Essentials on Azure DevOps Services

and GitHub
Conditions and Terms of Use
Microsoft Confidential

Copyright and Trademarks

© 2018 Microsoft Corporation. All rights reserved.

http://www.microsoft.com/en-us/legal/intellectualproperty/Permissions/default.aspx
Module 4: GitHub Actions

Module Overview

Microsoft Confidential
Overview
• Learn GitHub Actions
• Deploy with GitHub Actions
• Migrating from Azure Pipelines to GitHub Actions

Microsoft Confidential
Module 4: GitHub Actions

Lesson 1 : Learn GitHub Actions

Microsoft Confidential
Overview
• Understanding GitHub Actions
• Workflows
• Workflow templates
• Expressions and Contexts
• Workflow syntax and commands
• Environment variables

Microsoft Confidential
Understanding GitHub Actions
• Continuous integration and continuous delivery (CI/CD) platform that allows you to automate your build,
test, and deployment pipeline
• Create workflows that build and test every pull request to your repository, or deploy merged pull requests
to production
• Run workflows when other events happen in your repository
• GitHub provides Linux, Windows, and macOS virtual machines to run your workflows, or you can host your
own self-hosted runners in your own data center or cloud infrastructure

Microsoft Confidential
Understanding GitHub Actions (continued)
The components of GitHub Actions
• Configure a GitHub Actions workflow to be triggered when an event occurs in your repository, such as a
pull request being opened, or an issue being created
• Workflow contains one or more jobs which can run in sequential order or in parallel
• Each job will run inside its own virtual machine runner, or inside a container, and has one or more steps that
either run a script that you define or run an action, which is a reusable extension that can simplify in your
workflow

Microsoft Confidential
Understanding GitHub Actions (continued)
Workflows
• Configurable automated process that will run one or more jobs
• Defined by a YAML file checked in to your repository and will run when triggered by an event in your
repository, or they can be triggered manually, or at a defined schedule
• Multiple workflows can be a created in a repository, each of which can perform a different set of steps
Events
• Specific activity in a repository that triggers a workflow run
Jobs
• Set of steps in a workflow that execute on the same runner
• Each step is either a shell script that will be executed, or an action that will be run. Steps are executed in
order and are dependent on each other. Since each step is executed on the same runner, you can share
data from one step to another
• Can configure a job's dependencies with other jobs; by default, jobs have no dependencies and run in
parallel with each other

Microsoft Confidential
Understanding GitHub Actions (continued)
Actions
• Custom application for the GitHub Actions platform that performs a complex but frequently repeated task
• Reduce the amount of repetitive code in your workflow files by using actions
• An action can pull your git repository from GitHub, set up the correct toolchain for your build environment,
or set up the authentication to your cloud provider
• Write your own actions or find actions to use in your workflows in the GitHub Marketplace
Runners
• Server that runs your workflows when they're triggered
• Each runner can run a single job at a time
• GitHub provides Ubuntu Linux, Microsoft Windows, and macOS runners to run your workflows; each
workflow run executes in a fresh, newly-provisioned virtual machine

Microsoft Confidential
Workflows
Understanding the workflow file

Microsoft Confidential
Workflows (continued)
Understanding the workflow file

Microsoft Confidential
Visualizing the workflow file

Microsoft Confidential
Actions
• Building blocks that power your workflow
• Created by the community, or you can create your own actions directly within your application's repository
• Defined in:
o A public repository
o The same repository where your workflow file reference the action
o A published Docker container image on Docker Hub

• Browse GitHub Marketplace to find actions created by the GitHub community

Microsoft Confidential
Actions (continued)
• Using inputs and outputs with an action

Microsoft Confidential 15
Actions (continued)
• Referencing an action in the same repository where a workflow file uses the action

Microsoft Confidential 16
Essential features
• Using variables in your workflows

• Adding scripts to your workflow

Microsoft Confidential
Essential features (continued)
• Sharing data between jobs

Microsoft Confidential
Essential features (continued)
• Storing secrets

• Creating dependent jobs

Microsoft Confidential 19
Essential features (continued)
• Using a build matrix
o Run jobs across multiple combinations of operating systems, platforms, and languages

• Reusing workflow
o Call one workflow from within another workflow

• Using environments
o Configure environments with protection rules and secrets
o Each job in a workflow can reference a single environment

Microsoft Confidential 20
Workflow templates
• Use workflow templates as a starting place to build your custom workflow or use them as-is
• Create a new workflow by choosing a template and some or all of the work of writing the workflow will be
done for you
• Created by users with write access to the .github repository. Templates can be used by organization
members who have permission to create workflows
• Used to create workflows in public repositories only. Organizations using GitHub Enterprise Cloud can also
use workflow templates to create workflows in private repositories.

