Workshops: Tuesday Nov 12
Contemporary Jewish Museum
Take part in hands-on workshops with GitHub experts. Workshops are now sold out.
Starting out with GraphQL
REST APIs are now used by just about everyone. The same is not true of GraphQL. Even if you understand the potential they hold, getting started is sometimes too simplistic or assumes too much knowledge. This workshop will provide you with the basics to get started, and tips and tricks to help you solve your own problems away from the workshop.
Code: The foundation of DevOps pipelines
This workshop is designed to allow GitHub beginners to get comfortable with the skills needed in future workshops, without being too rudimentary for experienced GitHub professionals. The workshop will focus on GitHub's core capabilities but present them against the backdrop of DevOps best practices. Students will walk away with skills to be more intentional about organizing workflows and taxonomies for subsequent DevOps automation. You'll hear about:
- The importance of version control and code organization
- Using the GitHub workflow to govern team behavior and achieve cultural change
- How branching and merge strategy affect pull attributes and downstream automation
- The continuous integration approach and how branching may be directed to lower environments for testing and pre-production
- Code and feature tracking throughout the release process and back
- Setting up repositories to deploy to multiple infrastructures including multicloud and hybrid cloud environments.
Continuous integration with GitHub Actions (Part I)
The popular "GitOps" process is an excellent way to fully enable the developer and use GitHub as the source of truth for continuous integration (CI) and continuous delivery (CD) pipelines. By implementing a declarative approach to CI, assets and infrastructure definition, the groundwork may be laid for frictionless deployments. The first part of this two-part workshop covers all aspects of orthodox CI practice and applies the process knowledge gained to hands-on GitHub practice.
- Use GitHub to provision several polyglot repositories demonstrating multiple programming languages as use cases
- Use advanced GitHub tooling to quickstart CI processes and fully implement lean and agile development lifecycle practices
- Implement code coverage with automated unit tests
- Implement static application security testing- Implement build automation
- Collaborate through issues and configure repositories so that pull requests may trigger downstream deployments.
Extending GitHub workflows with platform primitives
Did you know that GitHub offers APIs that extend your daily GitHub workflow? In this workshop, we'll explore how app creators can leverage platform primitives to programmatically interact with users and render content on the GitHub platform. Come join us to build an app and dial in your daily experience on GitHub.
Continuous delivery with GitHub Actions (Part II)
GitHub's recent enhancements and the full implementation of GitHub Actions allows continuous deployment to be automated right from the developer repository. GitOps demonstrates how the repository may be the repository and version control of not just source code, but also infrastructure schemas and definitions. The goal of utilizing a source-to-image or infrastructure-as-code approach may be realized with GitOps practice. This hands-on learning experience guides the student through the containerization of application workloads and their subsequent deployment to Kubernetes clusters.
- Use the applications provisioned in Part I, the CI workshop, to quickly create Docker container images for deployment
- Implement a secure package registry for build artifacts- Develop a pipeline to deploy workloads to test, pre-production, and production environments
- Store Kubernetes Deployment, Pod, and Job YAML in GitHub and use the versioning of these assets to declaratively manage live Kubernetes clusters
- Manage Kubernetes namespaces and service accounts from GitHub- Use Kubernetes agents to automatically report back cluster and workload status
- Scale a Kubernetes cluster and pod replicas from GitHub- Discuss mechanisms for release roll-back and release-level traceability in a Kubernetes infrastructure.
Decisions, decisions: GitHub Apps or GitHub Actions?
In this workshop, participants will explore a quick refresher on GitHub Apps and understand how they differ from GitHub Actions, and when it makes sense to build each. Then we’ll spend some time walking through the conversion of a GitHub App to an Action.
DevOps CI/CD for regulated contexts, continuous delivery release automation
In this workshop, you'll use the recently released GitHub pipeline actions and other capabilities to deploy to conventional virtual environments—and develop a number of deployment options using polyglot application workload examples. You'll also implement deployment workflows and release automation to eliminate manual hand-off's and accommodate GRC (Governance, Risk Management, Audit, and Compliance). Learn how to:
- Profile application workloads for various gating contexts
- Implement automated approval and gating processes to facilitate stakeholder deployment approvals
- Deploy conventional application build artifacts and packages to virtual servers in a cloud infrastructure.
