Discover modules > cue.dev/x/githubactions
v0.4.0

Export some parts of the schema at the top level we want to be part of the core API.

#Action: ¶
name!: string ¶

The name of your action. GitHub displays the `name` in the Actions tab to help visually identify actions in each job.

author?: string ¶

The name of the action's author.

description!: string ¶

A short description of the action.

inputs?:
click to see definition
close({
	[=~"^[_a-zA-Z][a-zA-Z0-9_-]*$"]: close({
		description!:        string
		deprecationMessage?: string
		required?:           bool
		default?:            string
	})
})
¶

Input parameters allow you to specify data that the action expects to use during runtime. GitHub stores input parameters as environment variables. Input ids with uppercase letters are converted to lowercase during runtime. We recommended using lowercase input ids.

outputs?: _ ¶
runs!: matchN(1, [#."runs-javascript", #."runs-composite", #."runs-docker"]) ¶
branding?: ¶

You can use a color and Feather icon to create a badge to personalize and distinguish your action. Badges are shown next to your action name in GitHub Marketplace.

color?: "white" | "black" | "yellow" | "blue" | "green" | "orange" | "red" | "purple" | "gray-dark" ¶

The background color of the badge.

icon?:
click to see definition
"activity" | "airplay" | "alert-circle" | "alert-octagon" | "alert-triangle" | "align-center" | "align-justify" | "align-left" | "align-right" | "anchor" | "aperture" | "archive" | "arrow-down-circle" | "arrow-down-left" | "arrow-down-right" | "arrow-down" | "arrow-left-circle" | "arrow-left" | "arrow-right-circle" | "arrow-right" | "arrow-up-circle" | "arrow-up-left" | "arrow-up-right" | "arrow-up" | "at-sign" | "award" | "bar-chart-2" | "bar-chart" | "battery-charging" | "battery" | "bell-off" | "bell" | "bluetooth" | "bold" | "book-open" | "book" | "bookmark" | "box" | "briefcase" | "calendar" | "camera-off" | "camera" | "cast" | "check-circle" | "check-square" | "check" | "chevron-down" | "chevron-left" | "chevron-right" | "chevron-up" | "chevrons-down" | "chevrons-left" | "chevrons-right" | "chevrons-up" | "circle" | "clipboard" | "clock" | "cloud-drizzle" | "cloud-lightning" | "cloud-off" | "cloud-rain" | "cloud-snow" | "cloud" | "code" | "command" | "compass" | "copy" | "corner-down-left" | "corner-down-right" | "corner-left-down" | "corner-left-up" | "corner-right-down" | "corner-right-up" | "corner-up-left" | "corner-up-right" | "cpu" | "credit-card" | "crop" | "crosshair" | "database" | "delete" | "disc" | "dollar-sign" | "download-cloud" | "download" | "droplet" | "edit-2" | "edit-3" | "edit" | "external-link" | "eye-off" | "eye" | "fast-forward" | "feather" | "file-minus" | "file-plus" | "file-text" | "file" | "film" | "filter" | "flag" | "folder-minus" | "folder-plus" | "folder" | "gift" | "git-branch" | "git-commit" | "git-merge" | "git-pull-request" | "globe" | "grid" | "hard-drive" | "hash" | "headphones" | "heart" | "help-circle" | "home" | "image" | "inbox" | "info" | "italic" | "layers" | "layout" | "life-buoy" | "link-2" | "link" | "list" | "loader" | "lock" | "log-in" | "log-out" | "mail" | "map-pin" | "map" | "maximize-2" | "maximize" | "menu" | "message-circle" | "message-square" | "mic-off" | "mic" | "minimize-2" | "minimize" | "minus-circle" | "minus-square" | "minus" | "monitor" | "moon" | "more-horizontal" | "more-vertical" | "move" | "music" | "navigation-2" | "navigation" | "octagon" | "package" | "paperclip" | "pause-circle" | "pause" | "percent" | "phone-call" | "phone-forwarded" | "phone-incoming" | "phone-missed" | "phone-off" | "phone-outgoing" | "phone" | "pie-chart" | "play-circle" | "play" | "plus-circle" | "plus-square" | "plus" | "pocket" | "power" | "printer" | "radio" | "refresh-ccw" | "refresh-cw" | "repeat" | "rewind" | "rotate-ccw" | "rotate-cw" | "rss" | "save" | "scissors" | "search" | "send" | "server" | "settings" | "share-2" | "share" | "shield-off" | "shield" | "shopping-bag" | "shopping-cart" | "shuffle" | "sidebar" | "skip-back" | "skip-forward" | "slash" | "sliders" | "smartphone" | "speaker" | "square" | "star" | "stop-circle" | "sun" | "sunrise" | "sunset" | "table" | "tablet" | "tag" | "target" | "terminal" | "thermometer" | "thumbs-down" | "thumbs-up" | "toggle-left" | "toggle-right" | "trash-2" | "trash" | "trending-down" | "trending-up" | "triangle" | "truck" | "tv" | "type" | "umbrella" | "underline" | "unlock" | "upload-cloud" | "upload" | "user-check" | "user-minus" | "user-plus" | "user-x" | "user" | "users" | "video-off" | "video" | "voicemail" | "volume-1" | "volume-2" | "volume-x" | "volume" | "watch" | "wifi-off" | "wifi" | "wind" | "x-circle" | "x-square" | "x" | "zap-off" | "zap" | "zoom-in" | "zoom-out"
¶

The name of the Feather icon to use.

