Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From devops
Create, evaluate, and optimize GitHub Actions workflows and custom actions for CI/CD pipelines, troubleshooting, security analysis, performance tuning. Covers Ruby/Rails, TypeScript/Node.js, Heroku, Fly.io deployments.
npx claudepluginhub el-feo/ai-context --plugin devopsHow this skill is triggered — by the user, by Claude, or both
Slash command
/devops:github-actionsThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
GitHub Actions automates software workflows with event-driven CI/CD pipelines. Workflows are YAML files in `.github/workflows/` that define jobs, steps, and actions triggered by repository events.
Generates GitHub Actions workflows, custom action.yml files (composite, Docker, JavaScript), and reusable workflows for CI/CD pipelines and automation.
Write and optimize GitHub Actions workflows. Use when creating CI/CD pipelines, configuring workflow triggers, managing artifacts, or debugging workflow runs.
Writes and optimizes GitHub Actions workflows for CI/CD pipelines, triggers, jobs, steps, secrets, artifacts, and debugging runs.
Share bugs, ideas, or general feedback.
GitHub Actions automates software workflows with event-driven CI/CD pipelines. Workflows are YAML files in .github/workflows/ that define jobs, steps, and actions triggered by repository events.
Action types:
.github/workflows/*.yml)@actions/toolkit# .github/workflows/ci.yml
name: CI
on:
push:
branches: [main]
pull_request:
branches: [main]
permissions:
contents: read
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run tests
run: npm test
Ruby/Rails with RSpec:
- uses: ruby/setup-ruby@v1
with:
ruby-version: .ruby-version
bundler-cache: true
- name: Setup database
env:
RAILS_ENV: test
run: bin/rails db:setup
- run: bundle exec rspec
TypeScript/Node.js:
- uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'npm'
- run: npm ci
- run: npm run build --if-present
- run: npm test
Deploy to Fly.io:
- uses: superfly/flyctl-actions/setup-flyctl@1.5
- run: flyctl deploy --remote-only
env:
FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}
act or GitHub CLI to test before pushingAlways set GITHUB_TOKEN permissions to read-only:
permissions:
contents: read
Pin actions to commit SHA (most secure):
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
Use OIDC for cloud deployments (credential-less):
permissions:
id-token: write
contents: read
Avoid pull_request_target with untrusted code - runs in base repository context with access to secrets
Never log secrets - use ::add-mask:: for dynamic values
Validate user-controlled inputs via environment variables:
- env:
TITLE: ${{ github.event.issue.title }}
run: echo "Title: $TITLE"
For complete security guidelines, see references/security-checklist.md.
timeout-minutes (jobs default to 6 hours)fetch-depth: 0 when full history isn't neededCancel outdated runs to save resources:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
For detailed information on specific topics:
@actions/toolkitact for local testingPre-deployment:
Post-deployment: