Learning GitHub Actions

Learning GitHub Actions

by Brent Laster
Released August 2023
Publisher(s): O'Reilly Media, Inc.
ISBN: 9781098131074

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Buy on Amazon Buy on ebooks.com
Start your free trial

Book description

Automate your software development processes with GitHub Actions, the continuous integration and continuous delivery platform that integrates seamlessly with GitHub. With this practical book, open source author, trainer, and DevOps director Brent Laster explains everything you need to know about using and getting value from GitHub Actions. You'll learn what actions and workflows are and how they can be used, created, and incorporated into your processes to simplify, standardize, and automate your work in GitHub.

This book explains the platform, components, use cases, implementation, and integration points of actions, so you can leverage them to provide the functionality and features needed in today's complex pipelines and software development processes. You'll learn how to design and implement automated workflows that respond to common events like pushes, pull requests, and review updates. You'll understand how to use the components of the GitHub Actions platform to gain maximum automation and benefit.

With this book, you will:

  • Learn what GitHub Actions are, the various use cases for them, and how to incorporate them into your processes
  • Understand GitHub Actions' structure, syntax, and semantics
  • Automate processes and implement functionality
  • Create your own custom actions with Docker, JavaScript, or shell approaches
  • Troubleshoot and debug workflows that use actions
  • Combine actions with GitHub APIs and other integration options
  • Identify ways to securely implement workflows with GitHub Actions
  • Understand how GitHub Actions compares to other options