#: ¶
"outputs-composite":
click to see definition
close({
	[=~"^[_a-zA-Z][a-zA-Z0-9_-]*$"]: close({
		description!: string
		value!:       string
	})
})
¶

Output parameters allow you to declare data that an action sets. Actions that run later in a workflow can use the output data set in previously run actions. For example, if you had an action that performed the addition of two inputs (x + y = z), the action could output the sum (z) for other actions to use as an input. If you don't declare an output in your action metadata file, you can still set outputs and use them in a workflow.

"post-if": string ¶

Allows you to define conditions for the `post:` action execution. The `post:` action will only run if the conditions in `post-if` are met. If not set, then `post-if` defaults to `always()`.

"pre-if": string ¶

Allows you to define conditions for the `pre:` action execution. The `pre:` action will only run if the conditions in `pre-if` are met. If not set, then `pre-if` defaults to `always()`. Note that the `step` context is unavailable, as no steps have run yet.

"runs-composite": ¶

Configures the path to the composite action, and the application used to execute the code.

using!: "composite" ¶

To use a composite run steps action, set this to 'composite'.

steps!:
click to see definition
[...matchN(1, [{
	run!:   _
	shell!: _
	...
}, {
	uses!: _
	...
}]) & close({
	run?: string
	shell?: matchN(>=1, [string, "bash" | "pwsh" | "python" | "sh" | "cmd" | "powershell"])
	uses?: string
	with?: {
		...
	}
	name?: string
	id?:   string
	if?:   string
	env?: matchN(1, [{
		[string]: bool | number | string
	}, #stringContainingExpressionSyntax])
	"continue-on-error"?: matchN(1, [bool, #expressionSyntax])
	"working-directory"?: string
})]
¶

The run steps that you plan to run in this action.

"runs-docker": ¶

Configures the image used for the Docker action.

using!: "docker" ¶

You must set this value to 'docker'.

image!: string ¶

The Docker image to use as the container to run the action. The value can be the Docker base image name, a local `Dockerfile` in your repository, or a public image in Docker Hub or another registry. To reference a `Dockerfile` local to your repository, use a path relative to your action metadata file. The `docker` application will execute this file.

env?: matchN(1, [{ [string]: bool | number | string }, #stringContainingExpressionSyntax]) ¶

Specifies a key/value map of environment variables to set in the container environment.

entrypoint?: string ¶

Overrides the Docker `ENTRYPOINT` in the `Dockerfile`, or sets it if one wasn't already specified. Use `entrypoint` when the `Dockerfile` does not specify an `ENTRYPOINT` or you want to override the `ENTRYPOINT` instruction. If you omit `entrypoint`, the commands you specify in the Docker `ENTRYPOINT` instruction will execute. The Docker `ENTRYPOINT instruction has a *shell* form and *exec* form. The Docker `ENTRYPOINT` documentation recommends using the *exec* form of the `ENTRYPOINT` instruction.

"pre-entrypoint"?: string ¶

Allows you to run a script before the `entrypoint` action begins. For example, you can use `pre-entrypoint:` to run a prerequisite setup script. GitHub Actions uses `docker run` to launch this action, and runs the script inside a new container that uses the same base image. This means that the runtime state is different from the main `entrypoint` container, and any states you require must be accessed in either the workspace, `HOME`, or as a `STATE_` variable. The `pre-entrypoint:` action always runs by default but you can override this using `pre-if`.

"pre-if"?: #."pre-if" ¶
"post-entrypoint"?: string ¶

Allows you to run a cleanup script once the `runs.entrypoint` action has completed. GitHub Actions uses `docker run` to launch this action. Because GitHub Actions runs the script inside a new container using the same base image, the runtime state is different from the main `entrypoint` container. You can access any state you need in either the workspace, `HOME`, or as a `STATE_` variable. The `post-entrypoint:` action always runs by default but you can override this using `post-if`.

"post-if"?: #."post-if" ¶
args?: [...string] ¶

An array of strings that define the inputs for a Docker container. Inputs can include hardcoded strings. GitHub passes the `args` to the container's `ENTRYPOINT` when the container starts up. The `args` are used in place of the `CMD` instruction in a `Dockerfile`. If you use `CMD` in your `Dockerfile`, use the guidelines ordered by preference: - Document required arguments in the action's README and omit them from the `CMD` instruction. - Use defaults that allow using the action without specifying any `args`. - If the action exposes a `--help` flag, or something similar, use that to make your action self-documenting.