Workshop day ends
Day one: Wednesday Nov 13
Palace of Fine Arts
Breakfast and registration
Hear what's next for your favorite GitHub products, what's new, and how you can be part of it all.
Actions Packaged: Use GitHub Actions and GitHub Package Registry for CI/CD of any app, package, and service
This session will focus on the latest updates for GitHub Actions and GitHub Package Registry, and how to use them to build, test, and deploy your code. We’ll also walk through examples of repositories using GitHub Actions and GitHub Package Registry for their production CI/CD with multiple different configurations. At the end of this talk, you’ll have an end-to-end understanding of GitHub Actions and GitHub Package Registry, as well as how to use them with your project.
Shaping the contributor experience
At the end of the government shutdown, Sara found herself as the single developer responsible for more than 20 open source projects. To keep everything afloat, she needed help from the open source community. This talk will dive in to how to stay sane when you’re a solo team member, conducting usability research on your open source projects and crafting an intentional contributor experience to grow your community.
Panel: Agility and security: Navigating the enterprise balancing act
Your business needs to innovate at the same pace of your customers’ fast-changing needs but without sacrificing necessary security and compliance processes. Balancing the tension between speed and risk is key to be successful—and there are lots of team management strategies and tools that can help. Hear from leaders who’ve learned how to strike a balance that works for their organizations and how you can borrow from what they’ve discovered.
How highly productive teams communicate using GitHub
Session description coming soon.
"Good code documents itself" and other lies: Changing work culture through documentation
Most developers have heard “good code documents itself” or “documentation outdates easily, the code does not” at some point. This is an excuse to not write documentation or justify the absence of it. In my work with many teams, the lack of documentation is often a symptom of high technical debt.
What if we could turn this around and use documentation like a driver for positive culture change and start paying the critical technical debt? This approach not only helps teams to faster identify areas that need critical support but also brings more empathy to the table.
In this talk, Tania draws on experiences using documentation as a weapon for positive culture and process change in machine learning and scientific computing environments. She focuses on the processes and approaches that enable the creation of documentation for data scientists, infrastructure, and software engineering teams, and clients.
By the end of the talk, you'll learn efficient techniques to make documentation a first-class citizen in your development cycles—and leave with one or two tricks to convince even the most reluctant developer to document code.
Insights into GitHub Enterprise: How IBM tracks social coding
How do you track whether GitHub is supporting and increasing the frequency of good coding behaviors like code review, continuous integration, and social coding for your company? When faced with this problem, IBM dove into their instance of GitHub Enterprise. In doing so, they gained insight into how IBM's internal coding practices within GitHub have developed since 2015 and information about the health of the ecosystem that has sprung up within GitHub. In this talk, you'll hear about their methods of investigation that can be applied to any organization and enterprise-specific datasets to apply business context to the data.
The elusive quest to measure developer productivity
Session description coming soon.
Panel: Women in open source
How can we ensure that we are creating communities that are diverse, inclusive, and most importantly, provide a sense of belonging to all their members? This panel brings together women doing amazing things in the world of Open Source, to share stories about their struggles, their unique experiences and viewpoints, and how these narratives have brought about positive change for the world.
State of the Octoverse
In the billions of contributions made to projects on GitHub this year, developers are crossing time zones and borders to collaborate on the bleeding edge of software development. Join us as we go behind the scenes of the Octoverse report with more data, rich detail and insights on the major communities and projects that made an impact on the platform in 2019, and the broader technology trends they represent.
The code behind cars: How GitHub turned Ford into a software company
Ford began writing software in the 1980s using assembly on a Motorola 8065 microcontroller to implement electronic fuel injection. Today, there are dozens of Electronic Control Units controlling the features and functions of modern automobiles. Development environments range from auto code generation using tools like Matlab and Simulink to hand-coded C running on multicore architectures. Writing code that powers vehicles carries unique environmental and regulatory compliance requirements, including functional safety, emissions, and warranty. Ford is transforming the way they think about software, thanks to GitHub. What do they build, what do they buy, and what do they collaborate on are common discussions, not only within Ford, but across the auto industry. Each decision poses unique challenges in how they develop and deploy software to their customers. This talk will discuss the history of software engineering at Ford, some of the unique requirements and challenges faced in their systems—and how GitHub is helping them deliver the products their customers want, with the quality they demand at the speed of the modern software industry.
