BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ
News Articles Presentations Podcasts Guides

Topics

Choose your language

InfoQ Dev Summit Boston

Discover transformative insights to level up your software development decisions. Use code LIMITEDOFFERIDSBOSTON24 for an exclusive offer.
InfoQ Dev Summit Munich

Get practical advice from senior developers to navigate your current dev challenges. Use code LIMITEDOFFERIDSMUNICH24 for an exclusive offer.
QCon San Francisco

Level up your software skills by uncovering the emerging trends you should focus on. Register now.
The Software Architects' Newsletter

Your monthly guide to all the topics, technologies and techniques that every professional needs to know about. Subscribe for free.

InfoQ Homepage News Eating One's Own Dogfood: GitHub Using Actions and Runners for GitHub.com

Development

Eating One's Own Dogfood: GitHub Using Actions and Runners for GitHub.com

Bookmarks

Oct 07, 2023 1 min read

InfoQ Article Contest

Share your knowledge Win a ticket to a QCon event
or an InfoQ Dev SummitFind out more

To improve how they ship software in a scalable and effective way, GitHub has adopted GitHub Actions for a part of their continuous integration system. In particular, they leveraged the new Actions larger runners to get to run 15,000 CI jobs across 150,000 cores. In the process they also extended larger runners capabilities for all their users.

This gave us an opportunity not only to transition to a fully featured CI system, but also to develop, experience, and utilize the systems we are creating for our customers and to drive feedback to help build the product.

GitHub engineers used a few key features provided by GitHub actions, such as reusable workflows, and created a new feature that enables workflows to reuse previous outcomes.

Reusable workflows are meant to provide a mechanism to manage a collection of workflows in a single repository so they can be reused in other repositories. This was key to make the process of adding CI to a repositories seamless, which would have otherwise required to create new workflows for each repository.

Reusing previous workflow outcomes is instead an optimization mechanism that prevents running a workflow when the file contents of a repo are exactly the same as they were in a previous run of the workflow. This happens when the Git tree ID for the current commit is the same as the previous commit. In such cases, running the workflow would produce exactly the same outcome, so instead of running it again, the results of the previous run are reused.

A final requirement GitHub engineers had to solve was enabling larger runners to access some of their private infrastructure, which could include artifact storage, application metadata services, and other services that enable invocation of test harness. This led to creating a gateway to grant runners access to private resources while preserving security.

This remote access solution works on the principle of minting an OIDC token in GitHub Actions, passing the OIDC token to a remote access gateway that authorizes the request by validating the OIDC token, and then proxying the request to the private service residing in a private network.

If you are interested in using the same approach for your runners, GitHub has provided a basic scaffolding of a gateway implementing this approach.

About the Author

Sergio De Simone

Show moreShow less

Rate this Article

Adoption
Style

This content is in the Agile topic

Related Topics:
BT