"runs-javascript": ¶

Configures the path to the action's code and the application used to execute the code.

using!: "node12" | "node16" | "node20" | "node24" ¶

The application used to execute the code specified in `main`.

main!: string ¶

The file that contains your action code. The application specified in `using` executes this file.

pre?: string ¶

Allows you to run a script at the start of a job, before the `main:` action begins. For example, you can use `pre:` to run a prerequisite setup script. The application specified with the `using` syntax will execute this file. The `pre:` action always runs by default but you can override this using `pre-if`.

"pre-if"?: #."pre-if" ¶
post?: string ¶

Allows you to run a script at the end of a job, once the `main:` action has completed. For example, you can use `post:` to terminate certain processes or remove unneeded files. The application specified with the `using` syntax will execute this file. The `post:` action always runs by default but you can override this using `post-if`.

"post-if"?: #."post-if" ¶
#expressionSyntax: =~""" ^\\$\\{\\{(.|[\r ])*\\}\\}$ """ ¶
#outputs:
click to see definition
close({
	[=~"^[_a-zA-Z][a-zA-Z0-9_-]*$"]: close({
		description!: string
	})
})
¶

Output parameters allow you to declare data that an action sets. Actions that run later in a workflow can use the output data set in previously run actions. For example, if you had an action that performed the addition of two inputs (x + y = z), the action could output the sum (z) for other actions to use as an input. If you don't declare an output in your action metadata file, you can still set outputs and use them in a workflow.

#stringContainingExpressionSyntax: =~""" ^.*\\$\\{\\{(.|[\r ])*\\}\\}.*$ """ ¶
#Job: matchN(1, [#Workflow.#normalJob, #Workflow.#reusableWorkflowCallJob]) ¶
#Step: #Workflow.#step ¶
"working-directory"?: #."working-directory" ¶
shell?: #shell ¶
id?: string ¶

A unique identifier for the step. You can use the id to reference the step in contexts. For more information, see https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions.

if?: bool | number | string ¶

You can use the if conditional to prevent a step from running unless a condition is met. You can use any supported context and expression to create a conditional. Expressions in an if conditional do not require the ${{ }} syntax. For more information, see https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions.

name?: string ¶

A name for your step to display on GitHub.

uses?: string ¶

Selects an action to run as part of a step in your job. An action is a reusable unit of code. You can use an action defined in the same repository as the workflow, a public repository, or in a published Docker container image (https://hub.docker.com/). We strongly recommend that you include the version of the action you are using by specifying a Git ref, SHA, or Docker tag number. If you don't specify a version, it could break your workflows or cause unexpected behavior when the action owner publishes an update. - Using the commit SHA of a released action version is the safest for stability and security. - Using the specific major action version allows you to receive critical fixes and security patches while still maintaining compatibility. It also assures that your workflow should still work. - Using the master branch of an action may be convenient, but if someone releases a new major version with a breaking change, your workflow could break. Some actions require inputs that you must set using the with keyword. Review the action's README file to determine the inputs required. Actions are either JavaScript files or Docker containers. If the action you're using is a Docker container you must run the job in a Linux virtual environment. For more details, see https://help.github.com/en/articles/virtual-environments-for-github-actions.

run?: string ¶

Runs command-line programs using the operating system's shell. If you do not provide a name, the step name will default to the text specified in the run command. Commands run using non-login shells by default. You can choose a different shell and customize the shell used to run commands. For more information, see https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#using-a-specific-shell. Each run keyword represents a new process and shell in the virtual environment. When you provide multi-line commands, each line runs in the same shell.

with?: #env ¶
env?: #env ¶
"continue-on-error"?: matchN(1, [bool, #expressionSyntax]) ¶

Prevents a job from failing when a step fails. Set to true to allow a job to pass when this step fails.

"timeout-minutes"?: matchN(1, [number, #expressionSyntax]) ¶

The maximum number of minutes to run the step before killing the process.

#Workflow: ¶
name?: string ¶

The name of your workflow. GitHub displays the names of your workflows on your repository's actions page. If you omit this field, GitHub sets the name to the workflow's filename.

