Using GitHub Actions in SourceCraft CI/CD

SourceCraft CI/CD workflows support GitHub Actions.

GitHub Actions is GitHub's native CI/CD platform that enables you to create, set up, and run workflows to automate builds, testing, deployment, and other tasks within the software lifecycle as well as reuse these workflows across repositories.

You can integrate both custom and public GitHub Actions available in the GitHub Marketplace into your SourceCraft CI/CD workflows.

Note

To work with GitHub Actions in SourceCraft, you do not need to create a GitHub account or use the GitHub interface.

For more information, see Integration with GitHub Actions in SourceCraft.

To use GitHub Actions in SourceCraft CI/CD:

  1. If you do not have a repository yet, create one.

  2. Add the .sourcecraft/ci.yaml file with the CI/CD process configuration to the main repository branch.

  3. To enable GitHub Actions in SourceCraft CI/CD, use a cube with the action and, optionally, with parameters:

    on:
  push:
    - workflows: [test-workflow]
      filter:
        branches: ["main"]

workflows:
  test-workflow:
    tasks:
      - name: demo-github-action-ci
        cubes:
          - name: run-github-action
            action: <GitHub_Action_name>@<version>
            with:
              <GitHub_Action_parameter_1>: <value_1>
              <GitHub_Action_parameter_2>: <value_2>
              ...
    Example of a CI/CD process with GitHub Actions

    The example below shows a .sourcecraft/ci.yaml configuration file that describes the following steps:

    tokens:
  # Token name (can be any).
  <token_name>:
    # Name of the service connection to Yandex Cloud
    service_connection: <service_connection_name>
    # Requested access scope:
    # org: All repositories
    # repo: Specific repository
    # ref: Branch or tag
    scope: repo

workflows:
  test-workflow:
    tasks:
      - name: test-gh-actions-task
        cubes:
          # The cube exchanges the SourceCraft token for the Yandex Cloud IAM token
          # and saves it to the `IAM_TOKEN` variable within the `outputs` section.
          - name: get-iam-token
            env:
              ID_TOKEN: ${{ tokens.<token_name>.id_token }}
              YC_SA_ID: ${{ tokens.<token_name>.service_account_id }}
            image: cr.yandex/sourcecraft/yc-iam:latest

          # The cube installs and configures the Docker Buildx utility.
          - name: setup-buildx
            action: docker/setup-buildx-action@v3.11.1

          # The cube authenticates with Yandex Cloud Registry 
          # using the IAM token.
          - name: login
            action: docker/login-action@v3.5.0
            with:
              registry: cr.yandex/<registry_ID>
              username: iam
              # Substitute to the `outputs` section the name of the IAM token cube,
              # e.g., `get-iam-token`.
              password: ${{ cubes.<IAM_token_cube_name>.outputs.IAM_TOKEN }}

          # The cube builds the Docker image from the Dockerfile and pushes it to the registry in
          # Cloud Registry.
          - name: build-and-push
            action: docker/build-push-action@v6.18.0
            with:
              context: .
              file: Dockerfile
              platforms: linux/amd64
              tags: |
                cr.yandex/<registry_ID>/image-name:latest
              push: true

on:
  push: test-workflow

    This CI process will start automatically after committing changes to the main branch.

  4. Check the CI process:

    1. Under CI/CD on the repository page, go to CI/CD.

    2. Open a running workflow.

      On the page that opens, you will see workflow tasks, cubes (task steps), as well as statuses and execution results.

    3. In the Logs tab, expand the GitHub Actions cube and view its results.

    4. Wait for the workflow to complete.

See also

Previous
Configuring a service connection to Yandex Cloud
Next
Using a GitLab pipeline