Press "Enter" to skip to content

Category: Source Control

Preventing Passwords from Getting into GitHub

Eduardo Pivaral does some work:

Healthy code should not include passwords, keys, or secrets in the source code. Sometimes, developers hard-code sensitive information while testing new features but forget to remove it afterward.

How can we validate code without including sensitive information so we can take action before we publish or share code?

Click through for a couple of options. If you do have GitHub Advanced Security (part of GitHub Enterprise Cloud), you can also create a custom pattern for secret scanning that can include passwords, database connection strings, and the like.

Comments closed

Reviewing a Pull Request with the GitHub CLI

Mike Robbins shows off one feature of gh cli:

Checking out someone else’s pull request (PR) on GitHub is essential in collaborative software development, enabling thorough code reviews, local testing, and detailed feedback. This process allows developers to ensure the quality and functionality of the code before integration, identify and resolve potential conflicts, and maintain consistency across the project. By reviewing changes locally, team members can collaborate more effectively, offering insights and improvements that enhance the overall quality of the project. Additionally, local reviews support security audits and performance evaluations, ensuring that the code is not only functional but also optimized and secure.

I don’t use gh cli as much as I should (in part because 95+ percent of the time, I’m committing into one-man repos and use GitHub Desktop), but every time I do use it, I remember that it’s a nice CLI.

Comments closed

Branch Cleanup with git prune

Steve Jones breaks out the branch cutters:

As I’ve been working with SQL Saturday and managing changes to events, I’ve accumulated a lot of branches. Even though I’m a solo developer, I decided to use branches, as I expect others to share this load in the future. This post looks at how to start cleaning those up.

As a team gets larger, the necessity of regular branch maintenance increases, but so does the complexity of it: it’s really easy to have one person not pay attention to the e-mails and get burned when old branch deletion en masse does happen.

Comments closed

Locking down Branches in GitHub

I have a new video:

In this video, I show you how you can prevent people from checking directly into a specific branch, as well as explaining why you might want to enable this feature and how it looks for administrators.

Admittedly, this video would work a bit better with multiple user accounts, but I think I got the general point across.

Comments closed

CI/CD in GitHub

I have a new video:

In this video, I explain what continuous integration (CI) is, disambiguate continuous delivery from continuous deployment (CD), and see how you can perform CI/CD operations using GitHub Actions.

Read on to see what these terms mean and an example of how it all works with .NET projects.

Comments closed

Infrastructure as Code in GitHub

I have a new video:

In this video, we look at how to perform Infrastructure as Code in GitHub. We take a Bicep script and generate new Azure resources using it and GitHub Actions.

The video includes a very brief primer on Azure Resource Manager (ARM) and Bicep, and then gets into how you can use GitHub Actions to keep your Azure resources configured the way you expect.

Comments closed

Switching a Git Commit to another Branch

Olivier Van Steenlandt fixes an oopsie-doodle:

In the past couple of months, I’ve been doing a lot of different things at the same time. Because of that, it is no exception that I have quite some branches for my Database Projects that I’m working on simultaneously.

Because of this, another issue arises as well, it happens now and then that I’m committing my changes to the wrong branch. Luckily for me, I’m making this mistake by committing directly to my development branch, where the change needs to be done in the end anyway.

Nevertheless, I need to get my change into my feature branch as well. In this data recipe, I will be guiding you through the process.

Click through to see how. If you’re using a GUI like GitHub Desktop or Sourcetree, there are also ways of doing this within the UI.

Comments closed

Going with the Flow: GitHub Edition

I have a new video:

In this video, cover the GitHub flow. We talk a bit about branching strategies and how GitHub development ought to look in a multi-developer situation.

The GitHub flow is a minor variant from the classical Git flow, but one that works well with the ethos of development specifically in GitHub. It’s often overkill for a single-developer repo, but once you have a team working on a problem, this is a much more efficient approach.

Comments closed

Learning about GitHub Actions

I have a new video:

In this video, we dig into GitHub’s process for executing code: GitHub Actions workflows. We’ll learn what Actions and workflows are, how we can create them from scratch, and how to incorporate Actions from the GitHub Marketplace into our own workflows.

Along the way, I describe what GitHub Actions workflows are and we build a simple one. I’ll have more videos coming up that expand on GitHub Actions and show you more of what you can do with them.

Comments closed