A proposed code change is validated by a series of automated checks to provide fast feedback to the contributor.
Docs on how to use workflows are available from GitHub. Training courses are also available – contact the Inner Source Team for availability. They provide a flexible way to run linters, compile checks, unit tests and so on on Linux, macOS or Windows job runners.
Each validation workflow should trigger via the
pull_request event. For example to run some unit tests:
# /.github/workflows/unit-tests.yml name: Example Test Runner permissions: contents: read on: [ pull_request ] jobs: unit-tests: runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v2 - name: Run unit tests run: mvn test
There are a few security best practices to note:
GitHub Action workflows run by default on GitHub managed infrastructure and operating system images which is suitable for most use-cases. If you have internal network access requirements or need more control over the runner infrastructure you can use the Flutter self-hosted runners. These run on AWS infrastructure and with some internal network routing available through the inter-divisional network (IDN).
Consider using self-hosted runners if:
Access to the self-hosted runners are not available to your repository by default. To request access contact the Inner Source Team or raise a PR directly on the
runners.csv file in the root of the
To use the self hosted runners simply adjust the
runs-on key in your workflow to:
Note that at present the base images used for self-hosted runners is different from that provided by GitHub for their managed runners so you will need to adjust your workflows e.g. to install tools like maven. These differences are due to be resolved by June 2022 when the self-hosted runners will use the same image as the Linux GitHub managed runners.
A shared instance of sonarcloud is expected to be available to all users by June 2022, details will follow at that point. At present this tool is used via divisional licencing.
One of the advantages of using a managed GitHub platform is the variety of quality 3rd-party tools that can be integrated. If you have a specific need to work with a 3rd party tool that wotks with GitHub please raise a proposal to discuss integrating it.