
GitHub launches Actions, its workflow automation tool - moritzplassnig
https://techcrunch.com/2018/10/16/github-launches-actions-its-workflow-automation-tool/
======
peterkelly
Workflow languages are programming languages. I'd be really interested to know
if 1) there's a textual representation of the visual workflow design that you
can easily export/import, and 2) the syntax and semantics of the language.
I've seen a _lot_ of visual workflow editors which have a tendency towards
limited expressiveness; there seems to be a major disconnect between the
worlds of workflow authoring and programming.

I noticed that they provide the ability to specify a Dockerfile which contains
the necessary facilities to run arbitrary code. But I can't help but think
there has to be a middle ground between the two. I've written about this in
the past, arguing that applying concepts from traditional programming language
theory (in particular functional programming) to the design of workflow
languages can be fruitful.

[https://www.pmkelly.net/publications/wage2008.pdf](https://www.pmkelly.net/publications/wage2008.pdf)

[https://www.pmkelly.net/publications/thesis.pdf](https://www.pmkelly.net/publications/thesis.pdf)

~~~
preya2k
GitHubs language for the new Actions feature is based on HCL, which is a
superset of JSON (adding functionality like comments and other stuff).

[https://github.com/hashicorp/hcl](https://github.com/hashicorp/hcl)

~~~
scrollaway
Oh god. hcl is one of the worst parts of terraform. I really wonder what other
declarative languages were considered for this because it feels like a very
weird base to start with :/

~~~
brazzledazzle
Is it possible some of your perception is shaped by Terraform’s
implementation? I’m not a huge fan of json/yaml/etc as a DSL but Terraform
makes/made some choices that leave me empty inside. But only after I read the
original issue with hundreds of comments that was then migrated by a bot to a
new repo issue which is then closed after hundreds more comments because a
more recent issue that’s more specific is now around and then that one is
closed after dozens of comments because there’s a roll up issue.

~~~
scrollaway
Maybe. On the other hand a lot of terraform's implementation has been shaped
by how they themselves designed hcl, right? Things like multi-nesting function
calls inside quotes and what not. All the dollar signs. I can't even tell if
that's terraform or HCL, to be honest.

------
markovbot
Looks like
[https://github.com/features/actions](https://github.com/features/actions) is
the GitHub page about this

~~~
saagarjha
And documentation:
[https://developer.github.com/actions/](https://developer.github.com/actions/)

------
Chico75
At first I thought it was just another CI tool exclusive to github.com, but
the fact that you can hook up more than just the commit push events makes it
interesting for orchestrating a bunch of workflows around issues and pull
requests.

Also great to see that it supports both UI and code definition.

The only big missing feature in my opinion is a shared library support,
because it will soon be tedious to copy/paste the same generic docker build
commands across repositories.

~~~
tedmiston
What do you mean — isn't that exactly what a DockerBuildAction would provide?
Or are you referring to sharing an entire workflow?

~~~
sitepodmatt
I think it's referring to copying just part of the flow, where the terminal
ends might not be connected, so per project/target you just wire up a
repository to side A, and a deploy target to side B. Flows being a shareable
description of part of the processing pipeline, where the testing/slack
notification/approval workflow/building is standardized perhaps.. . (maybe
I've been reading too much Akka streams)

------
DanFeldman
Wow, this could be really useful for my team. We've built a ton of customized
workflows on top of github. We use a modified git-flow process, and have
bespoke solutions for automatically tagging branches when branches w/ name
"hotfix" get into master, when long-living releases get merged, tons of logic
for getting commits on a "release-*" branch into dev and other branches.

We ended up building a custom github worker that listens to all of this, but
it's opaque and our Bus factor is 1 for that tool. Putting it on Github where
anyone can change the rules and see them cleanly is fantastic!

~~~
sunsetMurk
what's 'Bus factor 1' ?

~~~
voltagex_
The "bus factor" is a way of saying "how many devs could we lose on this
project and still have a working knowledge of it?"

[https://en.wikipedia.org/wiki/Bus_factor](https://en.wikipedia.org/wiki/Bus_factor)

~~~
Cogito
A popular alternative I've heard here a few times is the "lottery factor".

