Catching Smells in the Act: A GitHub Actions Workflow Investigation

Ali Khatami; Cedric Willekens; Andy Zaidman

doi:10.1109/SCAM63643.2024.00015

Catching Smells in the Act: A GitHub Actions Workflow Investigation

Ali Khatami, Cedric Willekens, Andy Zaidman

Research output: Chapter in Book/Conference proceedings/Edited volume › Conference contribution › Scientific › peer-review

2 Downloads (Pure)

Abstract

GitHub Actions (GHA) are a way to automate CI/CD workflows within the GitHub platform. The deep integration of GHA into GitHub enables to automate a wide range of social and technical activities. In this study, we investigate workflow smells, i.e., characteristics in the workflow that possibly indicate a deeper problem. Through a mining study, we first expose a list of frequent change patterns in the workflows of 83 GitHub projects. We then manually analyze these frequent change patterns to understand the negative effects that the frequent changes try to remove. To validate the list of 22 potential workflow smells that we thus obtain, we carry out a contribution study with 32 projects on GitHub through pull requests that contain a fix to the candidate smell. By qualitatively analyzing the maintainers' comments in 32 pull requests, we settle on 7 confirmed GHA workflow smells.

Original language	English
Title of host publication	2024 IEEE International Conference on Source Code Analysis and Manipulation (SCAM)
Publisher	IEEE
Pages	47-58
Number of pages	12
ISBN (Electronic)	979-8-3315-2850-8
DOIs	https://doi.org/10.1109/SCAM63643.2024.00015
Publication status	Published - 2024
Event	24th IEEE International Conference on Source Code Analysis and Manipulation, SCAM 2024 - High Country Conference Center, Flagstaff, United States Duration: 7 Oct 2024 → 8 Oct 2024 https://conf.researchr.org/home/scam-2024

Conference

Conference	24th IEEE International Conference on Source Code Analysis and Manipulation, SCAM 2024
Country/Territory	United States
City	Flagstaff
Period	7/10/24 → 8/10/24
Internet address	https://conf.researchr.org/home/scam-2024

Bibliographical note

Green Open Access added to TU Delft Institutional Repository 'You share, we take care!' - Taverne project https://www.openaccess.nl/en/you-share-we-take-care
Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.

Keywords

Continuous Deployment (CD)
Continuous Integration (CI)
GitHub
GitHub Actions
GitHub Actions Optimization
GitHub Actions Security
Open Source Software (OSS)
Software Evolution

Access to Document

10.1109/SCAM63643.2024.00015

Catching_Smells_in_the_Act_A_GitHub_Actions_Workflow_InvestigationFinal published version, 567 KB

Cite this

@inproceedings{2179fd65ecb940d1b1f1115d469cd33d,

title = "Catching Smells in the Act: A GitHub Actions Workflow Investigation",

abstract = "GitHub Actions (GHA) are a way to automate CI/CD workflows within the GitHub platform. The deep integration of GHA into GitHub enables to automate a wide range of social and technical activities. In this study, we investigate workflow smells, i.e., characteristics in the workflow that possibly indicate a deeper problem. Through a mining study, we first expose a list of frequent change patterns in the workflows of 83 GitHub projects. We then manually analyze these frequent change patterns to understand the negative effects that the frequent changes try to remove. To validate the list of 22 potential workflow smells that we thus obtain, we carry out a contribution study with 32 projects on GitHub through pull requests that contain a fix to the candidate smell. By qualitatively analyzing the maintainers' comments in 32 pull requests, we settle on 7 confirmed GHA workflow smells.",

keywords = "Continuous Deployment (CD), Continuous Integration (CI), GitHub, GitHub Actions, GitHub Actions Optimization, GitHub Actions Security, Open Source Software (OSS), Software Evolution",

author = "Ali Khatami and Cedric Willekens and Andy Zaidman",

note = "Green Open Access added to TU Delft Institutional Repository 'You share, we take care!' - Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.; 24th IEEE International Conference on Source Code Analysis and Manipulation, SCAM 2024 ; Conference date: 07-10-2024 Through 08-10-2024",

year = "2024",

doi = "10.1109/SCAM63643.2024.00015",

language = "English",

pages = "47--58",

booktitle = "2024 IEEE International Conference on Source Code Analysis and Manipulation (SCAM)",

publisher = "IEEE",

address = "United States",

url = "https://conf.researchr.org/home/scam-2024",

}

Khatami, A, Willekens, C & Zaidman, A 2024, Catching Smells in the Act: A GitHub Actions Workflow Investigation. in 2024 IEEE International Conference on Source Code Analysis and Manipulation (SCAM). IEEE, pp. 47-58, 24th IEEE International Conference on Source Code Analysis and Manipulation, SCAM 2024, Flagstaff, Arizona, United States, 7/10/24. https://doi.org/10.1109/SCAM63643.2024.00015

TY - GEN

T1 - Catching Smells in the Act

T2 - 24th IEEE International Conference on Source Code Analysis and Manipulation, SCAM 2024

AU - Khatami, Ali

AU - Willekens, Cedric

AU - Zaidman, Andy

N1 - Green Open Access added to TU Delft Institutional Repository 'You share, we take care!' - Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.

PY - 2024

Y1 - 2024

N2 - GitHub Actions (GHA) are a way to automate CI/CD workflows within the GitHub platform. The deep integration of GHA into GitHub enables to automate a wide range of social and technical activities. In this study, we investigate workflow smells, i.e., characteristics in the workflow that possibly indicate a deeper problem. Through a mining study, we first expose a list of frequent change patterns in the workflows of 83 GitHub projects. We then manually analyze these frequent change patterns to understand the negative effects that the frequent changes try to remove. To validate the list of 22 potential workflow smells that we thus obtain, we carry out a contribution study with 32 projects on GitHub through pull requests that contain a fix to the candidate smell. By qualitatively analyzing the maintainers' comments in 32 pull requests, we settle on 7 confirmed GHA workflow smells.

AB - GitHub Actions (GHA) are a way to automate CI/CD workflows within the GitHub platform. The deep integration of GHA into GitHub enables to automate a wide range of social and technical activities. In this study, we investigate workflow smells, i.e., characteristics in the workflow that possibly indicate a deeper problem. Through a mining study, we first expose a list of frequent change patterns in the workflows of 83 GitHub projects. We then manually analyze these frequent change patterns to understand the negative effects that the frequent changes try to remove. To validate the list of 22 potential workflow smells that we thus obtain, we carry out a contribution study with 32 projects on GitHub through pull requests that contain a fix to the candidate smell. By qualitatively analyzing the maintainers' comments in 32 pull requests, we settle on 7 confirmed GHA workflow smells.

KW - Continuous Deployment (CD)

KW - Continuous Integration (CI)

KW - GitHub

KW - GitHub Actions

KW - GitHub Actions Optimization

KW - GitHub Actions Security

KW - Open Source Software (OSS)

KW - Software Evolution

UR - http://www.scopus.com/inward/record.url?scp=85215312674&partnerID=8YFLogxK

U2 - 10.1109/SCAM63643.2024.00015

DO - 10.1109/SCAM63643.2024.00015

M3 - Conference contribution

AN - SCOPUS:85215312674

SP - 47

EP - 58

BT - 2024 IEEE International Conference on Source Code Analysis and Manipulation (SCAM)

PB - IEEE

Y2 - 7 October 2024 through 8 October 2024

ER -

Catching Smells in the Act: A GitHub Actions Workflow Investigation

Abstract

Conference

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this