Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Launching GitHub's Public GraphQL API

Avatar for Brooks Swinnerton Brooks Swinnerton
May 21, 2017
Technology
2
510

Launching GitHub's Public GraphQL API

Avatar for Brooks Swinnerton

Brooks Swinnerton

May 21, 2017
Tweet

More Decks by Brooks Swinnerton

See All by Brooks Swinnerton
Building GitHub Integrations with Webhooks and REST
Avatar for Brooks Swinnerton bswinnerton
2
150
Launching GitHub's GraphQL API
Avatar for Brooks Swinnerton bswinnerton
4
500
Optimizing APIs for Consumers with GraphQL
Avatar for Brooks Swinnerton bswinnerton
2
410
GitHub GraphQL API
Avatar for Brooks Swinnerton bswinnerton
4
130
GraphQL for Rubyists
Avatar for Brooks Swinnerton bswinnerton
0
270
The Road To Code: Ruby
Avatar for Brooks Swinnerton bswinnerton
0
77
The history of Vim
Avatar for Brooks Swinnerton bswinnerton
0
110

Other Decks in Technology

See All in Technology
【iOSエンジニア特集】 iOSアプリ開発の裏側 開発組織が向き合う課題とこれから - 株式会社カウシェ
Avatar for Akifumi Fukaya akifumifukaya
0
350
正解のない未知(インボイス制度対応)をフルサイクル開発で乗り越える方法 / How to overcome the unknown invoice system with full cycle development
Avatar for CARTA Engineering carta_engineering
0
170
技術的負債を「戦略的投資」にするためのPdMとエンジニアの連携と実践
Avatar for satomino satomino
4
860
OCI Full Stack Disaster Recovery サービス概要
Avatar for oracle4engineer oracle4engineer
PRO
1
140
Azure AI Foundry Agent Serviceを使用してコードファースト アプリを構築する
Avatar for tomokusaba tomokusaba
1
150
Streamlit in Snowflakeで加速する不動産テック企業のデータ活用 @Snowflake WESTユーザー会
Avatar for yuto16 yuto16
1
160
やめシフ大集合!!~SHIFT卒業生座談会~ / 20250517 Hiroko Tamagawa & Ayako Ueno & Ryo Asou &Kei Ishimaru
Avatar for SHIFT EVOLVE shift_evolve
0
210
本番環境への影響リスクが低い Real Application Testing (SQL Performance Analyzer) の実施方法の検討と実践
Avatar for Yuichiro Narita jri_narita
0
230
開発も運用もビジネス部門も! クラウドで実現する「つらくない」統制とセキュリティ / Effortless Governance and Security Enabled by the Cloud
Avatar for Hokuto Hoshi kanny
3
840
KubeCon + CloudNativeCon Europe 2025 Recap: The GPUs on the Bus Go 'Round and 'Round / Kubernetes Meetup Tokyo #70
Avatar for Preferred Networks pfn
PRO
0
180
Lakehouse в Лемана Тех. От архитектуры до оптимизации
Avatar for Elena Meremyanina emeremyanina1234
0
530
AWS LambdaをTypeScriptで動かして分かった、Node.jsのTypeScriptサポートの利点と課題
Avatar for Makky12 smt7174
1
1.9k

Featured

See All Featured
10 Git Anti Patterns You Should be Aware of
Avatar for Lemi Orhan Ergin lemiorhan
PRO
656
60k
Designing for humans not robots
Avatar for Tammie Lister tammielis
253
25k
What’s in a name? Adding method to the madness
Avatar for Product Marketing Alliance productmarketing
PRO
22
3.5k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
Avatar for Tammy Everts tammyeverts
52
2.7k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
34
2.2k
What's in a price? How to price your products and services
Avatar for Michael Herold michaelherold
245
12k
The Art of Programming - Codeland 2020
Avatar for Erika Heidi erikaheidi
54
13k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
172
14k
How GitHub (no longer) Works
Avatar for Zach Holman holman
314
140k
GitHub's CSS Performance
Avatar for Jon Rohan jonrohan
1031
460k
Building a Scalable Design System with Sketch
Avatar for Laura Van Doore lauravandoore
462
33k
Thoughts on Productivity
Avatar for Jon Yablonski jonyablonski
69
4.6k

Transcript

  1. + a

  2. Hi, I’m Brooks

  3. I work at !

  4. let’s talk about launching the GitHub GraphQL API

  5. How our GraphQL API came to be

  6. March 20th, 2016 proposal submitted

  7. we had dreams of APIv4

  8. multiple resources in one roundtrip

  9. schema introspection

  10. April 6th, 2016 proof of concept done

  11. { current_user { login repositories(affiliation: "owner") { id name }

    } }

  12. April 12th, 2016 New team created

  13. September 14th, 2016 early access

  14. Today >100 million queries/day

  15. We learned some things along the way

  16. Tooling

  17. documentation

  18. https://github.com/gjtorikian/graphql-docs

  19. GraphiQL all-in-one

  20. "but we’re going to need a Ruby client"

