supply-chain security with Dependabot, Secret Scanning, and code scanning with CodeQL. It also supports integrations with tools such as Snyk, Veracode, or Checkmarx, and it can be integrated into Microsoft’s Defender for DevOps.Developer productivity: GitHub offers a virtual containerized development environment – GitHub Codespaces – and GitHub Copilot, an AI-powered assistant that can help you write and understand code. GitHub also offers code search, a command palette, and other features that can further enhance developer productivity.Workflows and CI/CD: Beyond GitHub Actions, GitHub supports most CI/CD tools in the market. Furthermore, GitHub provides secure integration with all the major cloud providers for CI/CD workflows using Open ID Connect (OIDC). GitHub Packages provides a package registry that supports a wide range of package formats and native npm support – but all the other major package registries also integrate with GitHub.GitHub Actions can be used to automate tasks and build solutions across the entire GitHub ecosystem (see Figure 1.1):
Figure 1.1 – The GitHub ecosystem and its integrations
In this book, I will provide practical recipes for workflows across all the major areas so that you will be able to automate all kinds of real-world development tasks.
Hosting and pricing for GitHub
All the examples in this book are done on https://github.com – the Software-as-a-Service (SaaS) offering from GitHub. Signing up for GitHub is free and provides users with unlimited private and public repositories. Nearly all features on GitHub are available free for open source projects (public repositories), but they may require a paid license for private repositories. In public repos, you have unlimited minutes for actions. That’s why it is important to do all the recipes in public repos – if not, you will burn rapidly through your 2,000 minutes per month.
GitHub’s pricing model is based on a monthly per-user billing system and consists of three tiers: Free, Team, and Enterprise (see Figure 1.2):
Figure 1.2 – GitHub pricing tiers
As mentioned earlier, public repos are entirely free – including GitHub Actions, Packages, and security features such as Dependabot and Secret Scanning. Private repos are also free, but only with limited functionality for collaboration. It does not include protected branches, Codeowners, and some advanced pull request features. For private repos, you have 2,000 free minutes in the free tier. To unlock the collaboration features, you’ll need to acquire a Team license for $4 per user per month. The Team plan then also includes 3,000 minutes for GitHub Actions.
The GitHub Enterprise plan brings all the Enterprise features – such as single sign-on (SSO) with Security Assertion Markup Language (SAML) and System for Cross-domain Identity Management (SCIM), Enterprise Managed Users, and the IP allow list. It also comes equipped with 50,000 minutes for GitHub Actions – but it also costs $21 per user per month.
In addition to the SaaS offering, GitHub also provides an appliance for self-hosting – GitHub Enterprise Server (GHES). It is available for AWS, GCP, Azure, or on-premises on Hyper-V, OpenStack KVM, or VMware ESXi. GHES is only available with the Enterprise plan. You can also combine GHES with GitHub Enterprise Cloud (GHEC) and share the same license for both hosting options.
GHES and GitHub Actions
Keep in mind that you cannot use GitHub-hosted runners for your workflow if you run GHES. You will have to provide your own runners for your workflows and ensure that they are secure and clean up their workflow artifacts. Typically, this is done on Kubernetes with Actions Runner Controller (ARC – https://github.com/actions/actions-runner-controller). You will learn more about this in Chapter 4, The Workflow Runtime.
Pricing for GitHub Actions
Running your workflows on self-hosted runners is completely free as you bring your own compute. Running workflows in public repositories is also free – even on the powerful runners provided by GitHub. GitHub-hosted runners are available on Linux, Windows, and macOS and in different sizes. If you want to leverage these runners in private repositories, you’ll be charged per minute. The different runners use different minute multipliers (see Table 1.1). Running a workflow on Linux will reduce 1 of your free minutes per minute – and you will be charged $0.008 if you exceed your free minutes. Windows will burn twice as fast through your free minutes and costs $0.08 per minute after that. And macOS will burn 10 times faster through your minutes and charges $0.016 per minute when you have reached the limit of your included minutes:
Operating system
Minute multiplier
Price per minute
Linux
1
$0.008
Windows
2
$0.080
macOS
10
$0.016
Table 1.1 – Pricing per minute for GitHub-hosted runners
That’s the reason why I use Linux for most of the examples in this book and why I always encourage my customers to run as much workload on Linux as possible.
If you use GHEC or the Team plan and you need machines with more power, then you can leverage larger GitHub-hosted runners. They are charged by minute (see Table 1.2) and have additional features such as static IP ranges:
vCPUs
Linux
Windows
macOS
2
$0.008
$0.016
3
$0.08
4
$0.016
8
$0.032
$0.064
12
$0.32
16
$0.064
$0.128
32
$0.128
$0.256
64
$0.256
$0.512
Table 1.2 – Per-minute rate for larger runners
Private networking
In addition to static IP ranges, you can also use Azure private networking to connect GitHub-hosted runners directly to your resources. At the time of writing, this feature is still in beta and might change. See the following link for moreinformation: https://docs.github.com/en/enterprise-cloud@latest/admin/configuration/configuring-private-networking-for-hosted-compute-products/about-networking-for-hosted-compute-products.
GitHub Actions also consumes storage – for example, for logs, workflow artifacts, or caching. If you exceed your included storage, you will be billed $0.008 per GB per day.
Keep in mind that pricing may change, and refer to the GitHub documentation for up-to-date information (https://docs.github.com/en/billing/managing-billing-for-github-actions/about-billing-for-github-actions).
And to learn GitHub Actions and experiment with workflows – just do everything in public repositories and you will not have to pay, either for compute or for storage.
GitHub Marketplace
GitHub offers a community-driven marketplace (https://github.com/marketplace) that contains currently more than 20,000 GitHub Actions that you can reuse as building blocks in your workflows (see Figure 1.3):
Figure 1.3 –GitHub Marketplace contains more than 20,000 reusable actions
If an action is by the author actions