Publisher resources

View/Submit Errata

Table of contents

  1. Foreword
  2. Preface
    1. The Structure of This Book
      1. Part I: Foundations
      2. Part II: Building Blocks
      3. Part III: Security and Monitoring
      4. Part IV: Advanced Topics
    2. Intended Audience
    3. Continuing with GitHub Actions
    4. Conventions Used in This Book
    5. Using Code Examples
    6. O’Reilly Online Learning
    7. How to Contact Us
    8. Acknowledgments
  3. I. Foundations
  4. 1. The Basics
    1. What Is GitHub Actions?
      1. Automation Platform
      2. Framework
    2. What Are the Use Cases for GitHub Actions?
      1. Starter Workflows
      2. Actions Marketplace
    3. What Costs Are Involved?
      1. The Free Model
      2. The Paid Model
    4. When Does Moving to GitHub Actions Make Sense?
      1. Investment in GitHub
      2. Use of Public Actions
      3. Creating Your Own Actions
      4. Artifact Management
      5. Action Management
    5. Conclusion
  5. 2. How Does Actions Work?
    1. An Overview
    2. Triggering Workflows
    3. Components
      1. Steps
      2. Runners
      3. Jobs
      4. Workflow
    4. Workflow Execution
    5. Conclusion
  6. 3. What’s in an action?
    1. The Structure of an action
    2. Interfacing with actions
    3. Using actions
    4. Public actions and the Marketplace
    5. Conclusion
  7. 4. Working with Workflows
    1. Creating the First Workflow in a Repository
    2. Committing the Initial Workflow
    3. Using the VS Code GitHub Actions Extension
    4. Conclusion
  8. 5. Runners
    1. GitHub-Hosted Runners
      1. What’s in the Runner Images?
      2. Adding Additional Software on Runners
    2. Self-Hosted Runners
      1. Requirements for Self-Hosted Runners
      2. Limits for Self-Hosted Runners
      3. Security Considerations for Using Self-Hosted Runners
      4. Setting Up a Self-Hosted Runner
      5. Using a Self-Hosted Runner
      6. Using Labels with Self-Hosted Runners
      7. Troubleshooting Self-Hosted Runners
      8. Removing a Self-Hosted Runner
    3. Autoscaling Self-Hosted Runners
    4. Just-in-Time Runners
    5. Conclusion
  9. II. Building Blocks
  10. 6. Managing Your Workflow Environments
    1. Naming Your Workflow and Workflow Runs
    2. Contexts
    3. Environment Variables
      1. Default Environment Variables
    4. Secrets and Configuration Variables
    5. Managing Permissions for Your Workflow
    6. Deployment Environments
    7. Conclusion
  11. 7. Managing Data Within Workflows
    1. Working with Inputs and Outputs in Workflows
      1. Defining and Referencing Workflow Inputs
      2. Capturing Output from a Step
      3. Capturing Output from a Job
      4. Capturing Output from an Action Used in a Step
    2. Defining Artifacts
    3. Uploading and Downloading Artifacts
      1. Adding Parameters
    4. Using Caches in GitHub Actions
      1. Using the Explicit Cache Action
      2. Monitoring Caches
      3. Activating a Cache with a Setup Action
    5. Conclusion
  12. 8. Managing Workflow Execution
    1. Advanced Triggering from Changes
      1. Triggering Based on Activity Types
      2. Using Filters to Refine Triggers
    2. Triggering Workflows Without a Change
    3. Dealing with Concurrency
    4. Running a Workflow with a Matrix
    5. Workflow Functions
      1. Conditionals and Status Functions
    6. Conclusion
  13. III. Security and Monitoring
  14. 9. Actions and Security
    1. Security by Configuration
      1. Managing Execution of Workflows from Pull Requests
      2. Workflow Permissions
      3. The CODEOWNERS File
      4. Protected Tags
      5. Protected Branches
      6. Repository Rules
    2. Security by Design
      1. Secrets
      2. Securing Secrets
      3. Tokens
      4. Dealing with Untrusted Input
      5. Securing Your Dependencies
    3. Security by Monitoring
      1. Scanning
      2. Processing Pull Requests Securely
      3. Vulnerabilities with Workflows in Pull Requests
      4. Vulnerabilities with Source Code in Pull Requests
      5. Adding a Pull Request Validation Script
      6. Safely Handling Pull Requests
    4. Conclusion
  15. 10. Monitoring, Logging, and Debugging
    1. Gaining More Observability
      1. Understanding Status at a High Level
      2. Creating Status Badges for Workflows
    2. Working with Past States
      1. Mapping Workflow Versions to Runs
      2. Re-running Jobs in a Workflow
    3. Debugging Workflows
      1. Step Debug Logging
      2. Debugging the Runner Environment
      3. Activating Debugging
    4. Augmenting and Customizing Logging
      1. Adding Your Own Messages in Logs
      2. Additional Log Customizations
      3. Creating a Customized Job Summary
    5. Conclusion
  16. IV. Advanced Topics
  17. 11. Creating Custom actions
    1. Anatomy of an action
    2. Types of Actions
      1. Composite Action
      2. Docker Container Action
      3. Creating a JavaScript Action
    3. Completing Your Action Creation
    4. Publishing Actions on the GitHub Marketplace
      1. Updating Actions on the Marketplace
      2. Removing an Action from the Marketplace
    5. The Actions Toolkit
      1. Using Workflow Commands from the Toolkit
    6. Local actions
    7. Conclusion
  18. 12. Advanced Workflows
    1. Creating Your Own Starter Workflows
      1. Creating a Starter Workflow Area
      2. Creating a Starter Workflow File
      3. Adding Supporting Pieces
      4. Using the New Starter Workflow
    2. Reusable Workflows
      1. Inputs and Secrets
      2. Outputs
      3. Limitations
    3. Required Workflows
      1. Constraints
      2. Example
      3. Execution
    4. Conclusion
  19. 13. Advanced Workflow Techniques
    1. Driving GitHub from Your Workflow
      1. Using the GitHub CLI
      2. Creating Scripts
      3. Invoking GitHub APIs
    2. Using a Matrix Strategy to Automatically Create Jobs
      1. One-Dimensional Matrices
      2. Multi-dimensional Matrices
      3. Including Extra Values
      4. Excluding Values
      5. Handling Failure Cases
      6. Defining Max Concurrent Jobs
    3. Using Containers in Your Workflow
      1. Using a Container as the Environment for a Job
      2. Using a Container with a Step
      3. Running Containers as Services in a Job
    4. Conclusion
  20. 14. Migrating to GitHub Actions
    1. Prep
      1. Source Code
      2. Automation
      3. Infrastructure
      4. Users
    2. Azure Pipelines
    3. CircleCI
    4. GitLab CI/CD
    5. Jenkins
    6. Travis CI
    7. GitHub Actions Importer
      1. Authentication
      2. Planning
      3. Build Steps and Related
      4. Manual Tasks
      5. File Manifest
      6. Forecasting
      7. Doing a Dry Run
      8. Creating Custom Transformers for the Importer
      9. Doing the Actual Migration
    8. Conclusion
  21. Index
  22. About the Author

Product information

  • Title: Learning GitHub Actions
  • Author(s): Brent Laster
  • Release date: August 2023
  • Publisher(s): O'Reilly Media, Inc.
  • ISBN: 9781098131074