All Blog Posts
/
Blog

GitHub Actions Support in Harness CI

GitHub Actions let you create custom actions that can perform predefined tasks. Learn how to use them in Harness CI for added extensibility.

By
Shubham Agrawal
Published on
1/27/22

Share

In this article, we will learn about GitHub Actions support in Harness CI and how plugin extensibility helped templatizing action as a plugin step.

GitHub Actions let you create custom actions that can perform predefined tasks. These predefined tasks range from cloning a codebase to building a Docker image and security scanning images. Previously-created actions are present on the GitHub marketplace, with a rich support of over 10k actions.

Harness CI has added support for running GitHub Actions. This addition means that GitHub Actions can be used via the plugin step in a CI pipeline.

Usage

GitHub Actions YAML contains three attributes:

  1. name: Refers to the GitHub repository of the action along with the branch or tag.
  2. with: A map with a key and value as string. These are action inputs.
  3. env: Environment variables passed to the action.

You must copy with, uses, and env attributes in the plugin step settings to use a GitHub action as a plugin in Harness CI. You must also run the step in privileged mode since the GitHub action plugin uses Docker in Docker (dind).

The following is a side-by-side comparison of action YAML in GitHub actions vs. Harness CI:

A comparison of action YAML in GitHub actions vs. Harness CI

The following are some examples for using actions in Harness CI.

Trivy Scanning Action

Trivy is an open-source scanner for detecting vulnerabilities in container images, git repositories, and much more.

The following example scans “drone/git” container image using trivy in Harness CI.

- step:
     identifier: trivy
     name: Run Trivy vulnerability scanner
     type: Plugin
     spec:
         connectorRef: dockerhub
         image: plugins/github-actions
         privileged: true
         settings:
             uses: aquasecurity/trivy-action@master
             with:
                 image-ref: drone/git
                 format: table
                 exit-code: "1"
                 ignore-unfixed: "true"
                 vuln-type: os,library
                 severity: CRITICAL,HIGH,LOW
             env:
                 CI: true

Trivy GitHub Actions Example

GCS Upload Action

The GCS upload action can be used to upload a file to Google Cloud storage.

- step:
    identifier: gcs-uploader
     name: upload file to GCS
     type: Plugin
     spec:
          connectorRef: dockerhub
          image: plugins/github-actions
          privileged: true
          settings:
               uses: google-github-actions/upload-cloud-storage@main
               with:
                    path: '/path/to/file'
                    destination: demo/gcs
                    credentials: <+stage.variables.GCP_SECRET_KEY_BASE64>

GCP Upload GitHub Actions Example

Git Checkout Action

The Git checkout action is used for cloning the GitHub repository codebase. This action can be used to clone one or more git repositories in a single stage in Harness CI.

The following example clones the primary repository present in the trigger payload. It is required to specify GITHUB_TOKEN as an environment variable to the step for cloning private repositories.

- step:
     identifier: checkout
     name: checkout GitHub action
     type: Plugin
     spec:
         connectorRef: dockerhub
         image: plugins/github-actions
         privileged: true
         settings:
             uses: actions/checkout@v2
            with:
                 ref: ${{ GitHub.event.pull_request.head.sha }}
                 event_payload: <+ trigger.eventPayload>
         envVariables:
                GITHUB_TOKEN: <+secrets.getValue("token")>

Checkout GitHub Actions Example

You must specify the repository name in the plugin step settings to clone a second repository.

- step:
     identifier: checkout-repo-by-name
     name: checkout GitHub repository by name
     type: Plugin
     spec:
         connectorRef: dockerhub
         image: plugins/github-actions
         privileged: true
         settings:
             uses: actions/checkout@v2
             with:
                 repository: my-org/my-private-tools
                 path: my-tools
                 ref: ${{ GitHub.event.pull_request.head.sha }}
             event_payload: <+ trigger.eventPayload>
         envVariables:
             GITHUB_TOKEN: <+secrets.getValue("token")>

Implementation

GitHub Actions works by cloning the repository specified in the `uses` attribute and executing the steps present in the `action.yml` file from the cloned action code.

The CI plugin for GitHub action uses nektos/act, which is an open-source project to execute GitHub Actions locally. Nektos/act runs a Docker container on which the GitHub action workflow is executed. The CI plugin creates a workflow for the input action step, and then executes it via nektos/act. The following is the link for the plugin source code: https://GitHub.com/drone-plugins/GitHub-actions

Conclusion

We have shown that the extensibility and simplicity of plugins in Harness CI enabled the addition of many actions with just a single plugin. This demonstrates just how pluggable Harness CI can be. I hope you try your favorite action in Harness CI, and possibly create your own plugin for your custom-tailored tasks.

For further reading on Harness CI, why not take a gander at our Migrating From Jenkins to Harness CIE piece? 

Follow Harness on LinkedIn

O'Reilly Full Stack Testing

Building high-quality software is something every software engineer must achieve to be successful. Get your free copy of O’Reilly Full Stack Testing report to learn how today!

Start Free Trial

An intelligent, container-native CI solution with isolated builds and standardized extensions. Build artifacts smarter and faster. Get started free today.

Request a Demo

Modern, Fast, Scalable CI with a focus on developer experience. Request a personalized demo of Harness CI, the leading container-native CI solution.

Download our eBook

5 Ways to Optimize Application Development Efficiency - Learn how you can strike the right balance between budget pressures and the need to innovate quickly.

Start Free Trial

Harness is the industry's first Software Delivery Platform to use AI to simplify your DevOps processes - CI, CD, Feature Flags, Cloud Costs, and much more. Get started free today.

Request a Demo

Request your personalized demo of Harness, The Modern Software Delivery platform, today.

Explore Related Content

Getting Started With Helm

This tutorial aims to help readers deploy a Helm Chart from GitHub Repository. This repository contains a simple Helm chart that you can deploy on your public Kubernetes cluster to demo Helm with Harness!

Introducing Delegate Installation via Helm

This tutorial will show you how to install your Delegate on Kubernetes. Helm is a great way to install and manage delegates on your Kubernetes cluster as the package manager makes it easy to find and install the right delegate by swapping the values.yaml file

Node.js Unit Testing Automation With Drone CI Using Jest Framework

Learn how to do node.js unit testing automation with Drone CI using the Jest framework.

Node.js Unit Testing Automation With Drone CI Using Jest Framework

Learn how to do node.js unit testing automation with Drone CI using the Jest framework.

The Modern Software Delivery Platform®

Loved by Developers, Trusted by Businesses
Get Started

Need more info? Contact Sales