on!:
click to see definition
matchN(1, [#event, [...#event] & [_, ...], close({
	branch_protection_rule?: #eventObject
	check_run?:              #eventObject
	check_suite?:            #eventObject
	create?:                 #eventObject
	delete?:                 #eventObject
	deployment?:             #eventObject
	deployment_status?:      #eventObject
	discussion?:             #eventObject
	discussion_comment?:     #eventObject
	fork?:                   #eventObject
	gollum?:                 #eventObject
	issue_comment?:          #eventObject
	issues?:                 #eventObject
	label?:                  #eventObject
	merge_group?:            #eventObject
	milestone?:              #eventObject
	page_build?:             #eventObject
	project?:                #eventObject
	project_card?:           #eventObject
	project_column?:         #eventObject
	public?:                 #eventObject
	pull_request?: matchN(1, [null, matchN(4, [close({
		types?:             #types
		branches?:          #branch
		"branches-ignore"?: #branch
		tags?:              #branch
		"tags-ignore"?:     #branch
		paths?:             #path
		"paths-ignore"?:    #path
	}), matchN(0, [null | bool | number | string | [...] | {
		branches!:          _
		"branches-ignore"!: _
		...
	}]) & {
		...
	}, matchN(0, [null | bool | number | string | [...] | {
		tags!:          _
		"tags-ignore"!: _
		...
	}]) & {
		...
	}, matchN(0, [null | bool | number | string | [...] | {
		paths!:          _
		"paths-ignore"!: _
		...
	}]) & {
		...
	}])])
	pull_request_review?:         #eventObject
	pull_request_review_comment?: #eventObject
	pull_request_target?: matchN(1, [null, matchN(4, [close({
		types?:             #types
		branches?:          #branch
		"branches-ignore"?: #branch
		tags?:              #branch
		"tags-ignore"?:     #branch
		paths?:             #path
		"paths-ignore"?:    #path
	}), matchN(0, [null | bool | number | string | [...] | {
		branches!:          _
		"branches-ignore"!: _
		...
	}]) & {
		...
	}, matchN(0, [null | bool | number | string | [...] | {
		tags!:          _
		"tags-ignore"!: _
		...
	}]) & {
		...
	}, matchN(0, [null | bool | number | string | [...] | {
		paths!:          _
		"paths-ignore"!: _
		...
	}]) & {
		...
	}])])
	push?: matchN(1, [null, matchN(4, [close({
		branches?:          #branch
		"branches-ignore"?: #branch
		tags?:              #branch
		"tags-ignore"?:     #branch
		paths?:             #path
		"paths-ignore"?:    #path
	}), matchN(0, [null | bool | number | string | [...] | {
		branches!:          _
		"branches-ignore"!: _
		...
	}]) & {
		...
	}, matchN(0, [null | bool | number | string | [...] | {
		tags!:          _
		"tags-ignore"!: _
		...
	}]) & {
		...
	}, matchN(0, [null | bool | number | string | [...] | {
		paths!:          _
		"paths-ignore"!: _
		...
	}]) & {
		...
	}])])
	registry_package?: #eventObject
	release?:          #eventObject
	status?:           #eventObject
	watch?:            #eventObject
	workflow_call?: null | bool | number | string | [...] | {
		inputs?: close({
			[=~"^[_a-zA-Z][a-zA-Z0-9_-]*$"]: close({
				description?: string
				required?:    bool
				type!:        "boolean" | "number" | "string"
				default?:     bool | number | string
			})
		})
		outputs?: close({
			[=~"^[_a-zA-Z][a-zA-Z0-9_-]*$"]: close({
				description?: string
				value!:       string
			})
		})
		secrets?: null | bool | number | string | [...] | close({
			[=~"^[_a-zA-Z][a-zA-Z0-9_-]*$"]: null | bool | number | string | [...] | close({
				description?: string
				required?:    bool
			})
		})
		...
	}
	workflow_dispatch?: null | bool | number | string | [...] | close({
		inputs?: close({
			[=~"^[_a-zA-Z][a-zA-Z0-9_-]*$"]: #workflowDispatchInput
		})
	})
	workflow_run?:        #eventObject
	repository_dispatch?: #eventObject
	schedule?: [...close({
		cron!:     string
		timezone?: string
	})] & [_, ...]
})])
¶

The name of the GitHub event that triggers the workflow. You can provide a single event string, array of events, array of event types, or an event configuration map that schedules a workflow or restricts the execution of a workflow to specific files, tags, or branch changes. For a list of available events, see https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows.

env?: #env ¶
defaults?: #defaults ¶
run?:
click to see definition
struct.MinFields(1) & close({
	shell?:               #shell
	"working-directory"?: #."working-directory"
})
¶
shell?: #shell ¶
"working-directory"?: #."working-directory" ¶
concurrency?: matchN(1, [string, #concurrency]) ¶

Concurrency ensures that only a single job or workflow using the same concurrency group will run at a time. A concurrency group can be any string or expression. The expression can use any context except for the secrets context. You can also specify concurrency at the workflow level. When a concurrent job or workflow is queued, if another job or workflow using the same concurrency group in the repository is in progress, the queued job or workflow will be pending. Any previously pending job or workflow in the concurrency group will be canceled. To also cancel any currently running job or workflow in the same concurrency group, specify cancel-in-progress: true.

jobs!: struct.MinFields(1) & close({ [=~"^[_a-zA-Z][a-zA-Z0-9_-]*$"]: matchN(1, [#normalJob, #reusableWorkflowCallJob]) }) ¶

A workflow run is made up of one or more jobs. Jobs run in parallel by default. To run jobs sequentially, you can define dependencies on other jobs using the jobs.<job_id>.needs keyword. Each job runs in a fresh instance of the virtual environment specified by runs-on. You can run an unlimited number of jobs as long as you are within the workflow usage limits. For more information, see https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#usage-limits.

