Insane, we have to come up with contingency plans now for long-duration GitHub outages because we can't safely do deployments. For a service we're paying thousands of $ per year for even though we host runners ourselves...

Depending on how many thousands of $ per year, it would probably be cheaper and more reliable to self-host GitLab. It's better in terms of organisational structure (you can have one, including access and secret inheritance), and (personal view) Gitlab-CI is better than GitHub Actions because it doesn't push you towards a JavaScript/NPM style dependency hell. And it's actually fairly easy to self-hosted, with options from a single machine with an omnibus package that handles everything to a full blown autoscaling Kubernetes deployment.

Sounds good until you see their cvedetails page

When you own it you can just limit it into vpn-ed company users, that significantly cuts down on the area that can be hit

I mean, the GitHub Actions supply chain risks and attacks definitely compensate for any GitLab security vulnerabilities you can think of.

Hide it behind VPN, so it's not accessible from outside.

Now patching becomes a responsibility, unless your organisation is willing to run knowingly vulnerable software.

Same thoughts - we use an action to ship to production, its builds an image, pushes it to ECS which triggers a deployment.

We can't be blocked here. Seems silly what we settled on this, but for a long time GitHub had been reliable enough for many years, but things are sliding down the pan as of late.

Sounds like a very easy process to rewrite in bash/python and have it on hand if needed.

It's funny, when we were acquired they started moving us to Github actions but it seems that maybe we should stay on our old crusty self-hosted Jenkins setup...

You should never entirely depend on a third party service for deployments.

Been burned too many times on that one.

Ok.

Move to EC2.

Darn AWS is down.

Alright, run it on a Mac Mini in your basement. Ahh dawn, your ISP is having issues. Good thing you have a backup 5G hotspot.

Ohh no, the power is out.

Eventually you have to trust someone else.

GitHub is a tragedy of the Commons. Too many people are using it, and Microsoft isn't willing to handle it correctly.

Feels like a very good business opportunity. Minimum 50k yearly contracts, GitHub with actual uptime. GitPro ?

We’re actually moving back to redundant data centres due to all of those problems.

Aggregate risk is too high.

It's almost as though GitHub should never have let itself be sold to Microsoft...

I'm sure the VCs who invested in GitHub disagree.

This is supposed to be Hacker News! Who is coming up with a startup to fill the gap !

Maybe we need a split between source management and distribution? The former looks like git[hub] to me, the latter maybe more like a Linux distro repo?

We could still deploy manually but it's suboptimal! And we're 'flying blind' without CI runs

> And we're 'flying blind' without CI runs

You should never entirely depend on a third party service to run your tests, either.

   make test

Should work without CI

It is a control pain

./deploy.sh

Self host gitlab. If you already host runners it’s not a big lift.

Even if there is features that are similar, most of gitlabs features are for paying customers only.

OP said they already pay for GitHub. We pay for the premium tier of Gitlab at my work and it’s definitely worth it.

It's always best to be portable - always be able to do builds and releases locally (at least, once you get the keys - it shouldn't be possible by default), then add things like github actions on top as convenience.

Same here. You’d think they could at least separate out the GitHub-hosted and self-hosted runners, so you’re still able to dispatch jobs if the self-hosted runners are down.

If the job queue is down, that wouldn't help, would it?

On my repo the jobs do not get scheduled on the PRs at all, so I assume that separation wouldn't help for todays issue.

They have the github enterprise domain separated out and its working fine right now https://us.githubstatus.com/posts/dashboard

I’m not convinced they actually do, because GHE on the cloud tends to have the same problems as the main outages. Probably costs extra to be “single tenant” or whatever

> For a service we're paying thousands of $ per year for even though we host runners ourselves...

Wait until you charge you for self-hosting runners.

Oh wait. They already tried.

Sure. Don't use GitHub.

You can now hire me as an overpriced consultant instead of paying Microsoft.

iDeal is an enormous success in the Netherlands so if banks implement it as well in other countries then it will definitely be competitive with credit cards for online payments

Wero is the pan-European successor to ideal. Other countries had something similar. We are now converging on using the same technique and mechanism everywhere. It also takes a bite out of payment providers like adyen because they managed the different payment methods for shops. In the future you only need to use Wero.

iDeal is in the process of being replaced by Wero, which is pretty cool!

No, open-source maintainers don't owe you anything if you don't pay for it

I have said the same many times here on HN. This in/famous blog post really changed my view: "Open Source Maintainers Owe You Nothing": https://mikemcquaid.com/open-source-maintainers-owe-you-noth...

I have similar problems with product I do pay for, and I still get told I have no say. FO/OSS distinction is a red herring.

At some point it need to be made clear; it's not a legal obligation, but a reputational challenge.

I highly recommend anyone to look at jq's VM implementation some time, it's kind of mind-blowing how it works under the hood: https://github.com/jqlang/jq/blob/master/src/execute.c

It does some kind of stack forking which is what allows its funky syntax

The backtracking implementation in jq is really the secret sauce for how it handles those complex filters without getting bogged down

Looks like naive implementation of homemade bytecode interpreter. What's so mind blowing about that? Maybe I missed something.

Hopefully some actual competition against GSuite (or whatever it's called these days)

Wow I've heard pieces of this but never the full thing, incredible

Wow 11 years ago, takes me back...

Sure, but getting this far would be inconceivable just half a year ago. It will only get better as time passes

My website: https://bou.ke/

I should blog more, and so should you!

It's not available in my region (NL) :(