🐑 Serverless GitHub Actions 🚀
Run hundreds of concurrent GitHub Actions runners without needing to maintain servers. See a demo of it in action at the AWS re:Invent 2020 session No more idling.
What is it?
LambCI Serverless Actions enable you to run your GitHub Actions workflows on AWS Lambda and Google Cloud Run (Azure to come), and container-based services such as AWS Fargate or AWS CodeBuild.
LambCI manages the connection to GitHub Actions and sends events over Event Bridge or PubSub. The serverless resources live in your cloud account, so you only pay while your workflows are running.
Why would you want this over hosted GitHub Actions?
- More (much moar) concurrency, no queueing
- Per-second (or ms) billing, on your cloud account
- Use IAM to access your cloud resources
- Access to different instance sizes/capabilities (eg GPUs)
Why would you want this over another CI tool?
- First-class citizen in the GitHub UI
- No need to context switch or manage accounts elsewhere
- Familiar, well-documented build specs
- Use thousands of plugins/actions from the GH community
- Don't reinvent the UI – stay in GitHub as much as possible. Organizations don't want yet-another tool to login to, and context-switching is a productivity killer.
- Reducing build times is the goal. Serverless technologies are the means via fast start times and massive parallelization, but they can also be paired with vertical scaling (eg GPU CodeBuild instances).
- All the software that runs your builds should be open-source. This includes the GitHub Actions runner and all the "glue" necessary for invoking it (to be released soon).
- Be a hub for all serverless-CI related resources. Serverless environments differ from traditional environments – typically they're more constrained in disk space. Provide guidance on how to operate in this context, including creating and curating Actions that work in these environments.
GitHub Action payloads are encrypted (at GitHub's end) using RSA public/private key pairs. You can control this key (if you wish) so LambCI will have no visibility into the workflow job or secrets. So long as the resources in your account have access to the private key, they can decrypt the payload and run the workflow jobs in isolation.
Soon, soon! Add your email to the list over at LambCI's homepage to get updates on when this will be available to try out.
Come and chat over in the GitHub Discussions space. You can also reach out on Twitter at @lamb_ci.