"run-name"?: string ¶

The name for workflow runs generated from the workflow. GitHub displays the workflow run name in the list of workflow runs on your repository's 'Actions' tab.

permissions?: #permissions ¶
#: ¶
"permissions-event": ¶
actions?: #."permissions-level" ¶
"artifact-metadata"?: #."permissions-level" ¶
attestations?: #."permissions-level" ¶
checks?: #."permissions-level" ¶
contents?: #."permissions-level" ¶
deployments?: #."permissions-level" ¶
discussions?: #."permissions-level" ¶
"id-token"?: #."permissions-level" ¶
issues?: #."permissions-level" ¶
models?: "read" | "none" ¶
packages?: #."permissions-level" ¶
pages?: #."permissions-level" ¶
"pull-requests"?: #."permissions-level" ¶
"repository-projects"?: #."permissions-level" ¶
"security-events"?: #."permissions-level" ¶
statuses?: #."permissions-level" ¶
"permissions-level": "read" | "write" | "none" ¶
"working-directory": string ¶

Using the working-directory keyword, you can specify the working directory of where to run the command.

#architecture: "ARM32" | "x64" | "x86" ¶
#branch: #globs ¶
[0]: strings.MinRunes(1) ¶
#concurrency: ¶
group!: string ¶

When a concurrent job or workflow is queued, if another job or workflow using the same concurrency group in the repository is in progress, the queued job or workflow will be pending. Any previously pending job or workflow in the concurrency group will be canceled.

"cancel-in-progress"?: matchN(1, [bool, #expressionSyntax]) ¶

To cancel any currently running job or workflow in the same concurrency group, specify cancel-in-progress: true.

#configuration: matchN(1, [string, number, bool, { [string]: #configuration }, [...#configuration]]) ¶
#container: ¶
image!: string ¶

The Docker image to use as the container to run the action. The value can be the Docker Hub image name or a registry name.

credentials?: ¶

If the image's container registry requires authentication to pull the image, you can use credentials to set a map of the username and password. The credentials are the same values that you would provide to the `docker login` command.

username?: string ¶
password?: string ¶
env?: #env ¶
ports?: [...number | string] & [_, ...] ¶

Sets an array of ports to expose on the container.

[0]: number | string ¶
volumes?: [...string] & [_, ...] ¶

Sets an array of volumes for the container to use. You can use volumes to share data between services or other steps in a job. You can specify named Docker volumes, anonymous Docker volumes, or bind mounts on the host. To specify a volume, you specify the source and destination path: <source>:<destinationPath> The <source> is a volume name or an absolute path on the host machine, and <destinationPath> is an absolute path in the container.

[0]: string ¶
options?: string ¶

Additional Docker container resource options. For a list of options, see https://docs.docker.com/engine/reference/commandline/create/#options.

#defaults:
click to see definition
struct.MinFields(1) & close({
	run?: struct.MinFields(1) & close({
		shell?:               #shell
		"working-directory"?: #."working-directory"
	})
})
¶
run?:
click to see definition
struct.MinFields(1) & close({
	shell?:               #shell
	"working-directory"?: #."working-directory"
})
¶
shell?: #shell ¶
"working-directory"?: #."working-directory" ¶
#env: matchN(1, [{ [string]: bool | number | string }, #stringContainingExpressionSyntax]) ¶

To set custom environment variables, you need to specify the variables in the workflow file. You can define environment variables for a step, job, or entire workflow using the jobs.<job_id>.steps[*].env, jobs.<job_id>.env, and env keywords. For more information, see https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions#jobsjob_idstepsenv

#environment: ¶

The environment that the job references

name!: string ¶

The name of the environment configured in the repo.

url?: string ¶

A deployment URL

deployment?: matchN(1, [bool, #expressionSyntax]) ¶

Whether to create a deployment for this job. Setting to false lets the job use environment secrets and variables without creating a deployment record. Wait timers and required reviewers still apply.

#event:
click to see definition
"branch_protection_rule" | "check_run" | "check_suite" | "create" | "delete" | "deployment" | "deployment_status" | "discussion" | "discussion_comment" | "fork" | "gollum" | "issue_comment" | "issues" | "label" | "merge_group" | "milestone" | "page_build" | "project" | "project_card" | "project_column" | "public" | "pull_request" | "pull_request_review" | "pull_request_review_comment" | "pull_request_target" | "push" | "registry_package" | "release" | "status" | "watch" | "workflow_call" | "workflow_dispatch" | "workflow_run" | "repository_dispatch"
¶
#eventObject: null | { ... } ¶
#expressionSyntax: =~""" ^\\$\\{\\{(.|[\r ])*\\}\\}$ """ ¶
#globs: [...strings.MinRunes(1)] & [_, ...] ¶
[0]: strings.MinRunes(1) ¶
#jobNeeds: matchN(1, [[...#name] & [_, ...], #name]) ¶

Identifies any jobs that must complete successfully before this job will run. It can be a string or array of strings. If a job fails, all jobs that need it are skipped unless the jobs use a conditional statement that causes the job to continue.