Advanced patterns for GitHub's GraphQL API
The GitHub API is a key part of accelerating workflows at scale. This session will leave you with tactical tips for how to paginate effectively, create and plan queries, use tech-preview features, and manage costs learned from years of practice and iteration at Toast and beyond.
Build like GitHub: How we balance features and reliability at scale
Session description coming soon.
Driving ethical change for AI across your organization
As AI becomes more prevalent in our workplaces, it is imperative that solutions are deployed ethically. Organizations need to be cognizant of how they collect and use data, the products they leverage, and the biases that could applied. Most importantly, we need to make sure those who develop algorithms are as diverse as the societies they serve, and that they have the ability to harness the interests and needs of their users. Andrea Gallego, CTO of BCG GAMMA, will explain how GitHub is used by GAMMA’s software and data engineers, data scientists, and analysts to check that unique perspectives and insights are curated and nurtured, and collaboration is tracked and supported across the organization—making GAMMA’s AI solutions more ethical, inclusive, and comprehensive. This talk will help you answer the question: How can we make sure the intelligence we gain from innovations is created and managed ethically?
Featured session description coming soon.
End of day 1
Day two: Thursday Nov 14
Palace of Fine Arts
Breakfast and registration
Keynote description coming soon.
Applying the GitHub security development lifecycle to your open source project
Session description coming soon.
The modern mainframe: GitHub for social coding and mainframe application development
Rumors of the mainframe's demise have been greatly exaggerated. In fact, mainframe workloads are growing in many Enterprises. Until recently mainframe tooling and development processes have been static - stuck in earlier eras. Non-mainframe developers favor Git and GitHub for their decentralized nature, collaboration, and workflow flexibility. As seasoned mainframe programmers leave the workforce many developers are being hired to enhance, modernize, and manage mainframe applications. This makes the need to provide familiar tools and processes more important than ever.
Recent innovations in mainframe technology have greatly reduced the barriers to entry, combining modern, standard tooling and development processes with the power and reliability of big iron. This session will cover how businesses can modernize their mainframe development experience with tooling including Git, GitHub, and Jenkins, making it easier for a new generation of developers support growing mainframe workloads.
Getting sponsored with GitHub Sponsors
Session description coming soon.
Panel: Embracing open source in financial services
This fireside discussion with leaders from some of the biggest and most secure financial services firms in the world will expose achievements, best practices, and some pitfalls along the way to embracing open source. Hear representatives from these teams share the successes and challenges they’ve overcome as they’ve integrated open source technologies, methods, and culture into its daily business operations. You'll also hear insights from the just released State of Financial Open Source Survey (sponsored by the FinTech Open Source Foundation and GitHub) to better understand how industries, specifically financial services, are adopting open source.
How to use GitHub APIs in web standards
Many web standards are produced publicly on GitHub. As Chair of the Immersive Web Working Group, there's a lot of organization to keep projects running smoothly. From building simple scripts to using bots to assist contributors, you'll hear about the GitHub tools that have kept the Immersive Web Working Group's projects running smoothly.
Building an open source community from the ground up
Wonder what's it's like to grow one of the fastest growing open source projects before graduating from high school? Since it's release, 30secondsofcode.org was nominated as the 6th fastest growing open source project by GitHub in 2018, gathered over 45,000 stars, made it to Hacktoberfest trending lists, and started series of education projects used by thousands of developers daily. Growing an organization of this size isn't easy, especially when a newbie is running it. Stefan will share some of his most inspiring and challenging moments of running the organization—and share tips for maintainers and teams starting their own open source projects.
