Book Image

Mastering GitHub Actions

By : Eric Chapman
Book Image

Mastering GitHub Actions

By: Eric Chapman

Overview of this book

Navigating GitHub Actions often leaves developers grappling with inefficiencies and collaboration bottlenecks. Mastering GitHub Actions offers solutions to these challenges, ensuring smoother software development. With 16 extensive chapters, this book simplifies GitHub Actions, walking you through its vast capabilities, from team and enterprise features to organization defaults, self-hosted runners, and monitoring tools. You’ll learn how to craft reusable workflows, design bespoke templates, publish actions, incorporate external services, and introduce enhanced security measures. Through hands-on examples, you’ll gain best-practice insights for team-based GitHub Actions workflows and discover strategies for maximizing organization accounts. Whether you’re a software engineer or a DevOps guru, by the end of this book, you'll be adept at amplifying productivity and leveraging automation's might to refine your development process.

Related Content you might be interested in

Current Title:

Small book image
Mastering GitHub Actions
Eric Chapman
Mar, 2024 | 490 pages
No titles found
Table of Contents (22 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
Free Chapter
1
Part 1:Centralized Workflows to Assist with Governance
Part 1:Centralized Workflows to Assist with Governance
2
Chapter 1: An Overview of GitHub and GitHub Actions
Chapter 1: An Overview of GitHub and GitHub Actions
Technical requirements
Exploring the GitHub platform
The different types of accounts on GitHub
Creating a personal GitHub account
The different types of plans on GitHub
Creating an organization account
A brief introduction to GitHub Actions
An overview of organization accounts
The .github repository
Templates and reusable workflow repositories
Summary
3
Chapter 2: Exploring Workflows
Chapter 2: Exploring Workflows
Technical requirements
Exploring workflow capabilities
Workflow structuring and good habits
Exploring workflow jobs
Summary
4
Chapter 3: Deep Dive into Reusable Workflows and Composite Actions
Chapter 3: Deep Dive into Reusable Workflows and Composite Actions
Technical requirements
Setting up the CLI
Introducing reusable workflows
Understanding composite actions
Creating a reusable build pipeline
Debugging techniques for workflows
Workflow monitoring and alerting
Summary
5
Chapter 4: Workflow Personalization Using GitHub Apps
Chapter 4: Workflow Personalization Using GitHub Apps
Technical requirements
GitHub token options
Creating a GitHub App
Installing and managing the App’s credentials
Leveraging a GitHub App in various use cases
Summary
6
Chapter 5: Utilizing Starter Workflows in Your Team
Chapter 5: Utilizing Starter Workflows in Your Team
Technical requirements
What are starter workflows?
Creating our starter workflow
Utilizing our starter workflow
Applications of self-service reusable workflows
Summary
7
Part 2: Implementing Advanced Patterns within Actions
Part 2: Implementing Advanced Patterns within Actions
8
Chapter 6: Using HashiCorp Vault in GitHub
Chapter 6: Using HashiCorp Vault in GitHub
Technical requirements
Understanding what OIDC is
Setting up a HashiCorp Cloud Vault instance
Understanding secret engines and where secrets are stored
Enabling JWT authentication in HashiCorp
Setting up a workflow to use HashiCorp
Exploring other security hardening techniques
Summary
9
Chapter 7: Deploying to Azure Using OpenID Connect
Chapter 7: Deploying to Azure Using OpenID Connect
Technical requirements
Exploring our infrastructure using Bicep
Deploying locally with the Azure CLI
Deploying infrastructure alongside our application code
Authorizing our deployments with Azure and OIDC
Summary
10
Chapter 8: Working with Checks
Chapter 8: Working with Checks
Technical requirements
Exploring check suites and checks
Understanding commit statuses
Creating checks and check suites
Failing and passing checks
Creating custom actions
Exploring further action opportunities
Summary
11
Chapter 9: Annotating Code with Actions
Chapter 9: Annotating Code with Actions
Technical requirements
Exploring annotations within checks
Annotations in action
Creating annotations from build output
Creating annotations from a GitHub App using Probot
Summary
12
Chapter 10: Advancing with Event-Driven Workflows
Chapter 10: Advancing with Event-Driven Workflows
Technical requirements
Understanding GitHub events more deeply
Creating an issue from a pull request
Promoting your new releases
Designing a chatbot using ChatGPT
Helpful AI actions and apps
Summary
13
Chapter 11: Setting Up Self-Hosted Runners
Chapter 11: Setting Up Self-Hosted Runners
Technical requirements
Exploring self-hosted runners
Exploring ARC
Running ARC locally
Using the cloud for your runs
Advanced techniques with ARC
Housekeeping
Summary
14
Part 3: Best Practices, Patterns, Tricks, and Tips Toolkit
Part 3: Best Practices, Patterns, Tricks, and Tips Toolkit
15
Chapter 12: The Crawler Pattern
Chapter 12: The Crawler Pattern
Technical requirements
Introducing the crawler pattern
Making bulk repository changes
Making bulk content changes
Summary
16
Chapter 13: The Configuration Centralization Pattern
Chapter 13: The Configuration Centralization Pattern
Technical requirements
Understanding the central configuration pattern
Creating a repository indexer
Hosting the results using GitHub Pages
Summary
17
Chapter 14: Using Remote Workflows to Kickstart Your Products
Chapter 14: Using Remote Workflows to Kickstart Your Products
Technical requirements
Introducing repository dispatch events
Understanding product kickstarters
Internal developer portal and other use cases
Summary
18
Chapter 15: Housekeeping Tips for Your Organization
Chapter 15: Housekeeping Tips for Your Organization
Technical requirements
Managing GitHub costs
Optimizing uploads and downloads
Useful reporting techniques for your organization
Managing your action updates with Dependabot
Summary
19
Chapter 16: Handy Workflows for Managing Your Software
Chapter 16: Handy Workflows for Managing Your Software
Technical requirements
Exploring commit and pull request linters
SBOM generation as part of release management
Your actions toolkit
Summary
20
Index
Index
Why subscribe?
21
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

Installing and managing the App’s credentials

When it comes to controlling access to sensitive information in GitHub, there are two approaches:

  • Explicit and manual management: This involves specifying who can access the information and requires frequent manual updates
  • Accessible and easy-to-manage options: This approach allows broader access, but it should be approached with caution to avoid unintended exposure of sensitive data to unauthorized users.

While organizational-level secrets can serve some use cases, it is essential to evaluate the level of scrutiny applied to prevent potential abuse. It is crucial to securely store application credentials and limit their exposure only to the necessary contexts and use cases. A couple of example use cases are as follows:

  • Using a common application to invoke a workflow on a centralized repository as part of an onboarding exercise
  • Using a secret to reference a tenant ID of a company in a cloud provider...
Previous Section
End of Section 5
Next Section