#machine: "linux" | "macos" | "windows" ¶
#matrix:
click to see definition
matchN(1, [struct.MinFields(1) & {
	{
		[=~"^(in|ex)clude$"]: matchN(1, [#expressionSyntax, [...{
			[string]: #configuration
		}] & [_, ...]])
	}
	{
		[!~"^(in|ex)clude$" & !~"^()$"]: matchN(1, [[...#configuration] & [_, ...], #expressionSyntax])
	}
}, #expressionSyntax])
¶

A build matrix is a set of different configurations of the virtual environment. For example you might run a job against more than one supported version of a language, operating system, or tool. Each configuration is a copy of the job that runs and reports a status. You can specify a matrix by supplying an array for the configuration options. For example, if the GitHub virtual environment supports Node.js versions 6, 8, and 10 you could specify an array of those versions in the matrix. When you define a matrix of operating systems, you must set the required runs-on keyword to the operating system of the current job, rather than hard-coding the operating system name. To access the operating system name, you can use the matrix.os context parameter to set runs-on. For more information, see https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions.

#name: =~"^[_a-zA-Z][a-zA-Z0-9_-]*$" ¶
#normalJob: ¶

Each job must have an id to associate with the job. The key job_id is a string and its value is a map of the job's configuration data. You must replace <job_id> with a string that is unique to the jobs object. The <job_id> must start with a letter or _ and contain only alphanumeric characters, -, or _.

name?: string ¶

The name of the job displayed on GitHub.

needs?: #jobNeeds ¶
snapshot?: #snapshot ¶
permissions?: #permissions ¶
"runs-on"!:
click to see definition
matchN(>=1, [string, [string, ...string] & [_, ...] & [...], {
	group?: string
	labels?: matchN(1, [string, [...string]])
	...
}, #stringContainingExpressionSyntax, #expressionSyntax])
¶

The type of machine to run the job on. The machine can be either a GitHub-hosted runner, or a self-hosted runner.

environment?: matchN(1, [string, #environment]) ¶

The environment that the job references.

outputs?:
click to see definition
struct.MinFields(1) & {
	{
		[string]: string
	}
}
¶

A map of outputs for a job. Job outputs are available to all downstream jobs that depend on this job.

env?: #env ¶
defaults?: #defaults ¶
run?:
click to see definition
struct.MinFields(1) & close({
	shell?:               #shell
	"working-directory"?: #."working-directory"
})
¶
shell?: #shell ¶
"working-directory"?: #."working-directory" ¶
if?: bool | number | string ¶

You can use the if conditional to prevent a job from running unless a condition is met. You can use any supported context and expression to create a conditional. Expressions in an if conditional do not require the ${{ }} syntax. For more information, see https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions.

steps?: [...#step] & [_, ...] ¶

A job contains a sequence of tasks called steps. Steps can run commands, run setup tasks, or run an action in your repository, a public repository, or an action published in a Docker registry. Not all steps run actions, but all actions run as a step. Each step runs in its own process in the virtual environment and has access to the workspace and filesystem. Because steps run in their own process, changes to environment variables are not preserved between steps. GitHub provides built-in steps to set up and complete a job. Must contain either `uses` or `run`

[0]: #step ¶
"working-directory"?: #."working-directory" ¶
shell?: #shell ¶
id?: string ¶

A unique identifier for the step. You can use the id to reference the step in contexts. For more information, see https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions.

if?: bool | number | string ¶

You can use the if conditional to prevent a step from running unless a condition is met. You can use any supported context and expression to create a conditional. Expressions in an if conditional do not require the ${{ }} syntax. For more information, see https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions.

name?: string ¶

A name for your step to display on GitHub.

uses?: string ¶

Selects an action to run as part of a step in your job. An action is a reusable unit of code. You can use an action defined in the same repository as the workflow, a public repository, or in a published Docker container image (https://hub.docker.com/). We strongly recommend that you include the version of the action you are using by specifying a Git ref, SHA, or Docker tag number. If you don't specify a version, it could break your workflows or cause unexpected behavior when the action owner publishes an update. - Using the commit SHA of a released action version is the safest for stability and security. - Using the specific major action version allows you to receive critical fixes and security patches while still maintaining compatibility. It also assures that your workflow should still work. - Using the master branch of an action may be convenient, but if someone releases a new major version with a breaking change, your workflow could break. Some actions require inputs that you must set using the with keyword. Review the action's README file to determine the inputs required. Actions are either JavaScript files or Docker containers. If the action you're using is a Docker container you must run the job in a Linux virtual environment. For more details, see https://help.github.com/en/articles/virtual-environments-for-github-actions.

run?: string ¶

Runs command-line programs using the operating system's shell. If you do not provide a name, the step name will default to the text specified in the run command. Commands run using non-login shells by default. You can choose a different shell and customize the shell used to run commands. For more information, see https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#using-a-specific-shell. Each run keyword represents a new process and shell in the virtual environment. When you provide multi-line commands, each line runs in the same shell.

with?: #env ¶
env?: #env ¶
"continue-on-error"?: matchN(1, [bool, #expressionSyntax]) ¶

Prevents a job from failing when a step fails. Set to true to allow a job to pass when this step fails.

"timeout-minutes"?: matchN(1, [number, #expressionSyntax]) ¶

The maximum number of minutes to run the step before killing the process.