Machine learning ops with GitHub Actions and Kubernetes
Machine learning has the potential to accelerate human progress, automate mundane tasks, and improve business results. However, the practice of deploying machine learning for enterprises is relatively new. The emerging field of machine learning operations borrows best practices and technologies from DevOps that helps enterprises deploy machine learning solutions with confidence. In this talk, we’ll demonstrate how GitHub Actions and Kubernetes can be used to orchestrate machine learning workflows in new ways that increase transparency and reliability of machine learning applications.
Ship happens: shipping pull requests at scale with the merge queue
At Shopify, developers merge and deploy over 400 pull requests each day to Shopify master. Two years ago, we built the merge queue as part of Shipit, an open source project, to control the thundering herd of merges and ensure ships happen quickly and safely. In this talk, Shopify will explore the design of the first iteration of the merge queue, what they've learned from that experience, and how they're evolving the merge queue to continuously scale developer productivity.
Panel: Open Source in Africa
How can open source be a transformative force for growing economies? This panel brings together open source maintainers and advocates from across the African continent, to share stories about how open source software is creating new opportunities across the commercial and government sectors, and generally bringing about positive change for the continent and beyond.
Exemplars, laggards, and the cautious crew: A data-driven look at practices behind exemplar open source projects
In this session, you'll hear about the year-long collaboration between Gene Kim (researcher and co-author of “The Phoenix Project,” “DevOps Handbook,” “Accelerate”), Dr. Stephen Magill, (expert in software security and program analysis), and Sonatype (maintainers of the Maven Central Repository). They examined 10,000 open source Java components that were published to Maven Central and hosted on GitHub. They combined team and project performance metrics from GitHub, popularity data from Maven Central, and vulnerability and dependency data from Sonatype to examine what properties are shared by exemplary open source teams. They discuss these findings, including the differences we see between exemplary small teams and large teams, the fact that popularity does not predict security, and how remarkably difficult it is to keep dependencies patched while being “almost” up-to-date. They also highlight the organizational and technology practices they observe among exemplar open source teams, which release new versions 2x more frequently and remediate security vulnerabilities 3x more quickly, all while delivering a level of value that makes them standouts in terms of popularity and adoption.
What does it take to transform a federal agency to a lean, product-focused enterprise?
By shifting the focus away from traditional, plan-driven “project management” (e.g., cost management, schedule management, etc.) towards a more user-driven product management approach (e.g., user research, minimum viable products, etc.), the VA has been working to create the best digital experience for Veterans and business customers. Learn how VA went about this massive cultural shift -- to making human centered design (HCD) a requirement, not a “nice to have.”
There’s no point in delivering something on-time and on-budget--if it’s the wrong thing.
Don't be a robot: Automating workflows at scale
Managing a large open source project like CPython is no easy task. Learn how the Python core team automated their GitHub workflow with bots, making it easier for maintainers and contributors to collaborate together. Even if you’re not managing a large project, you can still build your own bot! Hear some ideas on what you can automate and personalize on GitHub to build at your best. Don’t be a robot, build one.
Deep dive into GitHub's newest features
GitHub has shipped a lot of features in the past few months that you might not even know about. In this talk, I will show you some features that we’ve added, how you can use them as part of your day to day workflows, and dive a bit deeper into some of the new features we shared in our keynote.
Source code consolidation at Expedia Group: Unlocking collaborative development
In 2018, Expedia Group started a project to consolidate all their source code into a single instance of GitHub Enterprise. The team wanted to drive more collaborative development and improve developer efficiency. In this talk, you'll learn about the background of the project, goals, and objectives for success, the design and architecture of the new instance, migration methods used and how they were automated, and details on the challenges faced and how they were resolved.
Building open source communities of starfish
As the world of open source software has exploded and more people enter the field, essential questions around good communication, boundaries of time and space, and how to work on a shared project across cultures, languages, and geography arise. How can we make sure that new contributors who arrive at a project through Hacktoberfest feel inspired to stay? How can we make sure that maintainers, who are already overburdened and overworked, are given the proper tools to do their sometimes thankless work? As a developer who spent ten years working in the fields of non-project management, counseling, and community organizing, Ben will share some strategies on how to create a more holistic environment where everyone thrives, based on lessons sociologists and researchers have learned from starfish and spider communities.
End of GitHub Universe
Filter ( Results)
GitHub product talk