Continuous Integration and Continuous Delivery (CI/CD) pipelines have revolutionized the Software Development Life Cycle (SDLC) by automating the building, testing, and actual deployment of your infrastructure and applications.
Jenkins is one of the oldest and most widely utilized CI/CD tools, whereas GitHub Actions simplifies CI/CD by allowing developers to create workflows natively within GitHub.
What we will cover:
Jenkins is a self-hosted CI/CD platform that is highly customizable and extendable. It allows users to automate different tasks from the SDLC. Due to its vast ecosystem of plugins, Jenkins is adaptable to different workloads and environments.
Key features:
- Open-source – Jenkins is open-source and has a rich ecosystem of plugins
- Declare pipeline as Code – With Jenkins, you can use the DSL language to define your pipelines as code
- Integrates with many programming languages – You can build pipelines for anything you can imagine
- Distributed builds – Jenkins gives you the ability to distribute workloads across multiple servers
| Pros | Cons |
| Open-source | Steep learning curve for beginners |
| Vast ecosystem of plugins | Hard to set up in large environments |
| Large community support | At scale, Jenkins can become really resource-intensive, so you will either need to provide more infrastructure for your builds or wait for others to finish. |
| Multiple programming languages and tooling support | Plugin maintenance – with the ability to integrate with many tools, comes the responsibility of maintaining all of them |
How to use Jenkins?
Jenkins can be installed on any VM, or you can even install it on your Kubernetes cluster.
To show you an example, we will install it on an existing K8s cluster using Helm:
helm repo add jenkins https://charts.jenkins.io
helm repo update
The above commands will add the Jenkins Helm charts inside my environment. Next, I will create a namespace for Jenkins:
kubectl create namespace jenkinsTo install Jenkins on the K8s cluster you can run:
helm install jenkins jenkins/jenkins --namespace jenkinsWe will need to get the initial admin password for it:
kubectl exec --namespace jenkins -it svc/jenkins -c jenkins -- /bin/cat /run/secrets/additional/chart-admin-password && echoTo access Jenkins locally, we will need to do port forwarding (you can also define an ingress if you would like to access it):
kubectl --namespace jenkins port-forward svc/jenkins 8080:8080Then, go to your browser and navigate to localhost:8080.
After logging in, you can set up a pipeline by going to the Dashboard and selecting a new item.
Example Jenkins pipeline that runs your Terraform workflow:
pipeline {
agent any
environment {
TF_IN_AUTOMATION = 'true'
AWS_CREDENTIALS = credentials('aws-credentials')
}
stages {
stage('Checkout') {
steps {
checkout scm
}
}
stage('Terraform Init') {
steps {
sh 'terraform init'
}
}
stage('Terraform Plan') {
steps {
sh 'terraform plan -out=tfplan'
}
}
stage('Approval') {
steps {
input message: 'Do you want to apply this plan?', ok: 'Apply'
}
}
stage('Terraform Apply') {
steps {
sh 'terraform apply -auto-approve tfplan'
}
}
}
post {
always {
cleanWs()
}
}
}GitHub Actions is a CI/CD platform that automates your SDLC processes. It allows you to build, test, and deploy infrastructure and applications directly from your GitHub repository by creating custom workflows. It offers various configuration options for triggers based on commits and merges, and it is highly extensible with its actions marketplace.
You can create and publish the actions you want to contribute and make other people’s lives easier.
Key features:
- Native CI/CD integration with your GitHub repositories
- Event-driven – Pipelines and steps inside the pipelines can run based on various events
- Built-in marketplace – GitHub Actions has a rich marketplace of reusable actions that you can use inside your workflows
- Self-hosted runners – GitHub Actions gives you the ability to use your own runners for building and running your workflows
| Pros | Cons |
| Tightly integrated with your GitHub repositories | Limited customization when compared to other CI/CD pipelines |
| Free for public repositories | Can become costly for large-scale usage on private repositories |
| Easy to set and use | Dependent on GitHub’s infrastructure and potential downtime |
| Runs as a SaaS but can be leveraged in self-hosted installations too | Can be less flexible for complex, non-standard build processes |
How to use GitHub Actions?
You can use GitHub Actions by simply creating a .github/worfklows directory in your repository. In this workflows directory, you can define as many yaml files as you want, and each of these files will correspond to a pipeline.
Example GitHub Actions pipeline that runs your Terraform workflow:
name: "Terraform pipeline"
on:
push:
branches: ["main"]
pull_request:
branches: ["main"]
env:
TF_IN_AUTOMATION: true
jobs:
terraform:
name: "Terraform"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-west-2
- name: Terraform Init
run: terraform init
- name: Terraform Format
run: terraform fmt -check
- name: Terraform Plan
run: terraform plan -out=tfplan
- name: Terraform Plan Status
if: steps.plan.outcome == 'failure'
run: exit 1
- name: Terraform Apply
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
run: terraform apply -auto-approve tfplanThe table below summarizes the differences and similarities between GitHub Actions and Jenkins.
| Feature | GitHub Actions | Jenkins |
| Hosting model | SaaS and Self-Hosted | Self-Hosted only |
| Setup | Easy to set up | Manual process, can be hard to set up |
| Configuration language | YAML | Groovy |
| Learning curve | Generally easier, especially for GitHub users | Steeper, more complex setup and management |
| Ecosystem | GitHub Marketplace for actions | Extensive plugins ecosystem |
| Customization | You can build your own steps and actions but also leverage custom actions | Highly customizable with plugins and scripts |
| Scalability | Auto scaling | Manual scaling and maintenance required |
| Security | Leverages GitHub’s security features | Customers are responsible for implementing security mechanisms |
| Cost | Free tier available + usage-based pricing | It’s open source, you will pay only for the underlying infrastructure |
| Artifact storage | Integrate with GitHub | Requires separate configuration or plugins |
| Self-hosted runners | Supported | Native, as there are no public workers |
| UI and dashboards | Integrated into GitHub | Separate application with customizable dashboards |
| Scheduling | Cron-like syntax | Built-in scheduling options |
| Secrets management | Built-in secrets at the repo level and org level + integrations with secret managing applications | Credentials plugin and integrations with secret managing applications |
Both GitHub Actions and Jenkins are powerful CI/CD tools that allow engineers to automate the SDLC process. They offer extensive customization options – GitHub actions using its marketplace, while Jenkins relies on a powerful plugin ecosystem.
