►
Description
Envoy on Kittens: Improving Developer and Maintainer Velocity - Itay Donanhirsh
In this talk Itay will present RepoKitteh (https://repokitteh.io), a lightweight, rapid and low cost approach for GitHub automation. The presenter will explain the necessity for GitHub automation, how RepoKitteh approaches the problem and how it compares to the alternatives, such hand crafted custom integrations and GitHub actions. The integration with Envoy will be detailed, and a demonstration of implementing new automations will be given. At the end of this talk, Envoy contributors will be empowered and inspired to add their own RepoKitteh integrations.
A
A
First
of
all,
let
me
assert
that
cats
are
a
very
important
part
of
computer
science,
as
you
can
see,
google's
artificial
brain
learns
to
find
cat
videos
that
was
done
some
time
ago.
If
I
remember
correctly,
also
50
of
the
traffic
on
the
web
is
calculated,
which
is
quite
significant
and
also
your
favorite,
open
source
project
envoy
has
a
lot
of
cat
related
tags
on
it
and
obviously,
let's
say
not
forget
about
octocat,
which
you
can
see
here
and
we
actually
deal
with
it
a
lot.
A
First
of
all,
let's
define
the
need
for
automation
when
a
project
have
a
growing
number
of
contributors
like
envoy.
There
are
procedures
that
need
to
be
set
in
place.
This
procedure
need
to
be
enforced
and
better.
Yet
automated,
if
possible,
we
don't
know
want
any
human
doing
all
the
bureaucracy
by
by
themselves,
because
then
you
know
that
just
doesn't
scale.
A
A
I've
seen
in
the
past,
in
big
companies
like
lyft
and
twitter,
when
interacting
with
some
kind
of
source
control
repository,
is
to
build
some
kind
of
custom,
github,
app
or
other
app
that
consume
events,
for
example
from
github,
and
codifies
the
required
behavior
that
enforced
and
supported
inside
the
company
in
code
in
this
app-
and
it's
usually
not
really
reusable
and
a
lot
of
containers
are
also
grad
and
bitrate,
and
that
causes
a
lot
of
pain
when
the
company
goes
further
on.
Also.
A
This
is
not
really
appropriate
for
a
lot
of
projects
that
are
open
source
that
not
all
the
time
have
the
correct
the
appropriate
resources
to
deploy
and
develop.
Such
a
thing,
there
are
some
custom
applications
that
are
out
in
the
wild,
but
combining
them
all
together
is
a
bit
problematic
when
doing
such
an
approach.
A
So
this
is
a
traditional
pro
approach,
and
what
actually
I'm
proposing
here
is
repo
kit.
Repocator
is
something
that
does
actually
most
of
the
work
for
you.
It's
replacing
your
internal
internal
github
app
or
some
other
integration
that
you're
using
it
with
one
product
that
take
care
of
most
of
the
let's
say:
non-business
related
issues,
for
example.
All
of
this
is
now
taken
care
of.
If
previously,
you
needed
to
maintain
all
this
and
care
about
all
this
stuff,
now
you
need
only
to
care
about
only
the
behavior
that
you
you
you
need.
A
A
I
found
that
starlock,
which
is
part
of
bazel,
is
actually
perfect
for
this
stuff.
Stalac
is
a
language
internet
for
use
as
a
configuration
language.
It
was
designed
for
bazel
build
system,
but
may
be
useful
for
other
projects
as
well,
which
I'm
very
happy
to
use.
Salax
allows
for
deterministic
evaluation,
hermetic
execution
and
parallel
evaluation,
which
is
exactly
what
you
need,
because
this
allows
for
a
jade,
low-cost,
low
overhead,
serverless
and
serverless
architecture,
where
only
starla
code
is
executed.
A
A
A
The
repo
keta
engine
actually
takes
consumer
event
from
the
github
app,
and
they
can
also
call
a
various
api
functions
on
github.
It
executes
a
startup
streak
on
demand
which
will
expand
where
they
reside
and
how
they
are
written
very
soon,
and
it's
variable
facilities
that
we
can
use
in
order
to
actually
make
it
easier
to
do
the
stuff
that
we
want.
For
instance,
we
got
tracing.
We
can
actually
have
a
very
nice
ui.
That
shows
exactly
what
the
repo
takita
script
actually
doing
or
done
any
persistent,
and
you
can
introspect
it
in
any.
A
Given
time
we
have
secrets
that
we
can
be
supplies
to
the
script
and
there's
also
per
issue
per
pr
context,
which
we'll
elaborate
on
later.
On
the
other
side,
there
is
also
a
ui,
currently
quite
simple,
but
it's
going
to
be
improved
later,
on
which
the
nice
cat
lady
here
can
interact
with,
with
all
the
components
using
it
demo
time.
I
will
demonstrate
now
how
you
can
enforce
a
bug
notation
in
a
pr.
B
B
B
A
A
There's
a
lot
of
stuff
that
actually
included
in
repo
kit
that
gives
us
in
order
to
focus
on
what
we
actually
need
to
write
and
not
turning
various
other
services.
For
example,
repo
kit
includes
tooling
and
apis
for
frequently
less
capability.
