Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Probably a good idea to explicitly pin GitHub Actions to commit hashes as I wrote about a few days ago: https://huijzer.xyz/posts/jas/

Also put as much as possible in bash or justfile instead of inside the yaml. It avoids vendor lock-in and makes local debugging easier.



I understand the arguments for putting more things in scripts instead of GHA YAML. However, I also like that breaking things up into multiple YAML steps means I get better reporting via GitHub. Of course I could have multiple scripts that I run to get the same effect. But I wish there was a standard protocol for tools to report progress information to a CI environment. Something like the Test Anything Protocol[0], but targeted at CI/CD.

GitHub Actions workflow commands[1] are similar to what I'm thinking of, but not standardized.

[0] https://testanything.org/ [1] https://docs.github.com/en/actions/writing-workflows/choosin...


I was involved in a discussion about this here a few weeks ago: https://news.ycombinator.com/item?id=43427996

It's frustrating that we're beholden to Github to add support for something like this to their platform, especially when the incentives are in the wrong direction— anything that's more generic and more portable reduces lock-in to Actions.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: