Published Jun 6, 2023

SE Radio 567: Dave Cross on GitHub Actions

Dave Cross breaks down the power of GitHub Actions in automating CI/CD workflows, emphasizing best practices for secure management of secrets and permissions. By analyzing innovative use cases and comparing with traditional tools, he showcases how GitHub Actions can revolutionize software quality assurance and streamline development processes.

Episode Highlights

Topics covered

Episode Highlights

CI/CD Basics

explains the fundamental concepts of Continuous Integration (CI) and Continuous Deployment (CD), emphasizing their role in automating project quality checks. CI involves automating tasks like running unit tests and linters to ensure code quality, while CD focuses on moving code into production seamlessly once it's validated 1. highlights the importance of having a robust test suite to facilitate code changes without breaking existing functionality 2.

CI is all about automating the bits of your project, which mean that you can measure the quality of your project.

---

This automation provides a safety net, allowing developers to confidently integrate and deploy code changes.

Best Practices

In discussing best practices for CI/CD, emphasizes the need for integrating unit tests within a CI framework as a foundational step 2. He suggests using tools like GitHub's Dependabot and CodeQL for static analysis to enhance project security and quality 1.

Getting your unit tests running in some kind of CI framework is very useful.

---

These practices ensure that code changes do not introduce new issues, maintaining the integrity of the software throughout its lifecycle.

Related Episodes

SE Radio 585: Adam Frank on Continuous Delivery vs Continuous Deployment
Answers 383 questions
SE-Radio Episode 288: DevSecOps
Answers 383 questions
SE-Radio-Episode-261:-David-Heinemeier-Hansson-on-the-State-of-Rails,-Monoliths,-and-More
Answers 383 questions
SE Radio 628: Hans Dockter on Developer Productivity
Answers 383 questions
SE Radio 619: James Strong on Kubernetes Networking
Answers 383 questions
SE Radio 625: Jonathan Schneider on Automated Refactoring with OpenRewrite
Answers 383 questions
SE-Radio Episode 242: Dave Thomas on Innovating Legacy Systems
Answers 383 questions
SE-Radio Episode 247: Andrew Phillips on DevOps
Answers 383 questions
SE Radio 562: Bastian Gruber on Rust Web Development
Answers 383 questions
SE Radio 594: Sean Moriarity on Deep Learning with Elixir and Axon
Answers 383 questions
SE-Radio-Episode-253-Fred-George-on-Developer-Anarchy
Answers 383 questions
SE-Radio Episode 295: Michael Feathers on Legacy Code
Answers 383 questions
SE-Radio Episode 357: Adam Barr on Code Quality
Answers 383 questions
SE-Radio-Episode-274-Sam-Aaron-on-Sonic-Pi
Answers 383 questions
SE Radio 557: Timothy Beamish on React and Next.js
Answers 383 questions

SE Radio 567: Dave Cross on GitHub Actions

Topics covered

Popular Clips

Episode Highlights

Introduction to CI/CDDave Cross explores the essentials of Continuous Integration and Continuous Deployment, highlighting their significance in automating software quality assurance. He shares insights on best practices to ensure robust and reliable software delivery.

Introduction to CI/CD

CI/CD Basics

Best Practices

Security and IdentityDave Cross delves into the intricacies of managing secrets and permissions within GitHub Actions. He provides insights into secure operations and best practices for handling sensitive data and access controls.

Security and Identity

Example Use CasesDave Cross explores the innovative use of GitHub Actions for automating static website management and data workflows. He shares insights on leveraging these tools to streamline processes and enhance collaboration.

Example Use Cases

GitHub Actions Explained

Related Episodes