auth
act
auth | act | |
---|---|---|
13 | 146 | |
826 | 50,324 | |
2.9% | 1.8% | |
7.6 | 9.2 | |
17 days ago | 2 days ago | |
TypeScript | Go | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
auth
-
Push code with GitHub Actions to Google Cloud’s Artifact Registry
This workflow will authenticate with Google Cloud using the Google Cloud auth GitHub Action and use Docker to authenticate and push to the registry. To make this workflow work (or flow?) we need to set up some Google Cloud resources and add in those values for our environment variables. Make sure to add in the value for PROJECT_ID where you have permission to create resources. The value for IMAGE_NAME can be anything — it’ll be created the first time this workflow runs:
-
GitHub Actions could be so much better
The issue of integration with other tools is also quite strange. Of course, this is not directly related to github actions. For example, what needs to be done to use cloud run https://github.com/google-github-actions/auth#setting-up-wor...
- you must have the "bigquery.datasets.create" permission on the selected project
-
IAM Best Practices [cheat sheet included]
While it is commonly associated with AWS, and their AWS IAM service, IAM is not limited to their platform. All cloud providers, such as Google Cloud and Azure DevOps, offer IAM solutions that allow users to access resources and systems. If you are looking for specific AWS IAM best practices, look no further than our AWS IAM Security Best Practices article:\ For the rest of this article, we will look at the generic best practices that have evolved over the last decade around each part of the basic question we started with, "who can access what?":
-
How would I use Github Actions to run a Python Script to make changes to a Google Sheets Spreadsheet?
I found this but I don't quite get how it works. I haven't done all the steps yet but I get how to set it up. I just don't understand how this just magically authenticates future steps since my code still needs a token. Should I use this to authenticate the script? If so, how do I do it and what would I need in my code? If not what should I use instead?
-
Cloud Incident Response
Cloud Identity and Access Management: This service provides fine-grained control over who has access to what resources within an organization's Google Cloud environment. It can be used to quickly revoke access to compromised accounts or limit access to sensitive resources. https://cloud.google.com/iam
-
Advanced GitHub Actions - Conditional Workflow
I use google-github-actions/auth in the first step in my job to authenticate to GCP. At this point, I have 6 different GitHub secrets to test out the concept. Each branch has two secrets with the format BRANCH_WIP and BRANCH_SA.
-
Learning Journal 3: Brainstorm a deployment process from GitHub to Google App Engine and Cloud SQL (Part 2)
There are 2 core parts authentication to GCP and App Engine deployment. Authentication is performed using auth, while a deployment uses deploy-appengine.
-
CI/CD from GitHub to Google Cloud Platform(GAE)
You should have a look at using workload identity federation and OIDC tokens. There’s a guide on https://github.com/google-github-actions/auth It means you no longer need to hardcode service account credentials in GitHub secrets anymore.
-
Learning Journal 2: Brainstorm a deployment process from GitHub to Google App Engine and Cloud SQL (Part 1)
Yes, there is a deploy-appengine action that automates the whole App Engine deployment process. Indeed, it uses gcloud commands underneath too. Either way, both approaches need an auth action to authenticate to GCP before any task can be performed.
act
-
Create a Custom GitHub Action in Rust
To speed up your development cycle, install and use the act tool to test-run your action directly in your development environment. This tool lets you invoke a GitHub workflow right on your local machine and will save you the round-trips of pushing each change to GitHub to see if it works.
-
How to debug GitHub actions. Real-world example
When it comes to the alternatives to tmate, there is another great debugging tool that you could check out. It is called act and it allows you to run GitHub Actions code on your local machine making debugging even easier. It has its own limitations and some learning curve but overall it is another tool you should use if you can’t fix the CI bugs by connecting directly into the running action with the tmate.
-
Using my new Raspberry Pi to run an existing GitHub Action
Link: https://github.com/nektos/act
-
Show HN: Open-source x64 and Arm GitHub runners. Reduces GitHub Actions bill 10x
Could you upload your build of GitHub's runner image to Docker Hub?
This would be quite useful for users of other GitHub Actions clones like act [0].
[0]: https://github.com/nektos/act
-
Git commit messages are useless
> These kinds of commit messages are typically an indicator of a broken process where somebody needs to commit to see something happen, like a deployment or build process, and aren't able to assert that stuff works locally.
