cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Continuous Integration via GitHub Actions
By
Chad_Voelker
Published Oct 26 2022 06:42 AM 3,505 Views
Chad_Voelker
Microsoft
‎Oct 26 2022 06:42 AM

Continuous Integration via GitHub Actions

‎Oct 26 2022 06:42 AM

GitHub Actions-SM.png

Prerequisites

You’ve already created a GitHub repository and maybe have some initial commits but are now wanting to share this with members of your team or the greater GitHub community.

 

Why

You’d like a level of confidence that the code that’s merged into the main branch is consumable without having to fix build errors. Of course, this process will not guard against logic errors, but this article will also document requiring pull requests (PRs) so that at least one other developer is reviewing commits before merging changes into main.

 

Steps

The screenshots in this document are from our fhir-link repository. Fhir-link (pronounced “fire link”) is a .net Core 6.0 Azure function that performs an integration between an FHIR Service and Dynamics 365 Customer Insights. You can find the actual code in the repository there. Good documentation from GitHub is also contained in the GitHub Marketplace and GitHub Docs.

 

Create GitHub Workflow

The steps below reference the callouts in the editor screen shot. Base your work off of the fhir-link example or the code within the GitHub example.

Chad_Voelker_0-1666791174289.png

 

Figure 1: Visual Studio screenshot of yaml file

 

 

  1. Using your editor of choice, create a yaml file and place it in a .github\workflows directory within your repository.
  2. Name the action
  3. Target the pull requests of the branch that will act as your main development. This will act as the trigger to the action.
  4. Complete the env section with pertinent details:
    1. Configuration: Release
    2. DOTNET_CORE_VERSION: our repo targets the current LTS version: 6.0
    3. WORKING_DIRECTORY: we will work from within the default repo directory
  5. There’s one job: “build-and-test”. It will contain the steps necessary to pull the code, build and run any test assemblies.
  6. jobs/build-and-test/runs-on: ubuntu-latest

Ubuntu was chosen since it already has the latest .net core libraries which allows it to run more quickly. “windows-latest” is also an option here.

  1. jobs/build-and-test/steps/uses: actions/checkout@master

This reference’s GitHub’s repository, hence it is GitHub’s nomenclature: “actions/checkout@master” instead of “actions/checkout@main” - this repo’s nomenclature

  1. jobs/build-and-test/steps/Setup .NET Core

Ready the .NET core environment to be used in the build.

  1. jobs/build-and-test/steps/Restore

Pull the code from the GitHub repo to the working directory.

  1. jobs/build-and-test/steps/Build

Compile the code in the working directory using the Release build configuration

  1. jobs/build-and-test/steps/Test

Inspect the assemblies and run any test methods found.

 

Branch Security

Once saved in .github\workflows, the action will run automatically when the “on” event occurs – in this case, the pull request. But there’s nothing forcing a PR to wait for it to complete successfully. To fix this we need to configure a GitHub branch protection rule.

Chad_Voelker_1-1666791174294.png

 

Figure 2: GitHub steps to add a branch protection rule

 

  1. Navigate to settings
  2. Branches
  3. Branch protection rules > Add Rule

 

Chad_Voelker_2-1666791174297.png

 

Figure 3: Branch protection setting detail

 

  1. Select the branches that this rule should cover. This can be one branch like “main” or “master” or can cover any number using a pattern. The pattern uses fnmatch syntax.
  2. Enable “Require branches to be up to date before merging”
  3. Find and select the build-and-deploy workflow. Some notes below.
    • This is not the name of the workflow (line 1 in above example yaml), but instead it is the name of the job (line 11 in above example yaml).
    • The list isn’t populated immediately. Let the workflow run once (See Validate section) and it should become populated in the list.

Other best practice settings for your main development branch include

  • Require a pull request before merging
  • Require conversation resolution before merging
  • Do not allow bypassing the above settings

 

Validation

Create a PR, you should see the checks initially in yellow, then turn green when complete (assuming success).

Chad_Voelker_3-1666791174302.png

 

Figure 4: Pull Request view while checks are running

 Chad_Voelker_4-1666791174307.png

 

Figure 5: Pull Request view after checks have completed

 

Optional Steps

You may have some reusable components in this repository. If so, this action should also package and publish to your package repository. For more detail, see Publishing to package registries in the GitHub Docs.

 

Depending on your deployment target (Kubernetes, an app service, a function app, etc) in addition to CI, you may also want to configure Continuous Deployment (CD) in your GitHub repository. The concepts are similar. You can see the sample yaml file from our fhir-link repository here, or see detailed documentation in the GitHub Docs.

 

Conclusion

This was a good review of GitHub actions and branch security. I hope you found value in this write up.

 

If you’d like to be part of a community of healthcare developers sharing knowledge and resources, check out our HLS Developer discord at https://aka.ms/HLS-Discord. We have links to all our content there and a bunch of channels to communicate with us and likeminded tech and healthcare people.

 

Hope to see you there!

Co-Authors
Version history
Last update:
‎Oct 27 2022 07:33 AM
Updated by:
Labels