"timeout-minutes"?: matchN(1, [number, #expressionSyntax]) ¶

The maximum number of minutes to let a workflow run before GitHub automatically cancels it. Default: 360

strategy?: ¶

A strategy creates a build matrix for your jobs. You can define different variations of an environment to run each job in.

matrix!: #matrix ¶
"fail-fast"?: bool | string ¶

When set to true, GitHub cancels all in-progress jobs if any matrix job fails. Default: true

"max-parallel"?: number | string ¶

The maximum number of jobs that can run simultaneously when using a matrix job strategy. By default, GitHub will maximize the number of jobs run in parallel depending on the available runners on GitHub-hosted virtual machines.

"continue-on-error"?: matchN(1, [bool, #expressionSyntax]) ¶

Prevents a workflow run from failing when a job fails. Set to true to allow a workflow run to pass when this job fails.

container?: matchN(1, [string, #container]) ¶

A container to run any steps in a job that don't already specify a container. If you have steps that use both script and container actions, the container actions will run as sibling containers on the same network with the same volume mounts. If you do not set a container, all steps will run directly on the host specified by runs-on unless a step refers to an action configured to run in a container.

services?: [string]: #container ¶

Additional containers to host services for a job in a workflow. These are useful for creating databases or cache services like redis. The runner on the virtual machine will automatically create a network and manage the life cycle of the service containers. When you use a service container for a job or your step uses container actions, you don't need to set port information to access the service. Docker automatically exposes all ports between containers on the same network. When both the job and the action run in a container, you can directly reference the container by its hostname. The hostname is automatically mapped to the service name. When a step does not use a container action, you must access the service using localhost and bind the ports.

concurrency?: matchN(1, [string, #concurrency]) ¶

Concurrency ensures that only a single job or workflow using the same concurrency group will run at a time. A concurrency group can be any string or expression. The expression can use any context except for the secrets context. You can also specify concurrency at the workflow level. When a concurrent job or workflow is queued, if another job or workflow using the same concurrency group in the repository is in progress, the queued job or workflow will be pending. Any previously pending job or workflow in the concurrency group will be canceled. To also cancel any currently running job or workflow in the same concurrency group, specify cancel-in-progress: true.

#path: #globs ¶
[0]: strings.MinRunes(1) ¶
#permissions: matchN(1, ["read-all" | "write-all", #."permissions-event"]) ¶

You can modify the default permissions granted to the GITHUB_TOKEN, adding or removing access as required, so that you only allow the minimum required access.

#reusableWorkflowCallJob: ¶

Each job must have an id to associate with the job. The key job_id is a string and its value is a map of the job's configuration data. You must replace <job_id> with a string that is unique to the jobs object. The <job_id> must start with a letter or _ and contain only alphanumeric characters, -, or _.

name?: string ¶

The name of the job displayed on GitHub.

needs?: #jobNeeds ¶
permissions?: #permissions ¶
if?: bool | number | string ¶

You can use the if conditional to prevent a job from running unless a condition is met. You can use any supported context and expression to create a conditional. Expressions in an if conditional do not require the ${{ }} syntax. For more information, see https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions.

uses!: =~"^(.+\\/)+(.+)\\.(ya?ml)(@.+)?$" ¶

The location and version of a reusable workflow file to run as a job, of the form './{path/to}/{localfile}.yml' or '{owner}/{repo}/{path}/{filename}@{ref}'. {ref} can be a SHA, a release tag, or a branch name. Using the commit SHA is the safest for stability and security.

with?: #env ¶
secrets?: matchN(1, [#env, "inherit"]) ¶

When a job is used to call a reusable workflow, you can use 'secrets' to provide a map of secrets that are passed to the called workflow. Any secrets that you pass must match the names defined in the called workflow.

strategy?: ¶

A strategy creates a build matrix for your jobs. You can define different variations of an environment to run each job in.

matrix!: #matrix ¶
"fail-fast"?: bool | string ¶

When set to true, GitHub cancels all in-progress jobs if any matrix job fails. Default: true

"max-parallel"?: number | string ¶

The maximum number of jobs that can run simultaneously when using a matrix job strategy. By default, GitHub will maximize the number of jobs run in parallel depending on the available runners on GitHub-hosted virtual machines.

concurrency?: matchN(1, [string, #concurrency]) ¶

Concurrency ensures that only a single job or workflow using the same concurrency group will run at a time. A concurrency group can be any string or expression. The expression can use any context except for the secrets context. You can also specify concurrency at the workflow level. When a concurrent job or workflow is queued, if another job or workflow using the same concurrency group in the repository is in progress, the queued job or workflow will be pending. Any previously pending job or workflow in the concurrency group will be canceled. To also cancel any currently running job or workflow in the same concurrency group, specify cancel-in-progress: true.

#shell: matchN(>=1, [string, "bash" | "pwsh" | "python" | "sh" | "cmd" | "powershell"]) ¶

You can override the default shell settings in the runner's operating system using the shell keyword. You can use built-in shell keywords, or you can define a custom set of shell options.

