Application Security / CI/CD / Programming Languages

This Week in Programming: GitHub Dives Into DevOps with Actions

20 Oct 2018 6:00am, by

GitHub made several announcements this week at its GitHub Universe conference in San Francisco, from the return of its Game Off game building competition to the release of its annual navel-gazing State of the Octoverse, but it’s the preview of GitHub Actions that is really taking the limelight. GitHub Actions, currently in private beta, is “a new way to automate and customize your workflows” that “applies open source principles to workflow automation, weaving together the tools you use from idea to production into one complete workflow.”

These actions, once publicly available, will be shareable in much the same way as code repositories currently are on the site, and that is an exciting development. You might even say it’s something like a democratization of DevOps, though I bet others wouldn’t venture that far. (Read on.)

Interestingly enough, nowhere in the announcement or otherwise does GitHub use specific phrases like “DevOps” or “CI/CD,” instead opting for words like “workflow” and “automation.” Instead, they circled around specifics, writing that with Actions users will be able to “build, package, release, update, and deploy your project in any language — on GitHub or any external system — without having to run code yourself.”

That would certainly sound like CI/CD by any other long, non-specific name.

Sam Lambert, GitHub’s head of platform, told TechCrunch that he sees “CI/CD as one narrow use case of actions” and that it’s “so, so much more.” Lambert did, however, acknowledge that he thinks Actions will “revolutionize DevOps because people are now going to build best in breed deployment workflows for specific applications and frameworks, and those become the de facto standard shared on GitHub. […] It’s going to do everything we did for open source again for the DevOps space and for all those different parts of that workflow ecosystem.”

Not to be left out of the conversation, GitHub competitor GitLab responded to the announcement, writing that GitHub Actions affirms all-in-one is eating the marketplace model, calling the feature GitHub’s “continuous integration tool” that is “entering into competition with 14 of its continuous integration marketplace vendors.” According to the folks over at GitLab, who already boasts a fully integrated CI/CD solution, GitHub is “ready to eat its own marketplace to stay competitive” and this is “a turning point from disparately integrated toolchains to all-in-one solutions in the tech tools landscape.”

Indeed, others are honing in on the CI/CD and DevOps potential of this announcement as well. The JAXEnter site notes that GitHub joins the CI/CD fray with this feature, saying that “it may just shake things up in the world of CI/CD-related services.” Similarly, InfoWorld asserts that GitHub Actions will let developers do CI/CD in GitHub.

Limited use-case or not, it sure seems that CI/CD is the one people are talking about.

For now, you can sign up for the public beta and wait like everyone else… or try to skip the line by inventing an innovative, likely non-CI/CD use for Actions and tweeting it with the #GitHubActions hashtag.

And with that, we bring you the other programming related tidbits of the week.

This Week in Programming

  • Everything Else GitHub Had to Say: While GitHub Actions was certainly the big news, the company made several other announcements at GitHub Universe this week, which is summarized quite nicely in one tidy blog post. The post focuses on four specific areas of improvement — platform, business, security, and learning. The platform update primarily concerns GitHub Actions, while security includes the addition of Java and .NET support to GitHub’s security vulnerability alerts feature, which sends repository admins and organization owners a notification when any of their projects has a dependency with a known vulnerability. GitHub also announced a Security Advisory API and dives into the how and why of GitHub Token Scanning. For you business level GitHub users, GitHub Connect looks to “break down organizational barriers, unify the experience across deployment types, and bring the power of the world’s largest open source community to developers at work.” And finally, in terms of learning, the company has added three new courses to its Learning Lab, focusing on secure development workflows with GitHub, reviewing a pull request, and getting started with GitHub Apps. It has also announced Learning Labs for organizations, where companies can “can create private courses and learning paths, customize course content, and access administrative reports and metrics.”
  • Google’s Low Latency Audio Library for C++: Now, in some non-GitHub news, Google announced Oboe this week. Oboe is a C++ library for building real-time audio apps that “provides the lowest possible audio latency across the widest range of Android devices, as well as several other benefits.” Those other benefits include the ability to create an audio stream in just three lines of code, a C++ API, a fast release process and workarounds for known audio bugs. Check out the video for more:

  • App Engine’s Go 1.11 Runtime: Google also announced a new Go 1.11 runtime. While developers have been using Google App Engine since 2011, they’ve had to jump through several hoops to do so. With this announcement, developers can easily run their Go applications with “no limits on application structure, supported packages, context. Context values, or HTTP clients,” according to the parallel announcement on the Go blog. This update also means that Google App Engine supports the experimental versioned modules that arrived with Go 1.11. For the interested, check out Google’s how-to guide to get started.

  • The PHP-pocalypse Is Nigh: That’s right, more than 60 percent of the web will be running an unsupported PHP version in 10 weeks, according to ZDNet. PHP accounts for nearly 80 percent of all sites on the Internet, they say, and 62 percent of those sites run PHP 5.6.x, which will officially become unsupported as of December 31, 2018. “This means that starting with next year, around 62 percent of all internet sites still running a PHP 5.x version will stop receiving security updates for their server,” they write, “and website’s underlying technology, exposing hundreds of millions of websites, if not more, to serious security risks.” Chances are, there will be quite a few WordPress hacks coming in 2019.

Feature image via Pixabay.


A digest of the week’s most important stories & analyses.

View / Add Comments

Please stay on topic and be respectful of others. Review our Terms of Use.