As
I
said
before,
secret
management,
digital
debug
output,
using
tracing
github
api
access
function,
permission
model,
which
you
github
does
not
give
you,
and
we
can
actually
use
the
gripo
kitty
to
actually
enforce
it
models
with
version
piping
and
much
more.
So
how
does
it
all
work
in
the
root
of
the
repo?
A
There
is
a
file
called
replicated.star.
This
file
actually
is
the
root
module
and
whenever
there
is
some
kind
of
event
that
needs
to
be
exited
upon
repertoire,
node
how
to
open
this
file
and
evaluate
it.
This
is
a
very
simple
example
of
how
to
write
a
very
simple
repocket
script.
In
this
instance,
we
are
registering
a
slash
command
when
you
type,
let's
say
in
the
comment,
slash
backboard.
What
will
happen?
A
Handles
command,
actually
register
a
command
header
that
is
executed
on
slash
commands.
This
is
a
simple
demonstration
from
a
pr
on
envoy
someone
do
it
slash
backward
and
you
can
see
that
repokete
added
required
label
on
the
pr.
This
is
an
example
of
documentation
from
the
reference
manual
that
you
can
actually
look
up
online.
Even
now,
if
you
want
it
shows
you
the
github
module
that
has
an
issue
label
function,
which
is
the
description
of
each
argument
and
also
it
can
point
you
to
the
appropriate
github
api
that
it
actually
accesses.
A
This
is
an
excerpt
from
a
module
that
supplies
by
repocator,
which
you
can
check
out
later.
In
this
case,
we
register
a
pull
request
event.
When
we
get
a
pull
request
event
from
github,
we
can
actually
perform
stuff
on
it
if
you're
not
really
familiar
with
polar
cost
event.
Just
go
to
this
link
and
read
about
it.
It's
not
that
difficult.
A
In
this
case,
we
handle
the
synchronized
action
in
the
pull
request,
and
you
can
actually
see
that
we're
doing
some
high-level
operations
here,
according
to
some
criteria
that
we
saw
in
this
module
handlers
receive
context
when
executed.
As
you
can
see
in
the
definition,
depth,
pull
request,
action
and
labels.
These
are
actually
populated.
Dynamically
depends
on
what
parameter
you
specify
to
the
pull
request
you
can
see
where
these
parameters
come
from
a
bit
later.
A
A
A
Some
generic
modules
are
supplied
for
you
as
part
of
repo
keter,
and
they
are
open
source
and
they
are
in
this
bus
a
it's
actually
being
supplied
to
the
reconcile
method
which
is
registered
using
handler's
command.
So
when
there
is
slash
check
owners
being
typed
into
a
comment,
the
reconcile
is
being
called
with
the
config
argument
and
the
config
argument
is
supplied
to
get
specs
which
can
load
the
passes
parameter
from
there.
So
there
is
another
way
to
load
modules,
which
is
using
the
starloc
load
statement
load.
A
Actually,
instead
of
registering
handler
on
modules
and
stuff,
like
that,
what
he
does
it
brings
a
function
it
defined
in
another
module
may
be
an
internal
repo
kit,
a
module
like
test
here
or
lie
on
another
sl
party
module
like
utils
and
circle
c
high
ear
and
bring
the
function
that
is
defined
there
inside
the
context
that's
being
evaluated.
For
instance,
the
text.match
here
is
being
called
after
reloaded.
A
A
A
This
is
useful
when
a
state
need
to
be
stored
for
use
later,
for
example,
in
this
case,
in
the
excel
form
repo
kit
owner
check
module,
we
actually
store
who
approved,
which
passes
in
pr
this
allow
later
on,
to
see
if
all
relevant
passes
were
approved
and
by
whom
you
can
supply
secrets
to
module.
In
this
case,
we
are
using
the
get
second
function
to
fetch
a
registered
a
branch
registered,
a
secret
that
was
supplied
using
the
replicator
ui
to
a
module.
We
are
using
the
getsecret
function.
A
The
get
secret
can
be
called
only
in
the
root
model,
meaning
only
replicated
dot
star.
In
this
case,
we
actually
can
also
specify
secret
url
to
http
when
any
parameter
begins
with
the
word
secret
underscore,
it
will
not
be
seen
in
the
tracers
later
on
and
it
will
not
leak
and
replicated
debug
information.
This
will
be
a
little
more
clear
when
I
explain.
A
Traces
here,
I'm
explaining
traces,
so
let's
say
that
repocket
issued
some
kind
of
a
comment
to
in
your
pr.
In
this
case,
this
is
an
example
for
owner
checks,
customers,
owner
check
for
envoy,
and
you
can
see
that
there's
a
little
smiling
cat
in
the
bottom.
When
you
expand
it,
what
happens?
You
can
actually
see
a
little
bit
of
debug
information
about
how
this
event
will
process.
A
A
You
can
press
the
evaluation
tab
and
then
you
have
a
lot
of
information
about
how
the
event
was
actually
evaluated.
First
thing
that
it's
interesting
is
the
context.
The
context
is
what
the
parameters
that
are
given
to
the
handlers
can
take
the
information
form.
