For the
longest time, GitHub was all about storing source code and sharing it either
with the rest of the world or your colleagues. Today, the company, which is in
the process of being acquired by Microsoft, is taking a step in a different but
related direction by launching GitHub Actions.
Actions allow developers to not
just host code on the platform but also run it. We’re not talking about a new
cloud to rival AWS here, but instead about something more akin to a very
flexible IFTTT for developers who want to automate their development workflows,
whether that is sending notifications or building a full continuous integration
and delivery pipeline.
This is a
big deal for GitHub . Indeed, Sam Lambert, GitHub’s head of platform, described
it to me as “the biggest shift we’ve had in the history of GitHub.” He likened
it to shortcuts in iOS — just more flexible. “Imagine an infinitely more
flexible version of shortcut, hosted on GitHub and designed to allow anyone to
create an action inside a container to augment and connect their workflow.”
GitHub users
can use Actions to build their continuous delivery pipelines, and the company
expects that many will do so. And that’s pretty much the first thing most
people will think about when they hear about this new project. GitHub’s own
description of Actions in today’s announcement makes definitely fits that bill,
too. “Easily build, package, release, update, and deploy your project in any
language—on GitHub or any external system—without having to run code yourself,”
the company writes. But it’s about more than that.
“I see CI/CD
as one narrow use case of actions. It’s so, so much more,” Lambert stressed.
“And I think it’s going to revolutionize DevOps because people are now going to
build best in breed deployment workflows for specific applications and
frameworks, and those become the de facto standard shared on GitHub. […] It’s
going to do everything we did for open source again for the DevOps space and
for all those different parts of that workflow ecosystem.”
That means
you can use it to send a text message through Twilio every time someone uses
the ‘urgent issue’ tag in your repository, for example. Or you can write a
one-line command that searches your repository with a basic grep command. Or
really run any other code you want to because all you have to do to turn any
code in your repository into an Action is to write a Docker file for it so that
GitHub can run it. “As long as there is a Docker file, we can build it, run in
and connect it to your workflow,” Lambert explained. If you don’t want to write
a Docker file, though, there’s also a visual editor you can use to build your
workflow.
As Corey
Wilkerson, GitHub’s head of product engineering also noted, many of these
Actions already exist in repositories on GitHub today. And there are now over
96 million of those on GitHub, so that makes for a lot of potential actions
that will be available from the start.
With
Actions, which is now in limited public beta, developers can set up the
workflow to build, package, release, update and deploy their code without having
to run the code themselves.
Now
developers could host those Actions themselves — they are just Docker
containers, after all — but GitHub will also host and run the code for them.
And that includes developers on the free open source plan.
Over time —
and Lambert seemed to be in favor of this — GitHub could also allow developers
to sell their workflows and Actions through the GitHub marketplace. For now,
that’s not an option, but it it’s definitely that’s something the company has
been thinking about. Lambert also noted that this could be a way for open
source developers who don’t want to build an enterprise version of their tools
(and the sales force that goes with that) to monetize their efforts.
While GitHub
will make its own actions available to developers, this is an open platform and
others in the GitHub community can contribute their own actions, too.
GitHub will
slowly open Actions to developers, starting with daily batches for the time
being. You can sign up for access here.
In addition
to Actions, GitHub also announced a number of other new features on its
platform. As the company stressed during today’s event, it’s mission is to make
the life of developers easier — and most of the new features may be small but
do indeed make it easier for developers to do their jobs.
So what else
is new? GitHub Connect, which connects the silo of GitHub Enterprise with the
open source repositories on its public site, is now generally available, for
example. GitHub Connect enables new features like unified search, that can
search through both the open source code on the site and internal code, as well
as a new Unified Business Identity feature that brings together the multiple
GitHub Business accounts that many businesses now manage (thanks, shadow IT)
under a single umbrella to improve billing, licensing and permissions.
The company
also today launched three new courses in its Learning Lab that make it easier
for developers to get started with the service, as well as a business version
of Learning Lab for larger organizations.
What’s maybe
even more interesting for developers whose companies use GitHub Enterprise,
though, is that the company will now allow admins to enable a new feature that
will display those developers’ work as part of their public profile. Given that
GitHub is now the de facto resume for many developers, that’s a big deal. Much
of their work, after all, isn’t in open source or in building side projects,
but in the day-to-day work at their companies.
The other
new features the company announced today are pretty much all about security.
The new GitHub Security Advisory API, for example, makes it easier for
developers to find threads in their code through automatic vulnerability scans,
while the new security vulnerability alerts for Java and .NET projects now extend
GitHub’s existing alerts to these two languages. If your developers are prone
to putting their security tokens into public code, then you can now rest easier
since GitHub will now also start scanning all public repositories for known
token formats. If it finds one, it’ll alert you and you can set off to create a
new one.
Comments