Hello. I'm Hirakiba from the Productivity Improvement Team at Cybozu, Inc.

Our Productivity Improvement Team holds an internal meeting every Wednesday called "Productivity Weekly," where we share topics related to improving developer productivity discovered over the past week.
This article is a summary of the topics from those meetings.

This is the 74th issue. You can find past articles here.

news 📺

github/gh-valet: Valet helps facilitate the migration of Azure DevOps, CircleCI, GitLab CI, Jenkins, and Travis CI pipelines to GitHub Actions.

https://github.com/github/gh-valet

A new tool from GitHub for migrating from existing CI tools to GitHub Actions, github/gh-valet, has been released (private beta). It supports Azure DevOps, CircleCI, GitLab CI, Jenkins, and Travis CI.

It is built as a GitHub CLI extension, making installation easy. However, since it is currently in private preview, you need to contact GitHub Sales to request access (by the way, I haven't been able to use it yet).

Valet is currently private and customers must be onboarded prior to using the gh-valet CLI extension. Please reach out to GitHub Sales to inquire about being granted access.

Based on reading the source code and README, it seems that the OSS gh-valet itself is just an interface, and processing like conversion is performed by ghcr.io/valet-customers/valet-cli ^[1]. It appears that pulling this image is only allowed for those on the private preview list. Therefore, it seems unlikely that one could bypass usage restrictions by modifying the github/gh-valet source code.

❯ docker pull ghcr.io/valet-customers/valet-cli
Using default tag: latest
Error response from daemon: unauthorized

The interesting thing about gh-valet is that it doesn't seem to be just a workflow file conversion tool. It includes features to assist with migration, such as the gh valet audit command to access the source CI server and output a pipeline summary, and the gh valet forecast command to predict usage after migrating to GitHub Actions based on past pipeline usage history.

Honestly, I often have the impression that these kinds of migration tools ultimately can't handle large-scale workflows. However, because gh-valet retrieves information from CI servers and a specialized "Valet team" has been formed within GitHub ^[2], I'm hopeful that it might be usable even for large-scale workflows in the future.

Since it's currently in private beta, if you're interested, you should check with your internal GitHub administrator.

github/gh-gei: GitHub Enterprise Importer CLI

https://github.com/github/gh-gei

GitHub's official tool for migrating organizations and repositories from GitHub Enterprise Server or Azure DevOps to GitHub Enterprise Cloud, github/gh-gei, has been released (public beta).

It is built as a GitHub CLI extension and is easy to install.

While you could migrate a git repository by simply creating a new one and pushing the branches from the old one, that approach didn't carry over issues or pull requests.

gh-gei can be run by anyone who has tokens with permissions for the source and destination organizations (or repositories). In addition to issues and pull requests, it can migrate wikis, branch protection, and various other information. To see what data can be migrated, please refer to Migration support for GitHub Enterprise Importer - GitHub Docs.

I wondered what would happen to the users associated with issues and pull requests (while commit users are fine), and it seems that the source users become a concept called "Mannequins" during migration (Reference). For Mannequins, you can assign which GitHub user they correspond to from the GitHub administration screen.

There have been similar official migration tools before, but to be honest, they were difficult to use because they weren't open source, or in the case of GHES, required scripts to be run on the server side, making coordination with server administrators essential.

I haven't tried it yet, but it seems like a very convenient tool for cloud migration. It's also great that you can migrate on an organization-by-organization basis. For detailed migration methods, please refer to the documentation ^[3].

Consistently allow GitHub Apps as exceptions to branch protection rules | GitHub Changelog

https://github.blog/changelog/2022-05-17-consistently-allow-github-apps-as-exceptions-to-branch-protection-rules/

In GitHub branch protection, it is now possible to add GitHub Apps as exceptions to the setting that enforces pull requests (Restrict who can push to matching branches). Previously, exceptions could only be granted to users and teams.

This change allows for cases where, for example, you want to use a GitHub App to automatically add commits to the main branch while still enforcing pull requests for the main branch. It's a change that makes development more flexible and secure. It's something worth remembering.

Release v1.22.0 · microsoft/playwright

https://github.com/microsoft/playwright/releases/tag/v1.22.0

Playwright v1.22.0 has been released, adding component testing features for React, Vue, and Svelte (preview). This is a feature that allows testing components individually rather than opening a page to test them. Other testing frameworks like Cypress also support this (Introduction | Cypress Documentation).

Since it's still an experimental feature, the import method differs from the usual, but it seems easy to use because you can instantiate a component by passing it as an argument to the callback function's argument (function) passed to the test method. For more details, read the documentation. I'm looking forward to it becoming an official feature.

know-how 🎓

Introducing the team responsible for streamlining the delivery process of development teams and products & maximizing results

https://engineering.linecorp.com/ja/interview/effective-team-and-delivery/

This is an article introducing the Effective Team & Delivery Office (ETD Office) at LINE, a professional group that makes the delivery processes of various development organizations, projects, and products more effective.

