This weblog publish was co-authored by Usha Narayanabhatta, Product Supervisor, GitHub.
As digital transformation has advanced, so have buyer expectations. Enterprises are anticipated to ship steady worth by releasing frequent bug-proof updates with little to no disruption to their userbase. That is no small feat, as nations and governments roll out stringent new information and safety measures.
So how are enterprises capable of ship quicker whereas sustaining governance, safety, and compliance requirements amidst a pandemic that has pressured work to be distant?
Based mostly on the Enterprise DevOps 2020-2021 report, 80 % of top-performing enterprises surveyed say they’ve begun “shifting-left,” or automating governance, safety, and compliance into the early phases of their software program growth lifecycles (SDLC). These enterprises aren’t solely automating their construct and launch workflows, however they’re additionally adopting an “everything-as-code” mindset. This shift signifies that not simply infrastructure configurations and launch pipelines, but additionally compliance and safety insurance policies, are written “as code,” enabling steady enchancment, whereas selling higher re-use, resilience, and driving better transparency.
It’s with all this in thoughts that we proceed to refine, replace, and add to our GitHub Actions portfolio. At Microsoft Ignite we introduced new GitHub Actions for Azure, which we added to our rising catalogue of Azure and GitHub integrations, with extra to return quickly. GitHub Actions for Azure permits deployments to a number of Azure providers—from internet purposes to serverless capabilities to Kubernetes, to Azure SQL and MySQL databases—in the end serving to enterprises keep resilient whereas giving the flexibleness to construct an automatic workflow to handle your SDLC.
Handle Azure Coverage as Code in GitHub
As you progress in your Cloud Governance journey, there’s an growing have to shift from manually managing every coverage within the Azure portal to one thing extra manageable, collaborative, and repeatable at enterprise scale. We’re asserting that we made the combination between Azure Coverage and GitHub even stronger that can assist you on this journey. Now you can simply export Azure insurance policies to a GitHub repository in only a few clicks. All exported insurance policies will likely be saved as information in GitHub. You may then collaborate and monitor modifications utilizing model management and push coverage file modifications to Azure Coverage utilizing Manage Azure Policy motion. See Managing Azure Policy as Code with GitHub to study extra and go to Azure Policy to entry the function.
Deploy ARM infrastructure as code
With the transfer to the cloud, many groups have to repeatedly deploy their options to the cloud and guarantee their infrastructure is in a dependable state. To fulfill these challenges, you may automate deployments by defining the infrastructure that must be deployed as code with Azure Useful resource Administration (ARM) templates.
To deal with this, we’re releasing a Deploy Azure Resource Manager Template action. With this motion you may automate your workflow to deploy ARM templates and handle Azure assets. This motion can be utilized to deploy ARM templates at any deployment scope; useful resource group, subscription or at a administration group scope. The output of this ARM deployment motion can be utilized in subsequent actions throughout the workflow as properly for additional processing.
Construct Azure Digital Machine Photos for immutable infrastructure
With the newly rolled out Build Azure Virtual Machine Image motion, customizing, creating, and distributing digital machine (VM) photos simply obtained simpler. Now you can use this motion to create customized VM photos that maintain artifacts produced in your Steady Supply workflows, distribute them as a Shared Image Gallery model or a managed picture or a digital arduous disk (VHD) and get full traceability between the GitHub and Azure portal.
Hint Kubernetes modifications from Azure portal to GitHub commits
Deploy to Kubernetes cluster action is now enhanced to allow a changelog view within the Azure portal to hint any deployment achieved on an Azure Kubernetes Service (AKS) cluster from the precise GitHub commits and points that obtained deployed all the best way to the particular GitHub workflow that was used to deploy the modifications.
Scan container photos as a part of Pull Request workflows
Now you can add the container scanning action to your workflows and add further checks to safe the Docker photos created as a part of Command Line (CI) or Pull Request (PR) workflows. This helps builders scan for a typical vulnerabilities of their Docker photos and acquire confidence earlier than pushing to a container registry or deploying to a containerized internet app or a Kubernetes cluster.
Additionally, be at liberty to discover the improved DevOps starter expertise which now helps GitHub Actions as a CI/CD supplier. This new enhancement permits builders to arrange an end-to-end GitHub workflow for a pattern software with simply 4 easy steps.
If in case you have any modifications you’d prefer to see or ideas for these options, then we’d love your suggestions in addition to contributions to the GitHub Action repositories—we’re taking pull requests. For those who encounter an issue with any particular motion, you can too open a problem on the motion repository.