As a team leader or team member, you’re often confronted with the challenge of balancing operational efficiency with cost management. This chapter delves into critical areas that will enhance your team’s GitHub experience while keeping a close eye on the economics of your operations.

This chapter will focus on a detailed examination of the costs associated with GitHub Actions. We will scrutinize the specific billable items that are vital to be aware of when dealing with GitHub. By exploring the billable components heavily used by Actions in depth, we aim to clarify whether these components are the most suitable and cost-effective for your specific needs.

In addition to cost management, this chapter also touches on reporting. We will guide you and inform you of Actions available to generate reports on your teams’ activities within GitHub, leveraging the GitHub API. This reporting is about tracking progress and providing...

To follow along with the hands-on material in this chapter, you will need to follow the steps in the previous chapter or access the resources from that chapter and refer back to it if anything is unclear. You will also need to do the following:

• You must create a new private repository under your organization, FinOps.GitHub, that has been initialized with a readme file.
• You will need to create a short-term classic personal access token that has access to query the organization you’ve created. It will need the scope of repo and read:org and store that as a secret with a name of REPOSITORY_ADMIN_PAT to FinOps.GitHub.
• You’ll also need to create a new Slack Webhook for a new channel called github-finops, which will then be saved as a secret named FINOPS_SLACK_CHANNEL under the newly created repository.

We will be walking through the process of creating everything else in this chapter.

What we have covered so far for action-based cost spending throughout the book was around optimizing the workflows to reduce action spend. But we have not covered yet how to measure or alert when we’re getting close to exceeding our budgets or how to identify slow actions.

Datadog has capabilities here by capturing and visualizing our workflows, but that’s not ideally what it’s there for. In this section, we’ll focus on some alternatives in the marketplace that provide a good overview of where your minutes are spent across all the runners. We’ll then extend it so that we can also have this reported to us via communication tools such as Slack in a FinOps channel.

Let’s first dive into what we can do natively in GitHub.

GitHub spending limits

Managing costs effectively is a key element in the administration of any software development endeavor. As GitHub Actions become more prevalent in CI/CD processes, grasping...

In Chapter 2, particularly in the section about artifact management, we discussed Time-To-Live (TTL) for uploaded artifacts and its impact on their lifespan in storage containers. However, we haven’t yet addressed storage capacity constraints in accounts. At the time of writing this book, GitHub offers a monthly quota of 500 MB for the account structure we used in this book. However, so you are aware and for further details on storage options, refer to the following link: https://docs.github.com/en/billing/managing-billing-for-github-actions/about-billing-for-github-actions#included-storage-and-minutes.

Establishing an optimal default artifact and log retention policy for our organization is crucial. By standard practice, artifacts uploaded via the actions/upload-artifact action or REST endpoint, without a specified retention TTL, remain accessible for 90 days. Considering our storage limitations, this duration might be unnecessarily long...

Apart from the two reports on spending limits and workflow usage discussed earlier in this chapter, I regularly utilize two additional reports called the dormant user report and the user contribution report. These are generated either monthly or as required. Their primary purpose is to analyze the organization’s user activity and reclaim any unused licenses.

These reports are particularly valuable when the organization is not part of an enterprise account with enterprise users. In cases where an enterprise has integrated user provisioning with an Identity Provider (IDP) and a user becomes inactive in the IDP, the enterprise can decommission that user’s account. This helps in effective user management. However, if the organization includes public accounts, the enterprise cannot delete them since it does not own them. It can only remove them from the organization if the IDP indicates they are invalid.

The reason for...

This section will introduce a powerful tool in GitHub: Dependabot. Dependabot plays a pivotal role in software maintenance and security by automatically scanning your project’s dependencies. It checks for outdated or vulnerable libraries and packages. Then, it takes proactive measures, such as raising a pull request against the repository to keep your software up to date and secure.

One of the key features of Dependabot is its ability to target GitHub Actions specifically. Dependabot ensures that these workflows are using the latest versions of actions. Doing so not only enhances the security of your workflows but also ensures that they benefit from the latest features and performance improvements of the actions they utilize.

When Dependabot detects outdated or insecure dependencies in your GitHub Actions workflows, it doesn’t just alert you; it goes further. It automatically generates pull requests to update these dependencies...

This chapter was a short one, as GitHub is an evolutionary platform that has been addressing many constraints quickly throughout its evolution. There are still issues with the visibility of users and spending, as well as opportunities for GitHub to improve minute-spending observability natively instead of resorting to actions to push reports to storage.

In this chapter, we first reviewed the costs associated with GitHub Actions, highlighting the key billable items to consider. This was aimed at providing clarity as to whether these components are the most suitable and cost-effective for specific needs. Additionally, we addressed cost management and the utility of reporting in GitHub. By leveraging the GitHub API, we discussed how to generate comprehensive reports on team activities, providing the team with the tools to track costs and make better cost-related decisions, ultimately enhancing team performance.

The latter section of the chapter focused on the management...