Team Development with GitHub

Introduction to the GitHub Ecosystem

GitHub has evolved far beyond open-source code hosting and is now the primary toolchain for professional enterprise development. It provides an integrated environment that unifies planning (Issues/Projects), coding (Codespaces/Copilot), security (Advanced Security), and CI/CD (Actions). We will explore how these professional features support secure, compliant, and scalable team workflows.

• The GitHub Flow vs. Traditional DevOps
• Understanding the hierarchy: Enterprise, Organizations, and Teams
• Personal accounts vs. Organization-owned repositories
• LAB: Creating your Organization and configuring a repository

Using Git

Sources are probably the most important part in any software project and we need a way to keep track of all sources and all changes. GitHub relies exclusively on Git. Here we ensure you have a solid foundation in Git mechanics.

• Version Control concepts
• Distributed Source Control with Git
• Git Clients: GitHub Desktop, Visual Studio (Code)
• Creating a local repository
• Configuring your git user and email
• Checking the status of your repo
• Staging files
• Committing files, and then amending it
• Comparing changes in files
• Reverting commits
• LAB: Working with a local repository

Team collaboration with remote repositories

Multiple developers working on the same code base requires a central place for all your team's code and changes. In GitHub, these are Remote Repositories. Here we discuss team collaboration with Git.

• Team collaboration with remote repositories
• Cloning a remote repository
• Synchronizing with a remote repository (Push/Pull)
• Resolving Git Pull conflicts
• LAB: Collaborating on a shared GitHub repository

Working in isolation with branches

How can we avoid code changes from one developer interfering with code from others? Branching has always been used to allow developers to complete their changes before integrating them with others.

• Adding branches to your workflow
• Branching Strategies - The GitHub Flow
• Merge vs. Rebase - keeping a linear history
• Different Merge Strategies (Squash, Rebase, Merge Commit)
• Managing your branches via UI and CLI
• LAB: Implementing a feature branch workflow

Team Collaboration with Pull Requests

The Pull Request is the heart of collaboration in GitHub. It is where code review, discussion, and automated checks happen. Pull requests allow you to ensure that your code maintains its high quality before merging.

• Protecting your branches with Branch Protection Rules
• Code Reviews and Threaded Discussions
• Using Code Owners for automatic assignment
• Draft PRs vs Ready for Review
• LAB: Managing a Pull Request lifecycle and Code Review

Git Recipes

A collection of specialized techniques for optimizing your workflow, fixing common mistakes, and managing complex repository states.

• Git Worktrees for managing multiple checkouts
• Stashing changes for quick context switching
• Git Cherry-Pick to apply specific commits
• Interactive Rebase for cleaning commit history
• Git Reflog to recover lost commits or branches
• Git Hooks for workflow automation
• Custom Aliases for personalized commands
• Git Bisect for automated bug hunting
• Removing Secrets and sensitive data from history
• Global .gitignore for cleaner environments

Expand your Development Team with GitHub Copilot

GitHub Copilot Coding Agent allows you to let GitHub Copilot autonomously implement entire features, starting from high-level requirements. Through an iterative back-and-forth you can steer copilot precisely in the direction you want, without even having to use an IDE! Additionally, Copilot can provide feedback on your developers pull requests, to streamline pull request verification.

• Introduction to GitHub Copilot Coding Agent
• Defining Feature Requirements with GitHub Issues
• Assigning Copilot as a Pull Request Reviewer
• Steering Copilot
• Reviewing Changes with GitHub Codespaces
• LAB: Add GitHub Copilot to your Project's Development Team

Project Management with GitHub Issues & Projects

GitHub manages work where the code lives. We will move away from complex heavy process templates and use GitHub's flexible project management tools to track bugs, features, and ideas.

• Introduction to GitHub Issues (Labels, Assignees, Mentions)
• Converting Issues to Tasks (Tasklists)
• Using GitHub Projects (Tables, Boards, and Roadmaps)
• Custom Fields and Automation
• LAB: Setting up a Project Board and populating the Backlog

Planning and Executing Sprints

GitHub Projects supports the full agile lifecycle, bridging the gap between planning and execution. We will explore how to define iterations, visualize workload, and automate progress tracking to keep the team focused on delivery without the administrative overhead.

• Managing Sprints with Iteration fields and Milestones
• Capacity planning and visualizing workload
• Automating progress with Workflows and PR linking
• Monitoring health with Burndown charts and Insights
• LAB: Planning and Executing a Sprint in GitHub Projects

Continuous Integration with GitHub Actions

To build quality software and to avoid integration problems, continuous integration builds are considered a best practice. GitHub Actions is the native automation engine. Here, you will author workflows to ensure the quality of your project.

• Doing Continuous integration
• Introduction to YAML workflows
• Events (Triggers), Jobs, and Steps
• Using the GitHub Marketplace for Actions
• GitHub Hosted Runners vs Self-Hosted Runners
• LAB: Creating a CI workflow to build and test code

Continuous Deployment with GitHub Actions

With continuous deployment, you can automatically deploy your project. By utilizing Environments, you can verify the quality of your deployment through manual approvals and protection rules before deploying to production.

• Release management in GitHub Actions
• Defining Environments (Dev, QA, Prod)
• Setting up Deployment Protection Rules
• Authenticating with Cloud Providers (OIDC)
• LAB: Creating a CD workflow to deploy to Azure

Deployment Patterns

Continuous Delivery is more than release management. Here we will discuss different deployment patterns and when to use them.

• Deployment is more than deploying to QA and PROD environments
• Explore Microservices Architecture
• Minimize Deployment Downtime using Blue/Green Deployment
• Using Canary Releases
• Exposing New Features using Feature Toggles
• Using GitHub Environments for Progressive Exposure
• LAB: Implementing a staged deployment workflow

Configuration and Secrets Management

How to handle sensitive data and configuration without committing it to the repository is critical. We will look at GitHub Secrets and Variables.

• Repository Secrets vs. Environment Secrets
• Using Configuration Variables
• Managing Secrets in GitHub Codespaces
• Securely passing secrets to Actions
• LAB: Securely using secrets in a GitHub Action

Implement Secure Continuous Deployment

How do you ensure your applications are secure? GitHub offers "Advanced Security" features to find and fix security issues early in the process. It begins with practices commonly referred to as DevSecOps.

• Dependency Management with Dependabot
• Static Application Security Testing (SAST) with CodeQL
• Secret Scanning (Preventing credential leaks)
• Push Protection
• LAB: Enabling Dependabot and fixing a security alert

Infrastructure as Code

The cloud enables you to easily provision computing infrastructure, such as servers, networks, storage, and other resources. With 'infrastructure as code,' you use machine-readable definition files, such as ARM or Bicep, to deploy your infrastructure.

• What is Infrastructure as Code?
• Authoring Bicep Templates
• Deploying Bicep using Azure CLI
• Using Desired State Configuration
• Using Continuous Deployment to create your infrastructure
• LAB: Deploying your application's infrastructure

GitHub Packages

Modern development utilizes packages like NuGet, NPM, or Docker. With GitHub Packages, you can host your own private or public package feeds right alongside your code.

• Understanding GitHub Packages registry
• Publishing a package from a Workflow
• Consuming packages in a Workflow
• Versioning strategies
• LAB: Publishing and consuming a private package