GitHub Git Operations Are Down (opens in new tab)

The nice thing about git, from my perspective, is that if your entire hosted service vanishes, you can still reconstruct what you need from your users’ working directories. All of the important branches should be there. Somewhere. And any important integration branches that aren’t cached can be reconstructed.

Of all the many dependencies on cloud services, git is by far the last I’d worry overly much about.

Let's say you self-host Github. Now you are responsible for maintaining uptime, and you have less expertise with the service and less resources to dedicate to keeping it up, so it's going to be hard to match, much less exceed the uptime of Github cloud.

And it doesn't protect you from a "forced exit" either. Github could terminate your contract, and change the terms of the license in a way that you found unacceptable, or even go out of business, and being self hosted would leave you in no better position than if you had used cloud with external backups. You can somewhat mitigate this risk by self hosting an open source solution, so that in the worst case scenario, you can fork the project and maintain it yourself, but there is still risk that the project could be abandoned, or possibly have the license changed in future versions.

To be clear, I'm not saying that you shouldn't self host and SaaS is always better. But it isn't a magic bullet that solves these problems.

I don't see how self-hosting solves the problem of 3rd party vendors unless you're standing up a self-hosting solution as a hot/cold backup to your 3rd party vendor "in the event of an extended outage".

Kinda eliminates all those pennies saved (in theory) for outsourcing to "the cloud" if you have to duplicate your infra.

Hybrid has always seemed the most optimal approach, but there's always someone in charge who thinks spending money on safety nets is just wasted money.

but if you self host, how do you anticipate power outages and natural disasters?

you shift it from a problem of software reliability to a problem of physical infrastructure. at some point in the chain somebody has to do that, but i'd prefer the person doing that was somebody with DEEP experience in it that could give you some nice confident assurances.

I work on one part of a huge suite of interconneted services that have extremely strict SLAs for up-time. It really is an interesting problem, and the quantity of engineering resources devoted to ensuring availability and avoiding downtime -- basically fighting to make inherently unstable, complex systems stable and reliable -- is dumbfounding.

When I'm trying to explain to people what it's like to work on this kind of software, I like to use an analogy: it's as though I have my own personal brick, or group of bricks, in the great pyramids of Egypt, just a a tiny piece of a stupefyingly, inconceivably larger whole -- and when I twist my chisel and strike my block just so, at exactly the right (or rather the wrong) angle, I can shake the very foundations of Egypt.

That's a lot of overhead. Do you know how they are calculating the possible risk of these events? It feels like there are a million rabbit holes like this you could go down when modern infrastructure is so cloud connected.

Is the risk of your git repos higher than a chip shortage causing you to lose access to the infrastructure you need? So many factors to consider. A chip shortage doesn't seem that unlikely with geopolitics.

The list of scenarios you mitigate for seem like they could very easily be an arbitrary list of the of scenarios a single person came up with.

First pay a consultancy a fortune to tell you which SaaS you are able to use based on compliance requirements. Then run your own IdP, use service providers that have a data takeout mechanism, take regular backups, and use standards-based technology. Line up a self-hosted fallback for each non-self-hosted option for if you're forced to exit them. Basically you line up the exit strategy for the auditors but hope you never have to use it.

My company is replacing the entire system we built with Github actions. Our previous DR plan involved running our automation scripts to reprovision the infrastructure that manages the rest of the infrastructure (runs jenkins jobs, etc).

They are replacing everything with Github actions. I wonder what they are going to do when Github is down.

GitHub not being available for 45 minutes is not an "extended outage".

And the ultimate problem that you don't need a solution for, until you _need_ it. Which often leads to "yeah we have backups" but without regular testing, can you trust them?

people could not be more clear that their preference is for reliable and easy-to-use centralized services maintained by professionals, and not decentralized systems that require a great deal of user expertise

Yes, conveniences like:

- A canonical name and place on the web;

- Access policy enforcement (who can commit and when);

- The whole pull request thing, with tags, issues, review, discussion, etc linked to it;

- Code review, linked to said policy enforcement;

- Issue tracking, even as basic as what GitHub offers;

- A trusted store for signing keys, so commits are verified;

- CI/CD triggers and runners;

- A page with releases, including binary releases, and a CDN allowing to use the download links without fear.

This is way more than distrusted version tracking. Actually the above is not even married to Git; it could be as valuable with Mercurial, or even Perforce.

This is a large product, actually a combination of many potentially self-contained products. It should not be compared to Git, but rather to Gitea or BitBucket. Not all of this can be reasonably decentralized, though quite a bit can.

I don’t know anyone beyond hobbyist hackers who want to set up and maintain this stuff for themselves.

As a professional software developer, I want tools that just work that I can rely on. GitHub 99.99% uptime is something I can rely on.

> Too bad Git lacks a distributed bug tracker

Not your point, really, but fortunately, git is easily extensible. This in-repo issue tracker is surprisingly feature complete: https://github.com/git-bug/git-bug. Anyone else given it a whirl?

Counterpoint: it's a 45 minute outage once in a blue moon. Very small price to pay for the convenience of a centralized VCS with many features that aren't easy to reliably set up in standalone installations.

I've been keeping an eye on radicle[1] but the documentation for setting up a peer and web frontend is a bit complex. It seems to offer what you're describing: a "decentralized" Git frontend with issue tracking. Seems to be missing wiki functionality, however.

[1] https://radicle.xyz/

Git is distributed. Distributed system does not guarantee 100% uptime or real time consistency. You can take the whole history with you and push to a different remote.

Is there a world in which GitHub used an open protocol for the social network part of their product like BlueSky's AT protocol[0]?

