GitHub Teams стал бесплатным для приватных репозиториев.
Такие фичи, как Codeowners и SAML всё ещё доступны только на платных планах.
Однако цены для плана Team снизили с $9 до $4 per user/month
#github
Такие фичи, как Codeowners и SAML всё ещё доступны только на платных планах.
Однако цены для плана Team снизили с $9 до $4 per user/month
#github
The GitHub Blog
GitHub is now free for teams
Every developer and team can now get private repositories with unlimited collaborators at no cost with GitHub Free, and we reduced prices for some of our paid plans.
GitHub представили свой Super Linter, который умеет работать со множеством ЯП и упакован в GitHub Action.
По задумке этот линтер должен быть особенно полезен тем, кто использует монорепы с несколькими ЧП
#github #cicd
По задумке этот линтер должен быть особенно полезен тем, кто использует монорепы с несколькими ЧП
#github #cicd
The GitHub Blog
Introducing GitHub Super Linter: one linter to rule them all
Setting up a new repository with all the right linters for the different types of code can be time consuming and tedious. So many tools and configurations to choose from and often more than one
Github_new_design.png
320 KB
Wow! Github released new design!
It changed icons and so on but biggest change - visualize important for Open Source Projects fields right on project startpage
#github
It changed icons and so on but biggest change - visualize important for Open Source Projects fields right on project startpage
#github
Вот и вышла GitHub CLI версии 1.0
Теперь вы можете наблюдать, как фейлится CI для вашего пул-реквеста прямо в терминале 👍
#github #toolz
Теперь вы можете наблюдать, как фейлится CI для вашего пул-реквеста прямо в терминале 👍
#github #toolz
The GitHub Blog
GitHub CLI 1.0 is now available
GitHub CLI brings GitHub to your terminal. It reduces context switching, helps you focus, and enables you to more easily script and create your own workflows. Earlier this year, we…
GitHub Actions now support concurrency settings not only for jobs inside workflow, but for workflows as well.
Here is the full documentation
This feature is very useful for me personally, because now I can submit multiple PRs to my Terraform module at the time and don't worry about workflows. Previously, some builds for concurrent PRs failed, because the integration tests for previous PR were still in progress.
So, this change would be useful for anybody, who uses GitHub Actions with the resources, which require explicit locking.
#cicd #github
Here is the full documentation
This feature is very useful for me personally, because now I can submit multiple PRs to my Terraform module at the time and don't worry about workflows. Previously, some builds for concurrent PRs failed, because the integration tests for previous PR were still in progress.
So, this change would be useful for anybody, who uses GitHub Actions with the resources, which require explicit locking.
#cicd #github
git-xargs - tool for change same things in many Github repos at once
This is a CLI tool for easily executing commands and scripts opensorced by Gruntwork a short time ago.
Written in Go and used goroutines, so it pretty fast, except you reached the Github API call limit :)
#git #github #toolz
This is a CLI tool for easily executing commands and scripts opensorced by Gruntwork a short time ago.
Written in Go and used goroutines, so it pretty fast, except you reached the Github API call limit :)
#git #github #toolz
Medium
Introducing git-xargs: an open source tool to update multiple GitHub repos
git-xargs allows you to run arbitrary commands or scripts against many repos in parallel
An experiment ran by Corey Quinn: what would happen once you pushed your AWS keys to a public repository.
He summarized it in a Twitter thread
tl;dr: AWS contacted him about leaked credentials and refused to close the case before he rotated the keys even though these keys had no permissions.
Also, there's an interesting reply from a person who is working in GitHub. GitHub have a monitoring for leaked credentials. However, they notify AWS directly rather than a customer in such occasions. The reason for that is a lot of false-positives at the time such monitoring was just introduced. So, they decided not to bother their customers in vain.
P.S. Last time I had to scan a repository for leaked credentials, I used TruffelHog tool it searches not only for AWS secrets, but actually for any high-entropy strings. Also, it works quite well even for large repositories.
#security #aws #github #toolz
He summarized it in a Twitter thread
tl;dr: AWS contacted him about leaked credentials and refused to close the case before he rotated the keys even though these keys had no permissions.
Also, there's an interesting reply from a person who is working in GitHub. GitHub have a monitoring for leaked credentials. However, they notify AWS directly rather than a customer in such occasions. The reason for that is a lot of false-positives at the time such monitoring was just introduced. So, they decided not to bother their customers in vain.
P.S. Last time I had to scan a repository for leaked credentials, I used TruffelHog tool it searches not only for AWS secrets, but actually for any high-entropy strings. Also, it works quite well even for large repositories.
#security #aws #github #toolz
Twitter
Corey Quinn
Let's do an @awscloud experiment with our friends at @github. I have pushed a set of API credentials to a public repository. Oh no! Specifically at Mon Jun 21 23:08:12 UTC 2021.
Here is the awesome list of GitHub Actions both official and community-driven.
So, if you were looking into working with GHA, that might be a good thing to check. Also, if you're using GHA already, you may find some common actions to remove some repeated lines of code in your pipelines.
P.S. If you are not interested in GitHub Actions, but still adore the idea of YAML based CI, I just want to remind you that you can use YAML to configure Jenkins pipelines as well
#cicd #github #gha #jenkins
So, if you were looking into working with GHA, that might be a good thing to check. Also, if you're using GHA already, you may find some common actions to remove some repeated lines of code in your pipelines.
P.S. If you are not interested in GitHub Actions, but still adore the idea of YAML based CI, I just want to remind you that you can use YAML to configure Jenkins pipelines as well
#cicd #github #gha #jenkins
GitHub
GitHub - sdras/awesome-actions: A curated list of awesome actions to use on GitHub
A curated list of awesome actions to use on GitHub - sdras/awesome-actions
Ship / Show / Ask - A modern branching strategy
It's a branching strategy that combines the features of Pull Requests with the ability to keep shipping changes.
Changes are categorized as either:
- Ship (merge into mainline without review)
- Show (open a pull request for review, but merge into mainline immediately)
- Ask (open a pull request for discussion before merging)
From CatOps Chat
#github
It's a branching strategy that combines the features of Pull Requests with the ability to keep shipping changes.
Changes are categorized as either:
- Ship (merge into mainline without review)
- Show (open a pull request for review, but merge into mainline immediately)
- Ask (open a pull request for discussion before merging)
From CatOps Chat
#github
martinfowler.com
Ship / Show / Ask
Ship/Show/Ask is a branching strategy that helps teams wait less and ship more, without losing out on feedback.
👍1