DEV Community

Cover image for Learn How to Run GitHub Actions in Your CI/CD Pipeline
Pavan Belagatti
Pavan Belagatti

Posted on • Edited on

Learn How to Run GitHub Actions in Your CI/CD Pipeline

A GitHub action is a customisable piece of code that developers can use to automate tasks and workflows in their GitHub repositories. Actions are made up of one or more steps, which can perform a variety of tasks, such as building code, running tests, deploying applications, or sending notifications. Actions can be triggered by various events, such as a pull request or a push to a specific branch, and can be configured to run on different operating systems and environments. GitHub provides a library of pre-built actions that developers can use or customise to suit their needs, or they can create their own actions and share them with the GitHub community. With actions, developers can automate repetitive tasks, improve the quality of their code, and accelerate their development workflows.

Harness is considered a leader in the field of continuous delivery, and today I'll show you how you can run GitHub actions as a step in the Harness CI module.

Prerequisites

Tutorial

Signup for the Harness CI module and create a project and add details.
create project

Invite collaborators for your project if you want.
Invite collaborators

Select the continuous integration (CI) module.
CI module

Next, it will guide you through creating your first pipeline.
first pipeline

Connect your repository. Connect the one you forked, the example repository.
connect repo

Since our application code is in GitHub, select 'GitHub'.
select GitHub

Connect your GitHub with your GitHub personal access token. If you don't know how to create your GitHub personal access token, please refer to this official document.
Image description

Make sure the connection is successful.

Next, select your repository
select your repo

Since it is a Go application repository, we will select 'Go' and we can see a default YAML file.
default yaml

Save and continue, you will land in the pipeline studio which should look like this
pipeline studio

Under the execution tab, you will see the 'Build Go App'. Click on it and it will show the details of the step.
build go app

Let's replace the command field with our own command. We are just adding the mod init command to the existing commands list.
modinit command

Apply changes, save and run the pipeline.
run pipeline

You should see a successful pipeline execution:)
successful pipeline

Add and Run GitHub Actions

Let's customise our pipeline to add GitHub actions now. How?

You should see the 'Pipeline Studio' written at the top with 'VISUAL' & 'YAML' written. click on the 'YAML'
click on yaml

You will see the YAML file of our pipeline.
yaml pipeline

Next, we will modify this YAML by adding GitHub actions.
Enable editing the YAML option.
edit yaml
confirm yaml editing

Let's add the YAML to setup Golang. The YAML is below.



            steps:
              - step:
                  type: Action
                  name: setup golang
                  identifier: setup_go
                  spec:
                    uses: actions/setup-go@v3
                    with:
                      go-version: "1.17"


Enter fullscreen mode Exit fullscreen mode

Let's add the above YAML piece to our pipeline YAML.
adding the go yaml

Now, select 'VISUAL' from the top to see how the pipeline looks visually.
visual

You should see our added YAML piece 'setup Golang' in the visual pipeline studio.
setup go

Similarly, let's modify/edit the pipeline YAML by going to YAML tab. Let's extend our steps by adding Trivy security vulnerability scan to our application repo.

The YAML piece for adding the Trivy scan is shown below,



- step:
     identifier: trivy
     name: Run Trivy vulnerability scanner
     type: Plugin
     spec:
         connectorRef: dockerhub
         image: plugins/github-actions
         privileged: true
         settings:
             uses: aquasecurity/trivy-action@master
             with:
                 image-ref: drone/git
                 format: table
                 exit-code: "1"
                 ignore-unfixed: "true"
                 vuln-type: os,library
                 severity: CRITICAL,HIGH,LOW
             env:
                 CI: true


Enter fullscreen mode Exit fullscreen mode

Trivy application repo

When you again switch back to the visual mode, you should see our pipeline and the step 'Trivy security vulnerability scan' added.
Trivy scan added

Save and run the pipeline.
save and run pipeline

You should see the pipeline getting executed and it will fail. Don't panic, it is failing because there are vulnerabilities in the application repo.
scan result

You can reorder your steps under execution as per your wish just by dragging and dropping them where you want.

drag and drop

This way, you can easily build your pipeline by adding various capabilities in Harness. You can see the various actions available in the GitHub actions marketplace.

What to Choose: Harness or GitHub Actions?

Both Harness CI and GitHub actions are powerful tools for automating continuous integration and deployment workflows. However, there are a few key differences that set Harness CI apart and may make it a better choice for some development teams.

Firstly, Harness CI offers a more comprehensive set of features than GitHub actions. While GitHub actions is a great tool for automating simple tasks, Harness CI is designed to handle complex workflows that involve multiple stages, environments, and pipelines. It offers a visual pipeline editor that allows developers to create and manage workflows quickly and easily and supports a wide range of integrations with popular tools and platforms.

Another advantage of Harness CI is its focus on security and compliance. Harness CI offers robust security features such as multi-factor authentication, role-based access control, and encryption of sensitive data. It also supports compliance with various regulations, such as SOC 2.

Finally, Harness CI offers enterprise-level support and services, including 24/7 customer support, onboarding, and training. This level of support can be invaluable for large development teams or organisations that require a high level of customisation and assistance.

In summary, while both Harness CI and GitHub actions are powerful tools for automating CI/CD workflows, Harness CI offers a more comprehensive set of features, better security and compliance, and enterprise-level support, making it a better choice for some development teams.

Top comments (3)

Collapse
 
tryforceful profile image
Rob Keleher

This was either written by a Harness CI employee, or an AI, or both.

Collapse
 
pavanbelagatti profile image
Pavan Belagatti

Can't you see my profile? It is clearly written where I work. Do you have any problem with this article?

Collapse
 
neomog profile image
neomog

Really, because of emphasis on the product right?