From 8f28b47cd0097527e109d754b7c9dd7d39759ae2 Mon Sep 17 00:00:00 2001 From: Seamus Johnston Date: Fri, 19 Aug 2022 09:50:41 -0500 Subject: [PATCH] Justify GitHub Actions in ADR --- .../decisions/0009-github-actions.md | 29 +++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 docs/architecture/decisions/0009-github-actions.md diff --git a/docs/architecture/decisions/0009-github-actions.md b/docs/architecture/decisions/0009-github-actions.md new file mode 100644 index 000000000..45fd6a18c --- /dev/null +++ b/docs/architecture/decisions/0009-github-actions.md @@ -0,0 +1,29 @@ +# 9. GitHub Actions + +Date: 2022-08-11 + +## Status + +Accepted + +## Context + +We need a tool to execute scripts whenever code is modified. These automated tools are called CI/CD pipelines. CI is continuous integration. CD is continuous deployment. These may be slight misnomers, as our project does not seek to integrate or deploy “continuously”. + +We want certain tools, such as linters, test harnesses, and static security analysis to run each time new code is submitted via a pull request on GitHub. + +We want certain other tools, such as build scripts and deployment scripts, to run whenever code is merged into the authoritative copy (our “main” branch in git). + +Many CI/CD tools exist. Some top competitors in this space are GitLab CI/CD, CircleCI, TravisCI, and Jenkins. + +GitHub Actions is an easy choice due to its tight integration with GitHub (the Microsoft product in which the code is currently stored). + +## Decision + +To use GitHub Actions. + +## Consequences + +The choice of CI/CD pipeline is more closely tied to the infrastructure of a project than to its codebase. It is expected that CI/CD pipeline scripts will need to be rewritten whenever a significant infrastructure change takes place. + +Deployment keys–and perhaps other secrets–will be entrusted to Microsoft and will be vulnerable to technical failures, process failures, or policy failures on their part.