How many devs could win the lottery and retire to a desert island while we
still retain working knowledge of it.

~~~
mnx
Yeah but why shy away from the fact that any of us could randomly die at any
moment? It may not be pleasant to think about, but it's true. And important to
be plan for in critical systems.

------
markovbot
This UI is beautiful. I hope GitLab looks into implementing something similar.
Their CI is already so powerful, it would be great to be able to have a UI to
build pipelines.

~~~
sytse
Thanks for you kind words about GitLab CI. What are the things that a visual
editor is really great at? Getting a good overview of the relations between
tasks? Seeing what secrets are available?

~~~
marmaduke
Just another kind comment for GitLab CI: we deployed it on prem and built a
whole data analysis and quality tracking system for a clinical trial on top. I
know it’s not the most powerful thing out there but for our small deadline-
ridden team the comprehensive and all in one nature + on-prem is just awesome.

~~~
porker
Wow that's awesome! Can you share any more about the system you built?

~~~
marmaduke
It’s a statistic model for epilepsy. We have GitLab running alongside
dedicated NFS server for the data, build Docker images with the code, run them
with access to the data, and put quality control images and reports on GitLab
CI as artifacts. Each patient gets a branch, triggers CI runner generating
patient reports. It took a while to figure it out but it’s really good for a
dev team lacking in discipline ;)

~~~
sytse
That is awesome, thanks for sharing.

------
johnnycarcin
With MSFT buying GitHub it'll be interesting how they spin this with their
existing "Azure DevOps" pipeline(s) offering...

~~~
talltimtom
Microsoft is gigantic, they loose absolutely nothing by competing against
themselves.

People get caught up in the on-size-fits-all mentality. If you are a 20 man
start-up it’s stupid to make 3 separate solutions that all compete. When you
employ north of a hundred thousand people, it’s less of an issue.

~~~
usrusr
From a certain size onwards not competing against yourself seems to be almost
irresponsible. Just imagine the fate Intel without any internal competition to
the Itanium, or without the Haifa team that insisted on pitting a refined P6
against netburst for mobile.

~~~
jkchu
Totally agree with this. I've heard Amazon does similar things, like multiple
teams competing with each other to accomplish similar goals. Can be very
healthy for the company if managed correctly.

~~~
reitanqild
Google seems to take this to an extreme with a number of messaging clients
competing all the time.

~~~
iamdave
_That_ particular example, I'm not even sure if it's an issue of teams
competing for the king of the messaging hill. And it's of particular interest
to me as a developer who works in the messaging space.

It's not hard to get right, it's not difficult to get wrong either-everyone
has their spin on messaging and that kind of choice is perfectly fine. We
don't need one to rule them all, at least IMO.

But goodness gracious Google just seems to have _NO_ clue what they're doing
with messaging. Which is frustrating because in the sliver of time they got it
right, they got it _right_ (that time when Hangouts was actually kind of
great, it was well integrated, and looked like Google was actually trying to
make it better? Member those days?) and then-as expected-they stripped the car
for parts and we ended up with two communications (Duo and Allo) platforms
that really should have been one feature-rich solution.

------
gigel82
Wait, how does this work? Who pays for all that compute time in the cloud?
What's the catch?

~~~
dragonwriter
Presumably, like every other GitHub feature, the people paying for GitHub pay
for it, free users get it as part of the ecosystem building promotion that the
free tier provides to bring in paying (not purely public/OSS, team features)
customers, with the assumption that the surplus on the paid accounts will,
over the log term if not immediately, cover the cost of the free use.

Or they’ll make it a separately charged feature once they evaluate demand and
usage in the beta, but AFAIK that would be new for GitHub.

~~~
jordiee
It mentions actions need to be private repos. So if I not mistaken free uses
will not be able to use it.

~~~
bnVi
Where exactly does what say actions need to be in private repos? I'm not
finding it.

Edit: Seems like workflows can only be created in private repos [1],

> You can only create workflows in private repositories.

but actions can be public [2].

> To share GitHub Actions with the GitHub community, your repository must be
> public.