With both of these tools you can automate the deployment of your applications independent of the programming language used, and you can also automate your infrastructure workflows (this can be cumbersome in both cases).
GitHub Actions and Jenkins allow you to use your own infrastructure for running jobs with self-hosted runners and provide ways to store and use secrets.
GitHub Actions can be used both self-hosted and as a SaaS, whereas Jenkins is self-hosted only. Pipelines are defined using different languages – GitHub Actions relies on YAML, while Jenkins uses Groovy.
Jenkins requires more time to master due to its greater complexity and customization options, while GitHub Actions’ learning curve is gentler. Their cost structure is different. Jenkins being open-source means that you will have to pay only for the infrastructure that hosts Jenkins, whereas, in GitHub Actions’ case, you get a free tier with usage-based pricing beyond that.
GitHub Actions is newer than Jenkins and has many reusable actions that you can leverage for building your pipelines. However, if you are not using GitHub for your VCS, GitHub Actions doesn’t make too much sense. Jenkins is more versatile on this point, and it can be used with any VCS. It is highly extendable with plugins but lacks a SaaS version.
There is no right or wrong between making a choice between these two, but it should always depend on what tooling you are using, and if you want to maintain a self-hosted tool for your tooling.
When it comes to infrastructure orchestration, it’s becoming clearer that generic CI/CD platforms such as GitHub Actions and Jenkins are not specialized enough to take care of everything you might need in your workflows. That’s where Spacelift shines.
With Spacelift, you get:
- Policies to control what kind of resources engineers can create, what parameters they can have, how many approvals you need for a run, what kind of task you execute, what happens when a pull request is open, and where to send your notifications
- Stack dependencies to build multi-infrastructure automation workflows with dependencies, having the ability to build a workflow that, for example, generates your ec2 instances using Terraform and combines it with Ansible to configure them
- Self-service infrastructure via Blueprints, or Spacelift’s Kubernetes operator, enabling your developers to do what matters – developing application code while not sacrificing control
- Creature comforts such as contexts (reusable containers for your environment variables, files, and hooks), and the ability to run arbitrary code
- Drift detection and optional remediation
| Spacelift | Jenkins | GitHub Actions | |
| SaaS | ✅Yes | ❌No | ✅Yes |
| Configuration process | ✅The SaaS version requires almost no configuration; the self-hosted version is easy to configure | ⚠️Requires manual setup and configuration, which can be complex | ✅The SaaS version requires almost no configuration; the self-hosted version is easy to configure. |
| Maintenance | ✅No maintenance is required for SaaS; you are in charge of updates for self-hosted. | ❌Requires regular maintenance | ✅No maintenance is required for SaaS; you are in charge of updates for self-hosted. |
| Ease of use | ✅Easy to use — you don’t need to learn a new language. | ❌Can be hard to use — you need to learn Groovy. | ⚠️Easy to use, but you need to build your pipelines using YAML and learn new concepts. |
| Dependencies workflows | ✅Yes – works out of the box | ⚠️Requires complex configuration – you need to change your code configuration and pipeline(s) to accommodate a use case like this. | ⚠️Requires complex configuration – you need to change your code configuration and pipeline(s) to accommodate a use case like this. |
| Drift detection | ✅Yes – works out of the box | ⚠️Yes – not supported natively but can be configured using third-party tools (hard process) | ⚠️Yes – not supported natively but can be configured using third-party tools (hard process) |
| Self-service workflows | ✅Yes – works out of the box | ⚠️Requires complex configuration – build dedicated pipelines for self-service that can be hard to maintain | ⚠️Requires complex configuration – build dedicated pipelines for self-service that can be hard to maintain |
| Advanced scheduling | ✅Yes – works out of the box | ⚠️Requires complex configuration – dedicated pipelines required | ⚠️Requires complex configuration – dedicated pipelines required |
| Dynamic credentials for AWS, Azure, GCP | ✅Yes – works out of the box | ❌No | ❌No |
| Policy as Code | ✅Yes – works out of the box | ⚠️Yes – you need to implement the policy + the pipeline logic. | ⚠️Yes – you need to implement the policy + the pipeline logic. |
If you want to learn more about what you can do with Spacelift, check out this article.
Download the Build vs. Buy Guide to Scaling Infrastructure as Code
GitHub Actions and Jenkins are both great choices for managing the CI/CD processes across your application deployment, but generally, they struggle when it comes to infrastructure, especially because you have to build many mechanisms to obtain a decent workflow.
If you are interested in a product that can orchestrate provisioning, configuration, and governance, across your infrastructure, Spacelift is the answer. Create a free account with Spacelift today, or book a demo with one of our engineers.
Solve your infrastructure challenges
Spacelift is a flexible orchestration solution for IaC development. It delivers enhanced collaboration, automation, and controls to simplify and accelerate the provisioning of cloud-based infrastructures.
