Microsoft acquires GitHub to combine GitHub's developer tools with Microsoft's capabilities in AI and security. GitHub Actions allow developers to automate workflows directly in code repositories through YAML configuration files. Reusable workflows allow sharing common steps between workflows to avoid duplication. GitHub hosted runners are virtual machines that automatically run and execute workflow steps. Self-hosted runners can be installed on-premises to run private workflows. Azure DevOps integrates with GitHub through linking work items to pull requests to track issues. DevSecOps practices can be enabled through integrating GitHub and Azure services for security and compliance.

4. ▪
▪
▪
▪
▪

11. Source: https://news.microsoft.com/announcement/microsoft-acquires-github/

12. Source: https://octoverse.github.com/static/github-octoverse-2020-security-report.pdf
▪
▪

13. ▪
▪
▪

14. ▪
▪
▪
▪
▪
▪
▪
▪

17. •
•
•
•
•

18. Azure DevOps GitHub
Project Management Azure Boards Projects, Discussions, Issues
Burndown Analytics Azure Boards GitHub Analytics
Code Editing [Microsoft DevBox] Codespaces and github.dev
Continuous Integration Azure Pipelines GitHub Actions
Deploy & Release Azure Pipelines / Azure Artifacts GitHub Actions / GitHub Packages
Manual testing Azure Test Plans n/a
Code security GHAzDO (GitHub Advanced Security) Advanced Security
Analytics Analytics Service Insights

19. ▪
▪
▪
▪
▪
▪
▪

21. ▪
▪
▪
▪

22. Workflow
Event
▪ branch_protection_rule
▪ check_run
▪ check_suite
▪ create
▪ delete
▪ deployment
▪ deployment_status
▪ discussion
▪ discussion_comment
▪ fork
▪ gollum
▪ issue_comment
▪ issues
▪ label
▪ milestone
▪ page_build
▪ project
▪ project_card
▪ project_column
▪ public
▪ pull_request
▪ pull_request_comment (use
issue_comment)
▪ pull_request_review
▪ pull_request_review_comment
▪ pull_request_target
▪ push
▪ registry_package
▪ release
▪ repository_dispatch
▪ schedule
▪ status
▪ watch
▪ workflow_call
▪ workflow_dispatch
▪ workflow_run
Job
Step 1: Run action
Step 2: Run script
Step 3: Run action
Step 4: Run action
Job
Step 1: Run action
Step 2: Run script
Step 3: Run script
Step 4: Run action
Runner
Run actions
Log results
Runner
Run actions
Log results

23. Action
Docker Container
Action
JavaScript Action Composite Action

24. Source: https://docs.github.com/en/actions/using-workflows/reusing-workflows

25. Source: https://docs.github.com/en/actions/using-workflows/reusing-workflows
name: Reusable workflow example
on:
workflow_call:
inputs:
username:
required: true
type: string
secrets:
token:
required: true
jobs:
example_job:
name: Pass input and secrets to my-action
runs-on: ubuntu-latest
steps:
- uses: ./.github/workflows/my-action
with:
username: ${{ inputs.username }}
token: ${{ secrets.token }}
jobs:
call-workflow-1-in-local-repo:
uses: octo-org/this-repo/.github/workflows/workflow-1.yml@172239021f7ba04fe7327647b213799853a9eb89
call-workflow-2-in-local-repo:
uses: ./.github/workflows/workflow-2.yml
call-workflow-in-another-repo:
uses: octo-org/another-repo/.github/workflows/workflow.yml@v1

26. Reusable workflows Composite actions
You can connect up to 4 levels of workflows
You can call a maximum of 20 reusable workflows
from a single workflow file.
Can be nested to have up to 10 composite actions in
one workflow
Can use secrets Cannot use secrets
Can use if: conditionals Cannot use if: conditionals
Can be stored as normal YAML files in your project Requires individual folders for each composite action
Can use multiple jobs Cannot use multiple jobs
Each step is logged in real-time Logged as one step even if it contains multiple steps
Source: https://github.blog/2022-02-10-using-reusable-workflows-github-actions/ with applied updates

27. ▪
▪
▪
▪
▪
▪
▪
→
Source: https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners and https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners

28. ▪
▪
▪
▪
▪
▪
▪
▪
▪
Virtual environment YAML workflow
label
Notes
Windows Server 2022 windows-
latest or windows-
2022
The windows-latest label
currently uses the Windows
Server 2022 runner image.
Windows Server 2019 windows-2019
Ubuntu 22.04 ubuntu-22.04 Ubuntu 22.04 is currently in
public beta.
Ubuntu 20.04 ubuntu-
latest or ubuntu-
20.04
macOS 13 Ventura [Beta] Macos-13 or
macos-13-xl
macOS Monterey 12 macos-latest,
macos-12, macos-
latest-xl or macos-
12-xl
macOS Big Sur 11 or macos-11 The macos-latest label
currently uses the macOS 11
runner image.
Source: https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources

29. ▪
▪
name: CI
on:
push:
branches: [ main ]
jobs:
container-test-job:
runs-on: ubuntu-latest
container:
image: node:14.16
env:
NODE_ENV: development
ports:
- 80
volumes:
- my_docker_volume:/volume_mount
options: --cpus 1
steps:
- name: Check for dockerenv file
run: (ls /.dockerenv && echo Found
dockerenv) || (echo No dockerenv)

30. ▪
▪
→
▪ →
▪
▪

31. Runner
Runner
Job Job

32. Git
Container
Registry
Container Image
Container Image
CI YAML
CI YAML

35. Build Test Merge
Automatically release
to repository
Automatically deploy
to production

43. ▪
▪
▪
Source: https://docs.microsoft.com/en-us/azure/devops/boards/github/link-to-from-github?view=azure-devops

44. Commit message Action
Fixed AB#123 Links and transitions the work item to the
"done" state.
Adds a new feature, fixes AB#123. Links and transitions the work item to the
"done" state.
Fixes AB#123, AB#124, and AB#126 Links to Azure Boards work items 123, 124,
and 126. Transitions only the first item, 123 to
the "done" state.
Fixes AB#123, Fixes AB#124, Fixes AB#125 Links to Azure Boards work items 123, 124,
and 126. Transitions all items to the "done"
state.
Fixing multiple bugs: issue #123 and user story AB#234 Links to GitHub issue 123 and Azure
Source: https://docs.microsoft.com/en-us/azure/devops/boards/github/link-to-from-github?view=azure-devops

45. Source: https://docs.microsoft.com/en-us/azure/devops/boards/github/link-to-from-github?view=azure-devops

47. Source: https://docs.microsoft.com/en-us/azure/devops/boards/github/link-to-from-github?view=azure-devops
▪

48. ▪
▪
▪
▪
▪
▪
▪
▪
Source: https://docs.microsoft.com/en-us/devops/devsecops/enable-devsecops-azure-github?view=azure-devops

49. https://docs.microsoft.com/en-us/devops/devsecops/enable-devsecops-azure-github?view=azure-devops

50. Source: https://learn.microsoft.com/en-us/azure/architecture/guide/devsecops/devsecops-on-aks

52. ▪
▪
▪
▪
▪
▪
▪
▪
▪