Microsoft Confidential 21
Events that trigger workflows
• Configure your workflows to run when specific activity on GitHub happens, at a scheduled time, or when
an event outside of GitHub occurs
• Configure workflows to run for one or more events using the on workflow syntax

Microsoft Confidential 22
Expressions and Contexts
• Expressions
o Use expressions to programmatically set variables in workflow files and access contexts
o Can be any combination of literal values, references to a context, or functions

o Literals: Use Boolean, null, number, or string data types as part of an expression
o Operators: Use Operators in expressions – () [] . ! < <= > >-= == != && ||
o Functions: Use built-in functions in expressions
▪ Example: contains (search, item)

Microsoft Confidential 23
Expressions and Contexts (continued)
• Contexts
o Access information about workflow runs, runner environments, jobs, and steps
o Contexts use the expression syntax

Microsoft Confidential 24
Workflow syntax
• Workflow is a configurable automated process made up of one or more jobs
• You must create a YAML file to define your workflow configuration
• Syntax:

Microsoft Confidential 25
Workflow commands
• Use workflow commands when running shell commands in
a workflow or in an action's code
• The actions/toolkit includes a number of functions that can
be executed as workflow commands
• Use the :: syntax to run the workflow commands within
your YAML file; these commands are then sent to the
runner over stdout

Microsoft Confidential 26
Environment variables
• GitHub sets default environment variables that are available to every step in a workflow run
• Environment variables are case-sensitive
• Commands run in actions or steps can create, read, and modify environment variables

Microsoft Confidential 27
Manually run a workflow
• When a workflow is configured to run on the workflow_dispatch event, you can run the workflow using
the Actions tab on GitHub, GitHub CLI, or the REST API
• To trigger the workflow_dispatch event, your workflow must be in the default branch

• To run a workflow using the REST API, configure the inputs and ref as request body parameters

Microsoft Confidential 28
Runners
• GitHub-hosted runners
o GitHub offers hosted virtual machines to run workflows
o The virtual machine contains an environment of tools, packages, and settings available for GitHub Actions to use
o GitHub offers runners with Linux, Windows, and macOS operating systems

• Self-hosted runners
o Host your own runners and customize the environment used to run jobs in your GitHub Actions workflows
o Add self-hosted runners at various levels: Repository-level, Organization-level, Enterprise-level

Microsoft Confidential 29
Lesson Knowledge Check
1. What is GitHub Actions?
2. What is a workflow?
3. True/False: You can configure your workflows to run when specific activity on GitHub happens, at a
scheduled time, or when an event outside of GitHub occurs.
4. What are the two types of runners?

Microsoft Confidential
Demo 1: Create a workflow –
Building and testing .NET

Microsoft Confidential 32
Lesson Summary
• In this lesson, you learned about:
o GitHub Actions
o Workflows
o Workflow templates
o Expressions and Contexts
o Workflow syntax and commands
o Environment variables

Microsoft Confidential
Module 4: GitHub Actions

Lesson 2: Deploy with GitHub

Actions

Microsoft Confidential
Overview
• About deployments
• Deploy with GitHub Actions
• Targeting different environments
• Managing your deployments

Microsoft Confidential
About deployments
• Continuous deployment (CD) is the practice of using automation to publish and deploy software updates.
As part of the typical CD process, the code is automatically built and tested before deployment
• Continuous deployment is often coupled with continuous integration
• Create custom continuous deployment (CD) workflows directly in your GitHub repository with GitHub
Actions

Microsoft Confidential 36
Deploying with GitHub Actions
• With GitHub Actions, you can:
o Trigger workflows with a variety of events
o Configure environments to set rules before a job can proceed and to limit access to secrets
o Use concurrency to control the number of deployments running at a time

• Triggering your deployment

o Use variety of events to trigger your deployment workflow
▪ pull_request, push, and workflow_dispatch

• Using environments
o Use environments to require approval for a job to proceed, restrict which branches can trigger a workflow, or limit
access to secrets
• Using concurrency
o Use concurrency so that an environment has a maximum of one deployment in progress and one deployment
pending at a time

Microsoft Confidential
Targeting different environments
• Environments are used to describe a general deployment target like production, staging, or development
• Each job in a workflow can reference a single environment
• Configure environments with protection rules and secrets
o Environment protection rules:
▪ Required reviewers
▪ Wait timer
▪ Deployment branches
• All branches
• Protected branches
• Selected branches
o Environment secrets
▪ Secrets stored in an environment are only available to workflow jobs that reference the environment
▪ If the environment requires approval, a job cannot access environment secrets until one of the required reviewers approves it

Microsoft Confidential 38
Managing your deployments
• View current and previous deployments for your repository

Microsoft Confidential 39
Lesson Knowledge Check
1. What is continuous deployment?
2. Name any two events that can be used to trigger the deployment workflow.