This is one of my biggest pet peeves with services like github actions. Something running locally like "act" [1] isn't sufficient because it doesn't have everything github has and is extra friction anyway to get everyone to use it for testing.
[1] https://github.com/nektos/act
-
Essential Command Line Tools for Developers
View on GitHub
-
What’s with DevOps engineers using `make` of all things?
If you use Github actions, act is incredibly useful. It can be used to test your GH actions, but also serves as an interface for running tasks locally.
-
Streamlining CI/CD Pipelines with Code: A Developer's Guide
That's something that often is difficult or basically impossible. Except for maybe GitHub actions through Act (https://github.com/nektos/act). I'd still lean to something in the yaml sphere if it eventually would be used in deployment pipelines and such. For example a solution incorporating ansible.
It also seems to me that the argument you make is mostly focused on the building step? Earthly certainly seems focused on that aspect.
-
GitHub Actions Are a Problem
I feel I'm being trolled, but I'll bite and accept the resulting downvotes
I don't think treating every mention of act as an opportunity for airing of personal grievances is helpful in a discussion when there's already ample reports of people's concrete issues with it, had one looked at the 800 issues in its repo https://github.com/nektos/act/issues?q=is%3Aissue or the 239 from gitea's for https://gitea.com/gitea/act_runner/issues or whatever is going on with Forgejo's fork https://code.forgejo.org/forgejo/act .
But, as for me specifically, there are two and a half answers: I wanted to run VSCodium's build locally, which act for sure puked about. Then, while trying to troubleshoot that, I thought I'd try something simpler and have it run the lint job from act's own repo <https://github.com/nektos/act/blob/1252e551b8672b1e16dc8835d...> to rule out "you're holding it wrong" type junk. It died with
[checks/lint] Failure - Main actions/setup-go@v3
-
How Steve Jobs Saved Apple with the Online Apple Store
https://twitter.com/mitsuhiko/status/1720410479141487099 :
> GitHub Actions currently charges $0.16 per minute* for the macOS M1 Runners. That comes out to $84,096 for 1 machine year*
GitHub Runner is written in Go; it fetches tasks from GitHub Actions and posts the results back to the Pull Request that spawned the build.
nektos/act is how Gitea Actions builds GitHub Actions workflow YAML build definition documents. https://github.com/nektos/act
https://twitter.com/MatthewCroughan/status/17200423527675700... :
> This is the macOS Ventura installer running in 30 VMs, in 30 #nix derivations at once. It gets the installer from Apple, automates the installation using Tesseract OCR and TCL Expect scripts. This is to test the repeatability. A single function call `makeDarwinImage`.
With a Multi-Stage Dockerfile/Containerfild, you can have a dev environment like xcode or gcc+make in the first stage that builds the package, and then the second stage the package is installed and tested, and then the package is signed and published to a package repo / app store / OCI container image repository.
SLSA now specifies builders for signing things correctly in CI builds with keys in RAM on the build workers.
"Build your own SLSA 3+ provenance builder on GitHub Actions" https://slsa.dev/blog/2023/08/bring-your-own-builder-github
What are some alternatives?
Aegis - A free, secure and open source app for Android to manage your 2-step verification tokens.
reverse-rdp-windows-github-actions - Reverse Remote Desktop into Windows on GitHub Actions for Debugging and/or Job Introspection [GET https://api.github.com/repos/nelsonjchen/reverse-rdp-windows-github-actions: 403 - Repository access blocked]
angular-auth-oidc-client - npm package for OpenID Connect, OAuth Code Flow with PKCE, Refresh tokens, Implicit Flow
cache - Cache dependencies and build outputs in GitHub Actions
google-auth-library-nodejs - 🔑 Google Auth Library for Node.js
dagger - Application Delivery as Code that Runs Anywhere
azure-pipelines-agent - Azure Pipelines Agent 🚀
earthly - Super simple build framework with fast, repeatable builds and an instantly familiar syntax – like Dockerfile and Makefile had a baby.
harden-runner - Network egress filtering and runtime security for GitHub-hosted and self-hosted runners
action-tmate - Debug your GitHub Actions via SSH by using tmate to get access to the runner system itself.
configure-aws-credentials - Configure AWS credential environment variables for use in other GitHub Actions.
LSPatch - LSPatch: A non-root Xposed framework extending from LSPosed