GitHub has introduced required workflows and support for configuration variables for Actions. The update is designed to standardize and enforce CI/CD best practices, and give developers working for large organizations a way to secure their code.

GitHub Actions is a continuous integration and continuous delivery (CI/CD) platform that lets developers automate their build, test, and deployment pipeline. Users can create workflows that build and test every pull request to a repository, or deploy merged pull requests to production.

Required workflows let teams define and enforce standard practices for Ci/CD across multiple source repositories. You can specify which workflows will run as required status checks for all pull requests, choosing them for all or selected repositories.

A required workflow is triggered by pull request events and appears as a required status check, which blocks the ability to merge the pull request until the required workflow succeeds. GitHub says required workflows can also be used to invoke external vulnerability scoring or dynamic analysis tools for security, or to run compliance or deployment checks.

The second addition is support for configuration variables. These offer an alternative to storing configuration data as encrypted secrets when you want to reuse values in workflows. GitHub says that while this way of dealing with configuration data is extremely secure, it isn't good for retrieval of non-sensitive configuration data such as compiler flags, usernames and server names. Instead, GitHub now recommends the use of configuration variables.

Configuration variables can be used to store non-sensitive data as plain text variables that can be reused across your workflows in your repository or organization. The variables can be defined at organization, repository, or environment level to provide default values for parameters passed to build tools at the specified level, but can also be overriden by repository owners on a case-by-case basis. 

GitHub Required Workflows and Configuration Variables are now in beta.

More Information

GitHub Documentation On Required Workflows

GitHub Documentation On Configuration Variables

GitHub Website

Related Articles

GitHub Copilot Provides Productivity Boost  

GitHub Copilot Your Programming Pal

GitHub Desktop Adds Squashing

GitHub Desktop 2.0 Introduces Stashing and Rebasing

GitHub Introduces Super Linter

GitHub Strengthens Team Working

New From GitHub Universe

GitHub Launches Actions

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Comments

Make a Comment or View Existing Comments Using Disqus

or email your comment to: comments@i-programmer.info