[1] [https://developer.github.com/actions/creating-
workflows/crea...](https://developer.github.com/actions/creating-
workflows/creating-a-new-workflow/)

[2] [https://developer.github.com/actions/creating-github-
actions...](https://developer.github.com/actions/creating-github-
actions/creating-a-new-action/)

~~~
perlgeek
Found it about workflows at least:

[https://developer.github.com/actions/creating-
workflows/crea...](https://developer.github.com/actions/creating-
workflows/creating-a-new-workflow/)

> You can only create workflows in private repositories

~~~
ilaksh
Does this mean that Actions in general cannot be used for public open source
projects? It seems like a lot of them could benefit from this.

Maybe they need a new category of paid but still public.

~~~
mwarkentin
Might be a security thing rather than money?

~~~
jarfil
> Over time — and Lambert seemed to be in favor of this — GitHub could also
> allow developers to sell their workflows and Actions through the GitHub
> marketplace.

Nope, it's about money.

------
yosito
I could spend years automating my workflows and never actually providing value
in the form of deliverables haha

~~~
t0astbread
big mood

------
spankalee
I hope this leads very popular actions being added to GitHub's UI.

I'll probably first end up using this for better issue management and
triaging:

\- adding a default set of labels to new issues.

\- choosing default reviewers

\- synchronizing labels and GitHub project columns

But I really think those things should be built-in. Maybe actions can in part
be product research for them.

Also, I'd love to see a Node.js serverless function version of this.

------
azhenley
Is this made to replace things like Travis and Jenkins? (I have very little
experience with them.) The GUI looks very sleek, I'll definitely be checking
this out to see how to integrate it into my SE course.

~~~
devcpp
More like replace Atlassian Bamboo. I've had traumatic experiences with sleek
CIs. To me it's like the Scratch "programming language". Good for beginners,
and then you find yourself wanting to copy/paste your workflow or make any
sort of involved change and having to rewrite everything in a Jenkinsfile.

Now, I'd like to be wrong. But I doubt a UI can get close to plain text for
this kind of thing, it's just very difficult for software to translate boxes
into code.

Until then, there's a reason our tooling is text-based to this day.

~~~
zenlikethat
It will apparently also be configurable using static files written in HCL
(Terraform syntax).

------
bovermyer
NOW GitHub and GitLab are direct competitors.

------
deweller
I like that they are using HashiCorp configuration language (1) for the
configuration.

I have found HCL to be more human-readable than JSON and YAML. But it is
plenty strict for use cases like this.

1\. [https://github.com/hashicorp/hcl](https://github.com/hashicorp/hcl)

------
crooked-v
This looks like a complete replacement for Bitbucket Pipelines (and a straight
up better one), which makes me happy.

------
hardwaresofton
The new UI that Github implemented for it's actions is really slick!

As far as implementation I'm starting to wonder if anyone actually uses
BPMN[0]...It might be nice if we had a standardizable way to do these
orchestrations, and I thought BPMN was it.

[0]: [https://www.bpmnquickguide.com/view-bpmn-quick-
guide](https://www.bpmnquickguide.com/view-bpmn-quick-guide)

------
tedmiston
Here's the official GitHub Actions collection.

[https://github.com/actions](https://github.com/actions)

And for a concrete example, the Docker Action.

[https://github.com/actions/docker](https://github.com/actions/docker)

~~~
ilaksh
Some of them have Dockerfiles but some don't. For the ones without
Dockerfiles, exactly what environment are the commands run in?

~~~
Ajedi32
Are you sure they don't have Dockerfiles? It looks like the Dockerfiles don't
have to be in the root directory. You can have a repository with multiple
Dockerfiles stored in subdirectories, which results in the repository hosting
multiple actions.

------
perlgeek
This looks very promising, and I'm eager to try it out for some hobby
projects.

One thing I haven't found skimming the docs is a manual approval gate, which
would be very useful for projects that don't have full automated test coverage
(so, nearly all of them) before a production deployment.

~~~
humanrebar
I would just create a github release or a particular style of git tag.

~~~
perlgeek
... and then use a second, different automation to deploy that into
production?

That seems a little backwards for a small web app.

~~~
humanrebar
I use different workflows for commit verification and release automation, yes.
Some things are actually simpler that way.

------
donatj
I'm very hopeful this can replace at least some of our hooks. We've for a
fairly a automated process using GitHub labels and it would be great to be
able to move some of those off our hook server.

~~~
toomuchtodo
If you don't mind me asking, what hook server are you using currently you'd
move off of?

~~~
donatj
It's a pretty minimal one I developed for personal projects we ended up using
internally.

[https://github.com/donatj/hookah](https://github.com/donatj/hookah)

------
manigandham
Great news. Also the right way to do CI/CD with each step being a separately
configured container with a persistent workspace throughout. Makes it very
fast and easy to chain together steps while using small, focused, and updated
images.

There's only a few providers that seem to get this right so it's nice to see
included in github. I was just talking to the Azure DevOps people about this
kind of functionality so it seems like GH is and will continue to be run
independently of MS/Azure.

------
geekjock
This is very cool. I maintain a GitHub App (pullreminders.com) and I can see
Actions helping with setting up additional custom alerts that users sometimes
ask for.

~~~
itayd
you'll have to install the actions directly on your customer's repo iiuc. how
will you be able to do this via your app?

------
saagarjha
How will pricing work with something like this? Are actions run on GitHub's
servers, or can they only call out to third-party services?

~~~
rcfox
Looking at the documentation, I got the impression that you give them
Dockerfiles that they will run on GitHub servers for up to an hour at a time.

Seems like this would be pretty easy to abuse, and I was able to sign up with
my free account. We'll have to see how long this lasts...

~~~
ilaksh
It only works on private repos.

------
acejam
If you're as eager as I am to check this out, try this:

    
    
      1. Go here as a logged in user: https://github.com/actions/docker/blob/master/.github/main.workflow
      2. Click Edit on the file (top right corner, pencil icon)
      3. Edit existing workflow, or click "Create a new workflow".

------
galaxyLogic
Isn't this a bit like Ant or Gradle specialized for version-control perhaps?
What's wrong with using Ant or Gradle?

~~~
vorg
> What's wrong with using Ant

XML

> or Gradle?

Apache Groovy

------
Illniyar
“Imagine an infinitely more flexible version of shortcut, hosted on GitHub and
designed to allow anyone to create an action inside a container to augment and
connect their workflow"

Err... so like code? If he phrases it like that, does that mean that the
target audience isnt developers? I mean why else go with such an analogy?

------
t0astbread
I mean yeah, this is pretty cool but shouldn't we be worried about GitHub
taking over our whole workflow?

~~~
onion2k
We should be worried about locking our workflow to a specific provider. The
fact a provider makes it easier or provides tools _in itself_ isn't lock-in.

Even then we shouldn't be particularly worried. Vendor lock-in is an unusual
problem; deciding to change vendor is rare and if there's a good reason to do
it then it's worth spending resources. The only time it's a real problem is
when you absolutely have to change _and_ you don't have the resources to do
the necessary work.

------
morpheuskafka
Interesting that GitHub is continuing to still actively develop independent
features after the acquisition. I almost started to say that this seemed like
a pushback against Microsoft’s newly-rebranded Azure DevOps before I even
remembered...

------
piyush_soni
Wouldn't it make more sense for Microsoft to merge GitHub with their TFS
workflow that already has build / test etc. integration to some extent (along
with hosting code)? I don't understand this development.

~~~
ilaksh
No, because if they do that then up to five million developers may leave.

~~~
mohammedbin
But five ~~million~~ already left when they announced the acquisition

------
panda888888
RIP Puppet. If this takes off, Puppet's death spiral will be further cemented.

------
setquk
Now our workflow can be insonsistent or down too for several hours a month.

------
gaahrdner
This looks great, reminds me of a concourse.ci pipeline, but prettier.

------
nicodjimenez
Finally, I can hope to cancel my CircleCI account soon.

------
Entalpi
If there ever was an native article it is this one.

~~~
why_only_15
Do you mean naive?

~~~
Entalpi
No, native as in native advertising. As in they most likely got paid to write
it.

[https://en.wikipedia.org/wiki/Native_advertising](https://en.wikipedia.org/wiki/Native_advertising)

------
agumonkey
distributed dataflow ?

------
blt
Meanwhile, forked repositories still aren't searchable.

------
agentPrefect
Is the "extend" portion of the new Microsoft strategy commencing...

~~~
Azerb
GitHub sale hasn't even closed. This is GitHub being GitHub.

------
jhabdas
Nice. Brave stomps the whole article out and leaves just the nav and a small
graphic that says "AdChoices". Looks like a feature to me.