Microsoft Confidential
Demo 2: Deploying with
GitHub Actions

Microsoft Confidential 42
Lesson Summary
• In this lesson, you learned about:
o Deployments
o Deploying with GitHub Actions
o Targeting different environments
o Managing your deployments

Microsoft Confidential
Module 4: GitHub Actions

Lesson 3: Migrating from Azure

Pipelines to GitHub Actions

Microsoft Confidential
Overview
• Introduction
• Key differences
• Migrating jobs and steps
• Migrating script steps
• Migrating conditions and expressions syntax
• Dependencies between jobs
• Migrating tasks to actions

Microsoft Confidential
Introduction
• Azure Pipelines and GitHub Actions both allow you to create workflows that automatically build, test,
publish, release, and deploy code
• Azure Pipelines and GitHub Actions share some similarities in workflow configuration:
o Workflow configuration files are written in YAML and are stored in the code's repository
o Workflows include one or more jobs
o Jobs include one or more steps or individual commands
o Steps or tasks can be reused and shared with the community

Microsoft Confidential 46
Key differences

Azure Pipelines GitHub Actions

Supports a legacy classic GUI editor Does not support a graphical editor
instead of creating the pipeline definition
in a YAML file
Allows you to omit some structure in job Requires explicit configuration, and YAML
definitions. For example, if you only have structure cannot be omitted
a single job, you don't need to define the
job and only need to define its steps
Supports stages defined in the YAML file, Requires you to separate stages into
which can be used to create deployment separate YAML workflow files
workflows
On-premises Azure Pipelines build agents Self-hosted runners can be selected with
can be selected with capabilities labels

Microsoft Confidential
Migrating jobs and steps
• Jobs and steps in Azure Pipelines are very similar to jobs and steps in GitHub Actions. In both systems, jobs
have the following characteristics:
o Jobs contain a series of steps that run sequentially.
o Jobs run on separate virtual machines or in separate containers.
o Jobs run in parallel by default but can be configured to run sequentially.

Microsoft Confidential
Migrating script steps
• In Azure Pipelines, script steps can be specified using the script key, or with the bash, powershell, or pwsh
keys. Scripts can also be specified as an input to the Bash task or the PowerShell task
• In GitHub Actions, all scripts are specified using the run key. To select a particular shell, you can specify the
shell key when providing the script

49
Migrating conditionals and expression syntax
• Azure Pipelines and GitHub Actions can both run steps conditionally. In Azure Pipelines, conditional
expressions are specified using the condition key. In GitHub Actions, conditional expressions are specified
using the if key.
• Azure Pipelines uses functions within expressions to execute steps conditionally. In contrast, GitHub
Actions uses an infix notation.

50
Dependencies between jobs
• Both Azure Pipelines and GitHub Actions allow you to set dependencies for a job
• In both systems, jobs run in parallel by default, but job dependencies can be specified explicitly
• In Azure Pipelines, this is done with the dependsOn key. In GitHub Actions, this is done with the needs key.

51
Migrating tasks to actions
• Azure Pipelines uses tasks that can be re-used in multiple workflows
• GitHub Actions uses actions to perform tasks and customize your workflow
• In both systems, you can specify the name of the task or action to run, along with any required inputs as
key/value pairs

52
Lesson Knowledge Check
1. True/False: GitHub Actions supports a GUI editor.
2. What is the equivalent of an Azure Pipelines task in GitHub Actions?

Microsoft Confidential
Lesson Summary
• In this lesson, you learned about:
o Migrating from Azure Pipelines to GitHub Actions
o Key differences
o Migrating jobs and steps
o Migrating script steps
o Migrating conditions and expressions syntax
o Dependencies between jobs
o Migrating tasks to actions

Microsoft Confidential
Module Summary
• In this module, you learned about:
o GitHub Actions
o Deploying with GitHub Actions
o Migrating from Azure Pipelines to GitHub Actions

Microsoft Confidential
Lab: GitHub Actions

Microsoft Confidential
Microsoft Confidential
Microsoft Confidential