install
source · Clone the upstream repo
git clone https://github.com/ComeOnOliver/skillshub
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/ComeOnOliver/skillshub "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/andrewneilson/github-actions-skill/github-actions-skill" ~/.claude/skills/comeonoliver-skillshub-github-actions-skill && rm -rf "$T"
manifest:
skills/andrewneilson/github-actions-skill/github-actions-skill/SKILL.mdsource content
GitHub Actions Skill
This skill helps write and modify GitHub Actions workflows and custom actions.
Workflow Basics
Workflows are YAML files stored in
.github/workflows/Minimal Workflow Structure
name: CI # Optional: Display name on: push # Trigger event(s) jobs: build: # Job ID (must be unique) runs-on: ubuntu-latest # Runner environment steps: - uses: actions/checkout@v5 # Use an action - run: echo "Hello" # Run a command
Triggers (on:)
Common Events
on: push # Any push on: [push, pull_request] # Multiple events on: push: branches: [main, 'releases/**'] # Branch filter paths: ['src/**'] # Path filter pull_request: types: [opened, synchronize] # Activity types workflow_dispatch: # Manual trigger inputs: environment: description: 'Deploy target' required: true type: choice options: [dev, staging, prod] schedule: - cron: '0 0 * * *' # Daily at midnight UTC
Key Events Reference
| Event | Use Case |
|---|---|
| Commits pushed to branches/tags |
| PR opened, updated, closed |
| PR from fork (runs in base context) |
| Manual trigger with inputs |
| Reusable workflow |
| Cron-based scheduling |
| Release published/created |
| After another workflow completes |
Jobs
Job Dependencies and Outputs
jobs: build: runs-on: ubuntu-latest outputs: version: ${{ steps.version.outputs.value }} steps: - id: version run: echo "value=1.0.0" >> "$GITHUB_OUTPUT" deploy: needs: build # Depends on build job runs-on: ubuntu-latest steps: - run: echo "Deploying ${{ needs.build.outputs.version }}"
Job Conditions
jobs: deploy: if: github.ref == 'refs/heads/main' runs-on: ubuntu-latest
Matrix Strategy
jobs: test: strategy: matrix: os: [ubuntu-latest, windows-latest] node: [18, 20] exclude: - os: windows-latest node: 18 include: - os: ubuntu-latest node: 20 coverage: true runs-on: ${{ matrix.os }} steps: - uses: actions/setup-node@v4 with: node-version: ${{ matrix.node }}
Steps
Using Actions
steps: - uses: actions/checkout@v5 # Public action (owner/repo@ref) - uses: actions/checkout@8f4b7f84... # Pin to commit SHA (most secure) - uses: ./.github/actions/my-action # Local action - uses: docker://alpine:3.8 # Docker image
Running Commands
steps: - run: npm install - run: | echo "Multi-line" echo "commands" shell: bash working-directory: ./app
Step Conditions
steps: - run: echo "Always runs" if: always() - run: echo "On failure" if: failure() - run: echo "Main branch only" if: github.ref == 'refs/heads/main' - run: echo "Not cancelled" if: ${{ !cancelled() }}
Expressions and Contexts
Expression Syntax
Use
${{ expression }}if:${{ }}Common Contexts
| Context | Description |
|---|---|
| Workflow run info (ref, sha, actor, repository) |
| Environment variables |
| Repository/org variables |
| Secrets |
| Step outputs |
| Job outputs |
| Matrix values |
| Runner info (os, arch) |
Useful Expressions
# Context access ${{ github.event_name }} ${{ github.ref_name }} ${{ github.sha }} ${{ github.actor }} # Conditionals ${{ github.ref == 'refs/heads/main' }} ${{ contains(github.event.head_commit.message, '[skip ci]') }} ${{ startsWith(github.ref, 'refs/tags/') }} # Default values ${{ github.head_ref || github.run_id }} # JSON manipulation ${{ toJSON(github.event) }} ${{ fromJSON(needs.job1.outputs.matrix) }}
Built-in Functions
| Function | Example |
|---|---|
| |
| |
| |
| |
| |
| |
| |
| |
Secrets and Variables
Accessing Secrets
steps: - run: echo "Token: $TOKEN" env: TOKEN: ${{ secrets.MY_TOKEN }} - uses: some-action@v1 with: api-key: ${{ secrets.API_KEY }}
Environment Variables
env: # Workflow-level NODE_ENV: production jobs: build: env: # Job-level CI: true steps: - run: echo $MY_VAR env: # Step-level MY_VAR: value
Setting Outputs
steps: - id: set-output run: echo "result=success" >> "$GITHUB_OUTPUT" - run: echo "${{ steps.set-output.outputs.result }}"
