Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
GitHub ActionsでDevSecOpsごっこ
Search
Akira Moroo
June 13, 2022
Programming
0
43
GitHub ActionsでDevSecOpsごっこ
Akira Moroo
June 13, 2022
Tweet
Share
More Decks by Akira Moroo
See All by Akira Moroo
Exploring x86 MSR Space
retrage
0
1.3k
LLMでバイナリ解析支援
retrage
0
180
Practical Rust (Hypervisor) Firmware
retrage
3
1.7k
Bypassing UEFI Secure Boot with Thin-Hypervisor
retrage
0
1.1k
Porting Linux to Nabla Containers
retrage
0
1.2k
Network Boot from Bell Labs
retrage
2
1.6k
Unikernelで始める自作OS/OS Development with Unikernel
retrage
1
560
LLVM Backend Development for EFI Byte Code
retrage
2
950
EFI Byte Code Virtual Machine for Fun and Profit
retrage
2
2.1k
Other Decks in Programming
See All in Programming
GUI操作LLMの最新動向: UI-TARSと関連論文紹介
kfujikawa
0
290
副作用と戦う PHP リファクタリング ─ ドメインイベントでビジネスロジックを解きほぐす
kajitack
3
520
LLMは麻雀を知らなすぎるから俺が教育してやる
po3rin
3
1.9k
画像コンペでのベースラインモデルの育て方
tattaka
3
990
プロダクトという一杯を作る - プロダクトチームが味の責任を持つまでの煮込み奮闘記
hiliteeternal
0
370
AIのメモリー
watany
12
1.2k
iOS開発スターターキットの作り方
akidon0000
0
230
はじめてのWeb API体験 ー 飲食店検索アプリを作ろうー
akinko_0915
0
180
MCP連携で加速するAI駆動開発/mcp integration accelerates ai-driven-development
bpstudy
0
250
0から始めるモジュラーモノリス-クリーンなモノリスを目指して
sushi0120
0
250
PHPUnitの限界をPlaywrightで補完するテストアプローチ
yuzneri
0
370
なぜあなたのオブザーバビリティ導入は頓挫するのか
ryota_hnk
5
560
Featured
See All Featured
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
251
21k
Product Roadmaps are Hard
iamctodd
PRO
54
11k
The Invisible Side of Design
smashingmag
301
51k
Facilitating Awesome Meetings
lara
54
6.5k
Faster Mobile Websites
deanohume
308
31k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
229
22k
BBQ
matthewcrist
89
9.8k
A designer walks into a library…
pauljervisheath
207
24k
Large-scale JavaScript Application Architecture
addyosmani
512
110k
What's in a price? How to price your products and services
michaelherold
246
12k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
Reflections from 52 weeks, 52 projects
jeffersonlam
351
21k
Transcript
GitHub ActionsͰ DevSecOpsͬ͜͝ June 13, 2022 ୈ5ճLTձ Akira Moroo (@retrage)
GitHub Actions (GHA) • GitHubʹ౷߹͞Ε͍ͯΔ • ઃఆϑΝΠϧΛஔ͢Δ͚ͩ • ߏԽ͞Ε͍ͯΔ •
࠷খ୯Ґ: step • ίϚϯυ࣮ߦ or action࣮ߦ • actionࣗ࡞Մೳ CI/CDαʔϏεͷ1ͭ Job Work f low Step
actionͷ࡞Γํ • GitHubϦϙδτϦԼʹ action.yamlΛஔ • action.yaml: actionΛఆٛ • ೖྗ (▪)
• ग़ྗ (▪) • ࣮ߦޙͷstepͰࢀরՄೳ • ࣮ߦํ๏ (▪) Yamlϙϯஔ͖Ͱ؆୯
actionͷछྨ ࣮ߦํ๏ʹΑͬͯ3छྨʹ͚ΒΕΔ • JavaScript action: JavaScriptͷΈͰهड़ • Docker container action:
ίϯςφΛ࣮ߦ • Composite action: ࠶ར༻ՄೳͳGHA work f low (stepͷू·Γ) • Docker container action͕Ұ൪ࣗ༝͕ߴ͍: • 👉 ڥΛด͡ࠐΊͯ͋͛Ε͓खܰʹDevSecOpsͬ͜͝Ͱ͖ͦ͏
Actionࣗ࡞ͯ͠Έͨ • ࣗ࡞UEFI SMM੩తղੳGhidraϓ ϥάΠϯΛར༻ • non-GUI GhidraΛ࣮ߦ • ೖྗ
(▪): ղੳରͷόΠφϦ • ग़ྗ (▪): ղੳ݁Ռ • ࣮ߦํ๏ (▪): Docker container
Actionࣗ࡞ͯ͠Έͨ • ೖྗ (▪) όΠφϦ͚ͩ • ϓϩϓϥͰOK • ग़ྗ (▪)
JUnit XML format • ղੳ݁Ռͷ࠶ར༻ੑ্ • ӈͷྫͰղੳ݁ՌΛطଘ ͷactionʹ͍ͯ͠Δ (▪) ϙΠϯτ
Actionࣗ࡞ͯ͠Έͨ: ղੳ݁Ռྫ ղੳ݁ՌͷJUnit XML formatग़ྗ ݕग़ͨ݁͠ՌΛΤϥʔͱͯ͠ใࠂ
Actionࣗ࡞ͯ͠Έͨ: ղੳ݁Ռྫ JUnit XML formatͰग़ྗ͢Δ͜ͱͰۤ࿑ͤͣʹղੳ݁ՌΛCIʹΈࠐΊͨ
Actionࣗ࡞ͯ͠Έͨ: վળ • ݡ͘ղੳ݁ՌΛग़ྗ͍ͨ͠ • ࠓճղੳϩάΛPythonͰύʔεͯ͠ແཧΓJUnit XML formatʹม • ϓϥάΠϯ͕JSON/XMLΛग़ྗ͢Δ͖
• ·ͱͳόΠφϦͷղੳ݁Ռදࣔػೳ͕΄͍͠ • JUnit XML formatGHAίʔυͷߦͱྻϨϕϧͷΞϊςʔγϣϯͷΈ • ؤுͬͯΤϥʔʹٯΞηϯϒϧ݁ՌΛදࣔ͢Δ͔͠ͳ͍
·ͱΊ • GitHub ActionsGitHubʹ౷߹͞ΕͨCI/CDαʔϏε • GHAͷaction؆୯ʹࣗ࡞Մೳ • Action3छྨ͋Δ͕ɺDocker container action͕Ұ൪ࣗ༝͕ߴ͍
• ࣗ࡞UEFI SMM੩తղੳGhidraϓϥάΠϯͷactionΛ࡞ͬͯΈͨ • JUnit XML formatͰग़ྗ͢Δ͜ͱͰղੳ݁Ռͷ࠶ར༻ੑ͕ߴ͘ͳͬͨ • ݱঢ়ͰόΠφϦͷղੳ݁Ռද͕ࣔඞཁ