Tips on GitHub Actions

Things on this page are fragmentary and immature notes/thoughts of the author. Please read with your own judgement!

Tips and Traps

You can use sudo without password in Linux and macOS when running GitHub Actions.
GitHub Actions supports manual triggers with workflow_dispatch. Workflow parameters are supported in manually triggers.
GITHUB_TOKEN is an automatically generated secret that lets you make authenticated calls to the GitHub API in your workflow runs. Actions generates a new token for each job and expires the token when a job completes. GITHUB_TOKEN can also be used for the GitHub Action peter-evans/create-pull-request to create PRs automatically. However, GitHub bot is the owner of a PR created by the GitHub action create-pull-request with GITHUB_TOKEN which might have issues triggering other pipelines listening to PR events. A simple solution to this problem is to manually create a repository secret (e.g., GITHUBACTIONS) and use it to autenticate the GitHub Action create-pull-request with GITHUB_TOKEN .
Rust cannot be installed into a global location following instructions at Install Rust Globally in Linux . This might because GitHub Actions VMs have restrictions on environemnt variables. You can still install Rust using root (via sudo) but this doesn't give you much priviledge as the root account in a GitHub Actions VM is restricted too.
OS: ubuntu-latest, windows-latest, macOS-latest
Good practices for GitHub repository with GitHub Actions workflows:
- Have 2 protected branches main and dev, where main is reserved for releasing and dev is reserved for development.
- Fork the dev branch for development.
- A PR from dev to main should be made when it is ready to release a new version.

Branch Matching

on:
push:
    branches:    
    - '*'         # matches every branch that doesn't contain a '/'
    - '*/*'       # matches every branch containing a single '/'
    - '**'        # matches every branch
    - '!master'   # excludes master