Runners
Common labels:
ubuntu-latestwindows-latestmacos-latestruns-on: [self-hosted, linux, x64]references/RUNNERS.mdPermissions
permissions: contents: read pull-requests: write id-token: write # Required for OIDC # Or disable all permissions: {}
Concurrency
concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true
Artifacts and Caching
Upload/Download Artifacts
- uses: actions/upload-artifact@v4 with: name: build-output path: dist/ - uses: actions/download-artifact@v4 with: name: build-output
Dependency Caching
- uses: actions/cache@v4 with: path: ~/.npm key: ${{ runner.os }}-npm-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-npm-
Environments
jobs: deploy: environment: name: production url: https://example.com runs-on: ubuntu-latest
Reusable Workflows
Calling a Reusable Workflow
jobs: call-workflow: uses: owner/repo/.github/workflows/reusable.yml@main with: input1: value secrets: token: ${{ secrets.TOKEN }}
Creating a Reusable Workflow
on: workflow_call: inputs: environment: required: true type: string secrets: token: required: true jobs: deploy: runs-on: ubuntu-latest steps: - run: echo "Deploying to ${{ inputs.environment }}" env: TOKEN: ${{ secrets.token }}
Common Patterns
Checkout and Setup
steps: - uses: actions/checkout@v5 - uses: actions/setup-node@v4 with: node-version: '20' cache: 'npm' - run: npm ci
Conditional on File Changes
on: push: paths: - 'src/**' - '!src/**/*.md'
Run on Tag Push
on: push: tags: - 'v*'
Workflow Commands Quick Reference
# Step outputs (use in later steps via steps.<id>.outputs.<name>) echo "name=value" >> "$GITHUB_OUTPUT" # Set environment variable for subsequent steps echo "VAR_NAME=value" >> "$GITHUB_ENV" # Job summary (supports markdown) echo "### Build Results :rocket:" >> "$GITHUB_STEP_SUMMARY" echo "| Test | Status |" >> "$GITHUB_STEP_SUMMARY" echo "| --- | --- |" >> "$GITHUB_STEP_SUMMARY" echo "| Unit | Passed |" >> "$GITHUB_STEP_SUMMARY" # Add to PATH for subsequent steps echo "/path/to/tool" >> "$GITHUB_PATH" # Log annotations echo "::error file=app.js,line=10::Something failed" echo "::warning::Deprecation notice" echo "::notice::FYI message" # Mask a value from logs echo "::add-mask::$SECRET_VALUE"
See
references/WORKFLOW-COMMANDS.md::group::::debug::Key Limits
| Limit | Value |
|---|---|
| Workflow run time | 35 days |
| Job execution time | 6 hours (self-hosted: unlimited) |
| Matrix combinations | 256 per workflow |
| Concurrent jobs (Free) | 20 (macOS: 5) |
| Concurrent jobs (Team/Enterprise) | 60 (macOS: 5) |
| Workflow file size | 512 KB |
| Caches total per repo | 10 GB |
| Artifact retention | 90 days (configurable) |
| Log retention | 400 days (configurable to 90) |
See
references/LIMITS.mdTroubleshooting
- Workflow not triggering: Check branch/path filters, verify file is in
.github/workflows/ - Permission denied: Add required
blockpermissions: - Secret not found: Verify secret name matches exactly (case-sensitive)
- Step output empty: Ensure using
(not deprecated set-output)>> "$GITHUB_OUTPUT" - Matrix job failing: Check
/exclude
syntax and valuesinclude - Debug logging: Re-run workflow with
orACTIONS_RUNNER_DEBUG: trueACTIONS_STEP_DEBUG: true
References
Core:
- Full workflow YAML syntaxreferences/WORKFLOW-SYNTAX.md
- Contexts, functions, operatorsreferences/EXPRESSIONS.md
- Event types and filteringreferences/TRIGGERS.md
- GITHUB_OUTPUT, GITHUB_ENV, annotations, job summariesreferences/WORKFLOW-COMMANDS.md
- Time limits, quotas, rate limits by planreferences/LIMITS.md
Build and deploy:
- Creating custom actions (JS, Docker, composite)references/ACTIONS.md
- Runner specs, self-hosted configurationreferences/RUNNERS.md
- Common workflow patternsreferences/PATTERNS.md
- CI setup per language (Node, Python, Java, Go, Rust, Ruby, .NET, Swift)references/LANGUAGE-CI.md
- Publish to npm, PyPI, Docker Hub, GHCR, Maven Centralreferences/PUBLISHING.md
- Deploy to AWS, Azure, GCP with OIDCreferences/CLOUD-DEPLOYMENTS.md
Security and ops:
- Secrets, OIDC (AWS/Azure/GCP), attestations, script injectionreferences/SECURITY.md
- Migrate from Jenkins, Travis CI, CircleCI, GitLab, Azure DevOpsreferences/MIGRATION.md
- ARC, runner groups, larger runners, billing, private networkingreferences/ENTERPRISE.md