I need manual approvers for GitHub Actions!!!! And I got them now :)

Abel

I love GitHub Actions, but holy moly, I really want manual approvers before I deploy into an environment!!!! My typical workflow would send my pull request to a dynamically provisioned PR specific staging environment and then to > test> staging > production. And I totally need manual approvers between environments!

Well, guess what. THEY’RE HERE!!!!!

GitHub Announces Deployment Features (Beta)

Yup, you heard it. GitHub just announced deployment features. You now get:

  • Pipeline Visualization
  • Environments
    • Required reviewers (manual approvers)
    • Wait time before deployments start
    • Environment specific secrets

Image yay

How Do I Do This?

First, make sure you are part of the public beta (starting Dec 15th). Once in, go to your settings, and you’ll see a new Environments tab. Go ahead and click on New environment.

Image c5f22231f8fa82c969e0ff561e4b1f9a5f66805929d127a6e793aeb0946d8a54

For my sample/demo, I entered in the name of my environment abelNodeDemoAppEnv.prod and then clicked Configure environment

Image f876490e5d619e1aeda400bafc2c29b295da4c4b521efc4df4f99e3945ea756a

Next, I added required reviewers (manual approvers) to this environment by clicking the Required reviewers checkbox and added both myself as a reviewer as well as my approverteam (you can add a list of people and/or teams). Once done, don’t forget to click Save protection rules.

Image eab2ca258f53525497a5d708857ddee32dfb2ba0fb4555791fbec14fbc557fd3

Now I’m ready to edit my YAML. In my workflow definition, I have a job named provisionProd where I provision the resources I need in Azure using ARM templates. After the provisionProd job, I have another job that deploys my app into the freshly provisioned environment (if it has already been provisioned and nothing has changed, this will result in a no-op).

I want manual approvers before I provision my prod environment so this is what my YAML now looks like:

  provisionProd:
    name: Provision Prod
    runs-on: ubuntu-latest
    needs: functionalTestsStaging
    environment:
      name: abelNodeDemoAppEnv.prod
      url: https://abel-node-gh-accelerator.azurewebsites.net
    steps:
    # Checkout
    - name: Checkout
      uses: actions/checkout@v1

    ...

Notice the lines

    environment:
      name: abelNodeDemoAppEnv.prod
      url: https://abel-node-gh-accelerator.azurewebsites.net

Under environment, the name needs to match the environment that I created earlier (if it doesn’t match, Actions will automatically create the environment for you so watch your typing) and url is the url to my production app.

Now, when the workflow runs we get some super cool workflow visualization!

Image 921a0c6d34524750b3af8baf7dce916ffd9dbf09c0267b60176d5bbd01f4c993

In parallel, I’m building my app and provisioning a personal staging environment. Then I’m deploying my app to my personal staging environment. And then I run a bunch of functional/automated UI tests against my personal staging environment.

And here, the workflow pauses. Before going on and provisioning my production environment in Azure, it waits for a manual approver. This is because we added the protection rule of having required reviewers for this environment.

Image e6af0ee8a362caa3187d880478612005eab8bf33e253baf47325f195c7714792

Clicking on Review deployments brings up the Review pending deployments dialog. Check the box to approve and I’ll also leave a comment. Now click Approve and deploy

Image 4eeb51fd7ca19d15b32346b8e27e644cb87eda1c4ef7fe04c3f9458200ff2c22

After the approval, the workflow picks back up, provisions/configures my production environment in Azure, deploys my app into prod and then runs functional tests against my prod environment!

Image fea1535e9a05d0e46b668e060002c596e1ea6cbb8591827f8912e389fe7ea109

Conclusion

I’ve been waiting for this and I’m super excited these deployment features have now made it to GitHub Actions. Approvals/environment protection is super necessary, specially in my bigger projects!

Check out the new beta deployment features! Play with them and let me know what you all think.

GitHub Actions for Azure

Connect to Azure from GitHub Actions

Learn How to Automate Your Workflows With GitHub Actions

Learn How to Build and Deploy applications to Azure by using GitHub Actions

Learn How to Build Community Driven Projects on GitHub

3 comments

Discussion is closed. Login to edit/delete existing comments.

  • Louis-Guillaume Morand 0

    Thanks Abel, but how to join this beta now ?

  • Bjego 0

    Hey Abel,

    sounds interesting – more and more features kown from the good old TFS and Azure DevOps are finding their way to GitHub.

    Are there any plans to unify Azure DevOps and Github? To github only ? And by the way relating to your last post about devops at microsoft – How has this changed since your last video. Is Azure DevOps still the #1 development platform at Microsoft, or do you swap over to github?

Feedback usabilla icon