GitHub pulls its tentacles into CI/CD and artifact management

What’s that?

GitHub Actions is a platform that allows you to manage the software life cycle, for GitHub-based source code. In fact, this is a new competitor for TravisCI, CircleCI, and many other free CI/CD platforms.

How to try?

Both services are currently in beta, and you can sign up for a beta test on these pages.

Package Registry

There are only two simple steps to begin to work with Package Registry instead of DockerHub.

GitHub token creation
docker login docker.pkg.github.com --username amet13
docker tag docker-latex:0.0.1 docker.pkg.github.com/amet13/master-thesis/docker-latex:0.0.1
docker push docker.pkg.github.com/amet13/master-thesis/docker-latex:0.0.1
Error parsing reference: "docker.pkg.github.com/Amet13/master-thesis/docker-latex:0.0.1" is not a valid repository/tag: invalid reference format: repository name must be lowercase
Package Registry page

Actions

This is a bit more complicated service, but for those who have ever worked with any other CI/CD system, it won’t be difficult to understand. The configuration in Actions is described in declarative YAML, although HCL was used before.

  • Workflow — the process which controls software’s life cycle (build, test, package, release, deploy) in the repo
  • Workflow file — the file with Workflow description, it’s located in the repo’s directory .github/workflows/
  • Job — is every Workflow’s run, Jobs are run by triggers, there could be many Jobs at the same time
  • Step — every Job contains Steps, you can run commands or Actions in the Step
  • Action — existing “plugin”, you can find a lot of plugins in the awesome-actions repo
  • Virtual environment — where do we run the Job (VM on Windows, macOS, Linux)
  • Runner — an environment in the runtime, only one job could work at the same time on the Runner
  • Event — runs the Workflows, for instance: Push, Pull Request, Webhook, Cronjob, etc
  • Artifact — binary files, logs, pictures, etc
Jobs list for the Workflow
  • 20 Workflows for the one repo
  • 1000 API-calls/hour for all Actions in the repo
  • maximum Job lifetime — 6 hours
  • 20 Jobs could work in parallel (for all Workflows in repo)
  • forbidden to use Actions for crypto mining and serverless computing
Logs for the Job

Example

Let’s get back to my example. Here is my config for Actions, I want to show it to you in detail.

name: master-thesis
on: [push]
jobs:
build:
# ubuntu-latest, ubuntu-18.04, or ubuntu-16.04
# windows-latest, windows-2019, or windows-2016
# macOS-latest or macOS-10.14
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v1
- name: Build docker image and push it to the registry
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
DOCKER_IMAGE_ORIGIN: "docker.pkg.github.com/amet13/master-thesis/docker-latex"
run: | # Pull submodules
git submodule init
git submodule update --remote
# Login to GitHub Packages and build Docker image
docker login docker.pkg.github.com -u amet13 -p ${GITHUB_TOKEN}
docker pull ${DOCKER_IMAGE_ORIGIN}:latest
docker build -t ${DOCKER_IMAGE_ORIGIN}:${GITHUB_SHA} .
# Generate PDF artifacts
docker run --rm -i \
-v ${PWD}:/master-thesis:Z ${DOCKER_IMAGE_ORIGIN}:${GITHUB_SHA} \
bash -c "latexmk -xelatex -synctex=1 -jobname=master-thesis main.tex"
docker run --rm -i \
-v ${PWD}:/master-thesis:Z ${DOCKER_IMAGE_ORIGIN}:${GITHUB_SHA} \
bash -c "cd presentation/ && latexmk -xelatex -synctex=1 -jobname=presentation main.tex"
# Publish Docker image to GitHub Packages (with latest tag)
docker tag ${DOCKER_IMAGE_ORIGIN}:${GITHUB_SHA} ${DOCKER_IMAGE_ORIGIN}:latest
docker push ${DOCKER_IMAGE_ORIGIN}:${GITHUB_SHA}
docker push ${DOCKER_IMAGE_ORIGIN}:latest
Adding a secret with GitHub token
- name: Create GitHub release with artifacts
uses: softprops/action-gh-release@v1
if: startsWith(github.ref, 'refs/tags/')
with:
files: |
master-thesis.pdf
presentation/presentation.pdf
name: "Build ${GITHUB_SHA}"
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}

Key takeaways

Despite the beta status, both services work well, I’m sure that many things will be finished before the stable release. At some points it can be inconvenient, there are no global variables, but this can be done with some hacks.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store