This
is
an
example
of
a
context.
Every
filter
can
be
consumed
inside
an
event
handler.
All
you
need
to
see
to
do
is
just
specify
its
name
as
a
parameter
for
the
event
handler
and
it
will
populate
for
you
when
it's
called
another
interesting
stuff.
Is
that
calls
tracing?
A
If
you
expand
the
course,
you
can
see
all
the
methods
that
were
called
from
your
script.
The
dollar
sign
be
before
the
use
say
that
this
function
can
be
used
only
in
the
root
module.
You
can
see
the
all
the
models
that
were
used,
along
with
the
configuration
sense,
the
secrets,
because
it
begins
with
secret
underscore,
and
you
can
also
see
an
example,
github
call
and
exactly
what
the
github
call
returned.
A
Let's
see
now
pin
draft
and
modules
pin
draft
has
actually
all
the
references
that
will
pin
in
case
on
alvo.
You
will
always
pin
the
repo
kit
the
modules
to
a
specific
shot
that
case.
If
the
mode
was
getting
updated,
we
can
actually
wrap
in
it
in
envoy
to
adopt
it,
and
these
are
all
the
models
that
were
loaded.
The
laws,
along
with
the
exact
shot
that
were
taken
from
this,
is
very
useful
for
debugging.
A
A
When
they're
expecting
some
kind
of
response
from
someone,
they
do
slash
weight
and
it
will
label
the
issue
as
waiting
and
whenever
someone
else
or
even
them
write
a
new
comment.
It
will
just
unlabel
it
and
then
they
know
there's
a
reply
there
and
another
command
backboard,
which
adds
a
backport
a
label
to
apr.
A
A
So
github
actions
you
probably
under
asking
okay.
So
what's
wrong
with
github
actions,
nothing
is
wrong
with
the
github
actions.
Github
actions
essentially
supply
the
same
functionality.
The
difference
is
that
actions
are
more
optimized
for
long-running
processes.
Like
crm
deployment,
you
can
do
shorter
stuff,
but
will
better
slightly
higher
latency
for
the
stuff,
which
is
not
very
comfortable.
A
They
are
more
resource,
intensive
intensive
and
are
generally
more
cumbersome
to
implement,
as
they
require
document
containerization,
which
has
more
levels
of
moving
parts.
That's
resulting
in
a
slow
turnaround.
Time
and
time
to
you
know
to
take
you
to
actually
get
the
action
to
run
and
to
be
developed.
Ripper
kitty
is
optimized
for
short
running
actions
enables
much
lower
latency,
faster
turnaround
time
and
lower
cost,
because
we
are
actually
using
something
that
is
very,
very
low
over
at
last
starlock
in
in
the
process
or
in
a
separate
process
for
a
higher
security.
A
There
is
no
containerization
waiting
for
kubernetes
to
spin
up
another
port
or
container
and
stuff
like
that.
You
just
get
the
event
and
once
as
fast
as
possible,
we
actually
have
a
very
few
instances
of
gpc
in
gcp
for
android
and
I
think
the
highest
cpu
that
I
ever
got
was
about
two
or
three
percent.
So
if
you
need
something
that
is
very
low
cost
and
very
lean
and
mean
this
is
for
you.
A
So
what's
in
the
future
of
if
you're
replicated,
there's
still
a
lot
to
be
done,
it's
working
very
nicely
for
about
two
years
for
a
envoy
now,
but
I
would
really
like
to
integrate
it
into
gitlab,
which
will
be
awesome
which
I'm
working
on
right
now.
Also
it
shouldn't
be
hard
to
take
it
and
put
it
on
premise.
A
If
you
need
which
I
was
paying
a
lot
of
money,
let's
say
for
to
github
improved
ui,
currently
device
pretty
minimal,
it's
very
effective,
but
it's
very
minimal,
also
script
testing
and
some
kind
of
github
fake
to
enable
the
script.
Testing
is
very
high
in
the
priority
priority
list
and
also
something
is
very
high,
even
more
documentation
that
I
have
now
in
order
to
import
more
people.
A
And
so
my
experience
showed
me
that
people
actually
getting
on
board
and
on
boarded
on
re-pocketing,
very,
very
fast,
which
makes
me
happy,
I'm
looking
for
more
projects
so
go
and
go
to
a
repo
kitty.
Dot
io
stretch
wait
list,
and
if
you
want
sound
yourself
there
and
I'll
get
to
you
the
moment
that
I
can
onboard
more,
which
is
pretty
fast,
I
just
want
people
to
come
for
more
information.
There
is
repocite.io.
A
B
A
B
A
B
B
B
A
A
A
A
A
I
can't
say
enough
how
much
starlock
is
awesome,
especially
the
implementation
that
alan
donovan
and
yeah.
I
think
that
there's
really
no
need
to
create
a
container
for
anything
just
go,
and
you
know
if
you
have
some
kind
of
general
environment
like
lua
or
on
star
luck,
you
you
can
actually
use
this.
Maybe
I'll
talk
in
the
future,
some
other
place
about
the
benefits
of
such
environment.
I
think
it
could
be
very.