Skip to content

CircleCI and GitHub Actions

Why Move

A number of issues have been identified with BitBucket and CircleCI.

  • Security Risks (CircleCI)
  • Pipeline secrets are global in nature
  • Public libraries (orbs) are publicly accessible (unpublished)
    • IP Restrictions incur additional cost
  • Updates without notification (CircleCI)
  • Unexpected cost increases
  • Unplanned work
  • Product Limitations (BitBucket)
  • Team onboarding and offboarding cannot be automated with Okta
  • BitBucket API is immature which limits automation

Key Similarities

GitHub Actions and Circle CI share a number of similarities

  • Configuration files are written in YAML
  • Job and Steps hierarchy
  • Jobs can run in parallel, or be dependent
  • Steps are reusable and can be shared

Key Differences

GitHub Actions differs from Circle CI in the following ways

  • Solution

  • GitHub hosted runners

    • Workflow output in GitHub
    • Easier to learn
    • Improved security
    • secrets handling
    • actions are not public

  • Workflows

  • Seperated workflow files (dev|qa|prod)-release.yml vs. config.yml

  • Jobs

  • Fewer jobs with more steps
  • 'needs' instead of 'requires'