#snapshot: matchN(1, [string, close({ "image-name"!: string version?: =~"^\\d+(\\.\\d+|\\*)?$" })]) ¶

You can use `jobs.<job_id>.snapshot` to generate a custom image. Add the snapshot keyword to the job, using either the string syntax or mapping syntax as shown in https://docs.github.com/en/actions/how-tos/manage-runners/larger-runners/use-custom-images#generating-a-custom-image. Each job that includes the snapshot keyword creates a separate image. To generate only one image or image version, include all workflow steps in a single job. Each successful run of a job that includes the snapshot keyword creates a new version of that image. For more information, see https://docs.github.com/en/actions/how-tos/manage-runners/larger-runners/use-custom-images.

#step:
click to see definition
matchN(1, [{
	uses!: _
	...
}, {
	run!: _
	...
}]) & close({
	_t0="working-directory"?: _
	if _t0 != _|_ // explicit error (_|_ literal) in source
	{
		run!: _
	}
	shell?: _
	if shell != _|_ // explicit error (_|_ literal) in source
	{
		run!: _
	}
	{}
	id?:                  string
	if?:                  bool | number | string
	name?:                string
	uses?:                string
	run?:                 string
	"working-directory"?: #."working-directory"
	shell?:               #shell
	with?:                #env
	env?:                 #env
	"continue-on-error"?: matchN(1, [bool, #expressionSyntax])
	"timeout-minutes"?: matchN(1, [number, #expressionSyntax])
})
¶
"working-directory"?: #."working-directory" ¶
shell?: #shell ¶
id?: string ¶

A unique identifier for the step. You can use the id to reference the step in contexts. For more information, see https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions.

if?: bool | number | string ¶

You can use the if conditional to prevent a step from running unless a condition is met. You can use any supported context and expression to create a conditional. Expressions in an if conditional do not require the ${{ }} syntax. For more information, see https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions.

name?: string ¶

A name for your step to display on GitHub.

uses?: string ¶

Selects an action to run as part of a step in your job. An action is a reusable unit of code. You can use an action defined in the same repository as the workflow, a public repository, or in a published Docker container image (https://hub.docker.com/). We strongly recommend that you include the version of the action you are using by specifying a Git ref, SHA, or Docker tag number. If you don't specify a version, it could break your workflows or cause unexpected behavior when the action owner publishes an update. - Using the commit SHA of a released action version is the safest for stability and security. - Using the specific major action version allows you to receive critical fixes and security patches while still maintaining compatibility. It also assures that your workflow should still work. - Using the master branch of an action may be convenient, but if someone releases a new major version with a breaking change, your workflow could break. Some actions require inputs that you must set using the with keyword. Review the action's README file to determine the inputs required. Actions are either JavaScript files or Docker containers. If the action you're using is a Docker container you must run the job in a Linux virtual environment. For more details, see https://help.github.com/en/articles/virtual-environments-for-github-actions.

run?: string ¶

Runs command-line programs using the operating system's shell. If you do not provide a name, the step name will default to the text specified in the run command. Commands run using non-login shells by default. You can choose a different shell and customize the shell used to run commands. For more information, see https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#using-a-specific-shell. Each run keyword represents a new process and shell in the virtual environment. When you provide multi-line commands, each line runs in the same shell.

with?: #env ¶
env?: #env ¶
"continue-on-error"?: matchN(1, [bool, #expressionSyntax]) ¶

Prevents a job from failing when a step fails. Set to true to allow a job to pass when this step fails.

"timeout-minutes"?: matchN(1, [number, #expressionSyntax]) ¶

The maximum number of minutes to run the step before killing the process.

#stringContainingExpressionSyntax: =~""" ^.*\\$\\{\\{(.|[\r ])*\\}\\}.*$ """ ¶
#types: matchN(1, [[_, ...], string]) ¶

Selects the types of activity that will trigger a workflow run. Most GitHub events are triggered by more than one type of activity. For example, the event for the release resource is triggered when a release is published, unpublished, created, edited, deleted, or prereleased. The types keyword enables you to narrow down activity that causes the workflow to run. When only one activity type triggers a webhook event, the types keyword is unnecessary. You can use an array of event types. For more information about each event and their activity types, see https://help.github.com/en/articles/events-that-trigger-workflows#webhook-events.

#workflowDispatchInput: ¶

A string identifier to associate with the input. The value of <input_id> is a map of the input's metadata. The <input_id> must be a unique identifier within the inputs object. The <input_id> must start with a letter or _ and contain only alphanumeric characters, -, or _.

description?: string ¶

A string description of the input parameter.

deprecationMessage?: string ¶

A string shown to users using the deprecated input.

required?: bool ¶

A boolean to indicate whether the action requires the input parameter. Set to true when the parameter is required.

default?: _ ¶

A string representing the default value. The default value is used when an input parameter isn't specified in a workflow file.

type?: "string" | "choice" | "boolean" | "number" | "environment" ¶

A string representing the type of the input.

options?: [...string] & [_, ...] ¶

The options of the dropdown list, if the type is a choice.

[0]: string ¶

Source files

  • Action.cue
  • Workflow.cue
  • extra.cue