[0] https://docs.bsky.app/docs/advanced-guides/atproto

Contrary to popular belief, sarcasm makes you harder to understand and is no longer cool

People said that when GitHub got bought out, and only more people ended up moving there. It's really not fun to manage your own Git servers, and when things go down, they get fixed much slower than in-house hosted version of it.

It's this type of negativity ruining the internet. Nothing thoughtful to say, nothing to add, and hoping for failure. I hope everything is okay over there...

The GitHub wikis are actually git repos.

If you have a local development setup, few hours of not being able to push should be a not problem most devs.

Except if you have a release planned but most don't at that time, statistically.

Problem is that people get comfortable with pushing to branch -> deploying in dev and testing from there.

git was never really decentralized though. The whole system is aggressively a funnel towards central repositories, it's just that because it deals in whole repos, every git repo has the potential to be promoted to that role.

Nothing is built into git to let it actually run decentralized: there's no server or protocol where someone can register say, an identifying public key and then just have a network of peers all communicate updates to each other. It's even pretty damn unsafe to just run a repo through basic file-sync (I do this for myself with syncthing with bare repos in a special folder, which seems to work fine but I'm hardly loading it up to chase down why it doesn't).

> Too bad Git lacks a distributed bug tracker

Well there is https://github.com/git-bug/git-bug

> Too bad Git lacks a distributed bug tracker

Email and mailing lists?

Makes me wish for the good old days of git-ssb

Convenience is nice.

I mean I could very easily still push to another remote until it comes back? I do not feel locked in at all.

Status pages are rarely honest. The company will lie to salvage their SLA. "Degraded performance" or "some customers are experiencing an elevated error rate" should be interpreted as "service unavailable / outage"

Yeah, I've been trying to check out the SDL3 suite for the last hour or so, and it's still failing on SDL_ttf...

fatal: clone of 'https://github.com/libsdl-org/freetype.git' into submodule path '~/src/SDL/SDL_ttf/external/freetype' failed

...

fetch-pack: unexpected disconnect while reading sideband packet fatal: early EOF fatal: fetch-pack: invalid index-pack output

...

fatal: clone of 'https://github.com/libsdl-org/harfbuzz.git' into submodule path '~/src/SDL/SDL_ttf/external/harfbuzz' failed Failed to clone 'external/harfbuzz'. Retry scheduled

...

Failed to clone 'external/freetype' a second time, aborting

For a problem that's supposedly "fixed" that's a whole lot of errors...

well on my side I'm the proud owner of a new ed25519 key.. The status page didn't update quick enough

I for a second thought was I getting fired

I thought my account was hacked and ssh keys removed. Panicked a little bit and then double checked that my keys were still there.

Then went to github status and calmed down.

Was trying to install homebrew on a device and kept wtfing because the clone step kept failing… thought I was crazy

I had just upgraded to Windows 11 last week, and for some godforsaken reason earlier today, I could SSH via WSL but not from the host OS even though they were both using keys served from the Windows OpenSSH agent! I'm just going to blame this service outage and hope for the best tomorrow.

Same - but created new keys :) ... which also didn't work, and then I went to check... oh well.

GIT is down today, Code rests in snowy silence, Developers play.

Spent like 30 mins tryig to figure out why ssh auth was not working. Compared sha256 signatures, doubted my reading abilities and pulled my hair.

same here I was scratching my head trying to figure out if something had corrupted my system or what

damn, why couldnt it happen during east coast business hours?

Agreed, I wonder what their downtime percentage is. If guess it's down on the order of one hour per month, so 1/1000.

Update: They promise >99.9% on a quarterly basis for enterprise customers - https://github.com/github/docs/blob/main/content%2Fsite-poli...

The whole product feels like it’s getting g progressively jankier.

The front-end is glacial nowadays and frequently has issues actually loading the page, actions frequently has some kind of panic attack and breaks or just grinds along a glacial speeds. The UX has gotten worse (why no merge-queue button?).

I'm not sure if it's just me but I swear GitHub UI is one of the slowest web app I've used.

JFYI, the next version of gitea (which should come out in April) will have full GitHub mirroring functionality (which will let you set up a mirror and have it pull code/issues/wiki/PRs/etc. every few minutes). The current version can either migrate the full repo once, or mirror the code and nothing else.

Consider Forgejo: https://forgejo.org/.

Gitea works for us.

What's the point of having a mirror? It'll only lead to conflicts that'll be difficult to resolve once the main service you use is back up again.

For example, I doubt you would be able to easily merge any pull-requests or use the same CI/CD code for the same services without hacky solutions.

I did :(

Is it possible to download a zip of a repo through the GUI?

Yeah, this is not good. I've experienced other outages on their other products (e.g. GitHub Actions), but not even being able to do a basic git pull is an entirely different level.

True. Also there's no reason not to stick with GitHub when Git itself is distributed by nature. That's the beauty of distribution.

Back up now for me.

it'd be great if they set up their CLI tools such that

if there's an error/timeout, they'll do a check of their status page so you don't get the standard 'error' but rather a 'dont worry, youre not doing anything wrong. its borked, our bad' message.

Who said it was an infrastructure failure?

There's innumerable causes of this kind of failure that aren't rooted cloud service provider shenanigans

(Admittedly the duration of the outage does "feel" like an infra outage)

Acquisition.

ducks

Have you never fixed a prod-specific bug before? They’re common enough, and it sounds like they patched this one within a reasonable amount of time.

That’s expensive, I get it for free with GitHub. And a loooot more functionality.

They are going to get DDoS's by people trying to do this haha.