Skip to content

GitHub Actions: Secure cloud deployments with OpenID Connect

GitHub Actions now supports OpenID Connect (OIDC) for secure deployments to cloud, which uses short-lived tokens that are automatically rotated for each deployment.
This enables:

  • Seamless authentication between Cloud Providers and GitHub without the need for storing any long-lived cloud secrets in GitHub
  • Cloud Admins can rely on the security mechanisms of their cloud provider to ensure that GitHub Actions workflows get the minimal access for cloud resources. There is no duplication of secret management in GitHub and the cloud.

How this works:

  1. Developers set up OIDC trust on their cloud roles to manage access between their deployment workflows and cloud resources.
  2. In each deployment, GitHub Actions workflow presents an autogenerated OIDC JWT token to the cloud provider
  3. Cloud provider validates the claims in the OIDC token against the cloud role definition and provides a cloud access token to connect and deploy to the Cloud only during the workflow run.

image

Learn more about Security hardening your GitHub Workflows using OpenID Connect.

Since we introduced the new GitHub Issues earlier this year in a private beta, we've been working hard to expand access to all developers in order to make GitHub the best place to plan, track, and manage your work. Today, we are really excited to announce that we're moving into a public beta, and now everyone on GitHub.com has access to the new project tables and boards. 🎉

We've used the past few months to work with our private beta users and continue to build up the capabilities of project planning on GitHub with the ability to convert a draft issue to an issue, do bulk actions in tables and boards, automate repetitive actions, set your team's tempo with iterations, and so much more. Along with the new Issues being available for everyone, we're shipping these new capabilities to you today:

📬 Live updates

Collaborate with your team in real-time! Now projects will update as you work so you never miss a thing.

This feature is rolling out gradually, and may take a few weeks to get enabled for your projects.

live-updates

🌐 Public Projects

Public projects let you share what you are working on with the world. Whether this is your team's roadmap, a list of items where you're seeking feedback, or the current work you have in progress – public projects help you work with your community.

  • Project admins can now toggle between public and private visibility in a project's settings screen.
  • Quickly see if a project is public or private via the lock or globe icon next to the project name.
  • Public projects will only show public items, any issues or PRs added from private repositories will be redacted. This includes any metadata added to them in the project view.

public-projects-setup

📊 Insights

Our new burn up chart is designed to help teams visualize progress towards completion, understand development flow, and provide early warning of potential bottlenecks.

This capability has been released as a limited alpha. More organizations will be added in the future.

Insights-alpha

✨ Bug fixes & improvements

We have a whole bunch of improvements for you, including:

  • GitHub Apps support, available as part of the organization projects permissions scope.
  • Projects can now be created under user accounts in addition to organization accounts – head to the projects tab on your profile page to get started.
  • Increased the number of views a project can have to 42 📈
  • Bug fix: removed unnecessary blank rows at the bottom of the table layout.
  • Bug fix: select all (meta+a) works when you are in the No Status column of the board.
  • Resolved scrolling problems in Safari, especially in group by.
  • Added the ability to applysort and group by in the view menu. (Previously you could only clear these in the view menu – which was very confusing!)
  • Archive all cards in a column via a new option in the column header menu.
  • Improved how , is handled in the filter bar which now correctly triggers a new OR search.
  • Custom fields are now clickable in the board layout to quickly apply a filter. (This was a major request!)
  • Row highlights are easier to dismiss with the esc key.
  • Draft issues are included as issues when filtering for is:issue.
  • Hide a grouped column in the table layout.
  • Closed issues are now purple 💜.

Thank you so much to everyone who has helped us with feedback during the private beta 🙏

See how to use GitHub for project planning on the GitHub Issues page, see what's on the roadmap, and learn more in the docs.

See more

Our current issue icon colors are a source of constant user feedback, citing confusion with errors, confusion between why Open is green and Closed is red, accessibility concerns and the general scariness of seeing red across the issues index page when a bunch of closed issues is usually a good thing.

As part of our roadmap issue today we are starting a rollout that updates the issue closed icon from red to purple. Please see the roadmap issue for more information and future plans to address all of the feedback we have received.

See more