They mainly provide agile coaching and project management consulting, emphasizing proposing solutions they consider necessary at the time for the supported site.

In addition to direct support, their activities are broadly divided into the following:

• Direct support to organizations and projects
• Providing know-how through training, documentation, toolkits, etc.
• Creating and operating internal communities
• Activities to improve the performance of the ETD Office itself

This article also introduces activity examples, making it easy to imagine the specific work details.

Initially, I thought there might be a lot of technical support since it's a team for streamlining delivery processes, but I realized they also place weight on growing people and organizations, such as coaching and team building. I found the general activities close to those of the Productivity Improvement Team, so I'd like to use them as a reference.

Introduction to IT Engineer Recruitment

https://zenn.dev/tbpgr/books/214cd4a0052a92

This is a Zenn Book summarizing information on IT engineer recruitment by someone who has experience as a Web engineer and an engineering recruiter.

The volume is surprising. As of 2022/05/28, it exceeds 60,000 characters and has 55 chapters.

The broad table of contents includes: book overview, prerequisite knowledge, recruitment marketing, job requirement definition, job descriptions, casual interviews, direct recruiting, screening, candidate experience, and others & use cases. It covers the entire scope from the start to the end of recruitment.

While it would be happy if we could just focus on daily development, the reality is that recruitment activities are indispensable for scaling a team. This book seems like it will be a good reference for conducting recruitment activities efficiently and effectively.

Tidbits 🍘

This is a section where I write about topics that came up in Productivity Weekly but for which I don't have the energy to introduce fully, or topics that didn't have much to say about, in about one sentence.

• news 📺
  • Changelog summarized on user dashboards | GitHub Changelog
    • GitHub's Changelog is now displayed on the GitHub dashboard.
    • It's nice to see how many days ago a topic was posted.
  • Node.js 16.x runtime now available in AWS Lambda | AWS Compute Blog
    • Node.js 16 support for Lambda, which was rumored in last week's weekly, has officially arrived.
    • Since I wrote about it in last week's article, it's in the tidbits section.
  • Secret scanning: Dry runs for enterprise-level custom patterns | GitHub Changelog
    • In GitHub, dry runs for secret scanning custom patterns are now possible at the enterprise level.
  • Dependabot alerts show all affected files for vulnerable function calls (Python Beta) | GitHub Changelog
    • Regarding the vulnerable function call detection feature in Dependabot alerts I introduced previously, previously only one call part was highlighted, but now all affected call parts are highlighted.
• know-how 🎓
  • GitHub Actions Job Summariesを使うならactions/github-scriptが便利 (Using actions/github-script is convenient for GitHub Actions Job Summaries)
    • An article explaining that using the actions/github-script action is convenient for the GitHub Actions job summary feature I introduced recently.
    • Normally, you append to $GITHUB_STEP_SUMMARY using echo, but by writing to the summary from JavaScript with the actions/github-script action, you can easily send complex content.
    • I didn't know core.summary was added to @actions/core. Seems useful.
    • However, writing JS inside YAML might decrease maintainability if it's more than a few lines, so I want to be careful.
    • I was surprised that syntax highlighting is applied to JS within YAML. I wonder how it works.
• tool 🔨
  • fugue/regula: Regula checks infrastructure as code templates (Terraform, CloudFormation, k8s manifests) for AWS, Azure, Google Cloud, and Kubernetes security and compliance using Open Policy Agent/Rego
    • A security/compliance check tool for Terraform, CloudFormation, and K8s manifests.
    • Supports AWS, Azure, and GCP.
    • However, there don't seem to be that many existing rules yet: https://regula.dev/rules.html
  • ソフトウェアテスト関係者くらいしか使わない絵文字　第一弾 | グッズ | 株式会社MagicPod (Emojis only software testing people use - Part 1)
    • A list of emojis that can be used as Slack emojis.
    • Lots of emojis related to software testing.
  • Cloudflare D1 がヤバい (Cloudflare D1 is crazy)
    • The recently announced Cloudflare D1 seems amazing.
    • It's supposedly SQLite with Read Replicas scattered across the CDN Edge.
    • I'm curious.
  • Programmable MQTT-based messaging
    • Cloudflare is starting a Pub/Sub service.
    • If you want to start using it, register for the private beta.

Afterword

I'm very sorry this week's issue is so late. I've been busy with various things in both my private and professional life lately. By the way, I went to see Shin Ultraman. I only watched Ultraman on TV when I was a kid, so I'm not very knowledgeable, but even I enjoyed it. After watching it and looking things up, it seems there were many depictions based on the original material, which makes me want to go see it again.

Also, I've started Revue as an experiment. If you subscribe, you'll receive an email when the latest issue of Productivity Weekly is out. Please sign up if you'd like.
https://www.getrevue.co/profile/korosuke613_productivity_weekly

The Productivity Improvement Team at Cybozu is working to improve the development productivity of internal engineers. If you're interested in such a team, click the link below!
https://note.com/cybozu_dev/n/n1c1b44bf72f6