  21. github/graphql-client

  22. objects in exchange for a query

  23. collocate our queries with our views

  24. but in Rails

  25. query profiling

  26. query { repository(owner:"rails", name:"rails") { viewerHasStarred } }

  27. { "data": { "repository": { "viewerHasStarred": false } }, "extensions":

    { "totalDuration": 42.06737782806158, "trackedAssociations": {}, "profiling": { "Repository:viewerHasStarred": { "type": "Boolean!", "sql": [ { "duration": 2.07, "sql": "SELECT 1 AS one FROM `repositories` INNER JOIN `stars` ON `repositories`.`id` = `stars`.`starrable_id` WHERE `stars`.`user_id` = 934497 AND `stars`.`starrable_type` = 'Repository' AND `repositories`.`id` = 8514 LIMIT 1 " } ] } } } }

  28. Authorization

  29. reusing the OAuth logic from our REST API

  30. OAuth scopes are granted to a token

  31. token is used to make a request

  32. familiar to our users

  33. less for us to build

  34. Organization = GraphQL::ObjectType.define do name "Organization" accepted_scopes ["read:org", "admin:org"] end

  35. Organization = GraphQL::ObjectType.define do name "Organization" accepted_scopes ["read:org", "admin:org"] end

  36. but with ✨ GraphQL ✨…

  37. we can analyze the query before resolution

  38. query { organization(login:"github") { members { totalCount } } }

  39. query { organization(login:"github") { members { totalCount } } }

  40. Organization = GraphQL::ObjectType.define do name "Organization" accepted_scopes ["read:org", "admin:org"] end

  41. but this isn’t perfect

  42. in some cases you need to perform resolution first

  43. repo vs public_repo

  44. we’ve introduced an authz layer for resolution

  45. Schema design

  46. first off

  47. there’s more than one

  48. one for new & sensitive features

  49. one for everyone else

  50. Organization = GraphQL::ObjectType.define do name "Organization" accepted_scopes ["read:org"] end

  51. Organization = GraphQL::ObjectType.define do name "Organization" accepted_scopes ["read:org"] visibility :public

    end

  52. Organization = GraphQL::ObjectType.define do name "Organization" accepted_scopes ["read:org"] visibility :public

    end

  53. CoolNewFeature = GraphQL::ObjectType.define do name "CoolNewFeature" accepted_scopes ["repo"] visibility :internal

    end

  54. mandatory first/last arguments on connections

  55. query { viewer { repositories(last:30) { edges { node {

    name } } } } }

  56. query { viewer { repositories(last:30) { edges { node {

    name } } } } }

  57. is/has/can prefix

  58. query { repository(owner:"rails", name:"rails") { isFork hasIssuesEnabled viewerCanAdminister } }

  59. query { repository(owner:"rails", name:"rails") { isFork hasIssuesEnabled viewerCanAdminister } }

  60. avoiding fields that should be types

  61. query { repository(owner:"rails", name:"rails") { ownerLogin } }

  62. query { repository(owner:"rails", name:"rails") { ownerLogin } }

  63. query { repository(owner:"rails",name:"rails") { owner { login } } }

  64. Feature Parity

  65. schema driven development* *stay tuned!

  66. with our REST API

  67. new features were developed for the UI

  68. then staff-shipped

  69. then released

  70. REST API work started after the ship

  71. but, today…

  72. all new features are built with GraphQL

  73. from the start

  74. CoolNewFeature = GraphQL::ObjectType.define do name "CoolNewFeature" accepted_scopes ["repo"] visibility :internal

    end

  75. CoolNewFeature = GraphQL::ObjectType.define do name "CoolNewFeature" accepted_scopes ["repo"] visibility :internal

    end

  76. CoolNewFeature = GraphQL::ObjectType.define do name "CoolNewFeature" accepted_scopes ["repo"] visibility :public

    end

  77. this allows us to build a true public API

  78. this allows us to build a true public API

  79. this allows us to build a true platform

  80. shared between GitHubbers and integrators

  81. but change is scary

  82. GraphQL-backed REST APIs

  83. this works great for new features

  84. but what about legacy features?

  85. GET https://api.github.com/user

  86. enter Scientist

  87. github/scientist

  88. measure data discrepancies

  89. measure the difference in performance

  90. None

  91. Where we’re headed

  92. static analysis of schema during code review

  93. rate limiting

  94. expose global relay IDs in REST API

  95. preview new fields and objects with headers

  96. Thank you
 @bswinnerton on Twitter & GitHub @brooks on Slack