github-actions-generator

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

GitHub Actions Generator

GitHub Actions 生成器

Generate production-ready GitHub Actions workflows and custom actions following current best practices, security standards, and naming conventions. All generated resources are automatically validated using the devops-skills:github-actions-validator skill.

生成符合当前最佳实践、安全标准及命名规范的可用于生产环境的GitHub Actions工作流和自定义操作。所有生成的资源都会通过devops-skills:github-actions-validator技能自动验证。

Quick Reference

快速参考

Capability	When to Use	Reference
Workflows	CI/CD, automation, testing	`references/best-practices.md`
Composite Actions	Reusable step combinations	`references/custom-actions.md`
Docker Actions	Custom environments/tools	`references/custom-actions.md`
JavaScript Actions	API interactions, complex logic	`references/custom-actions.md`
Reusable Workflows	Shared patterns across repos	`references/advanced-triggers.md`
Security Scanning	Dependency review, SBOM	`references/best-practices.md`
Modern Features	Summaries, environments	`references/modern-features.md`

功能	使用场景	参考文档
工作流	CI/CD、自动化、测试	`references/best-practices.md`
复合操作	可重用步骤组合	`references/custom-actions.md`
Docker操作	自定义环境/工具	`references/custom-actions.md`
JavaScript操作	API交互、复杂逻辑	`references/custom-actions.md`
可重用工作流	跨仓库共享模式	`references/advanced-triggers.md`
安全扫描	依赖审查、SBOM	`references/best-practices.md`
现代特性	摘要、环境	`references/modern-features.md`

Core Capabilities

核心功能

1. Generate Workflows

1. 生成工作流

Triggers: "Create a workflow for...", "Build a CI/CD pipeline..."

Process:

Understand requirements (triggers, runners, dependencies)
Reference
```
references/best-practices.md
```
for patterns
Reference
```
references/common-actions.md
```
for action versions
Generate workflow with:
- Semantic names, pinned actions (SHA), proper permissions
- Concurrency controls, caching, matrix strategies
Validate with devops-skills:github-actions-validator skill
Fix issues and re-validate if needed

Minimal Example:

yaml

name: CI Pipeline

on:
  push:
    branches: [main]
  pull_request:

permissions:
  contents: read

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
      - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
        with:
          node-version: '20'
          cache: 'npm'
      - run: npm ci
      - run: npm test

触发词： "为...创建工作流"、"构建CI/CD流水线..."

流程：

理解需求（触发器、运行器、依赖项）
参考
```
references/best-practices.md
```
获取模式
参考
```
references/common-actions.md
```
获取操作版本
生成包含以下内容的工作流：
- 语义化名称、固定版本的操作（SHA）、适当的权限
- 并发控制、缓存、矩阵策略
验证：使用devops-skills:github-actions-validator技能
如有问题：修复后重新验证

最简示例：

yaml

name: CI Pipeline

on:
  push:
    branches: [main]
  pull_request:

permissions:
  contents: read

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
      - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
        with:
          node-version: '20'
          cache: 'npm'
      - run: npm ci
      - run: npm test

2. Generate Custom Actions

2. 生成自定义操作

Triggers: "Create a composite action...", "Build a Docker action...", "Create a JavaScript action..."

Types:

Composite: Combine multiple steps → Fast startup
Docker: Custom environment/tools → Isolated
JavaScript: API access, complex logic → Fastest

Process:

Use templates from
```
assets/templates/action/
```
Follow structure in
```
references/custom-actions.md
```
Include branding, inputs/outputs, documentation
Validate with devops-skills:github-actions-validator skill

See

references/custom-actions.md

for:

Action metadata and branding
Directory structure patterns
Versioning and release workflows

触发词： "创建复合操作..."、"构建Docker操作..."、"创建JavaScript操作..."

类型：

复合操作：组合多个步骤 → 启动速度快
Docker操作：自定义环境/工具 → 隔离性好
JavaScript操作：API访问、复杂逻辑 → 速度最快

流程：

使用
```
assets/templates/action/
```
中的模板
遵循
```
references/custom-actions.md
```
中的结构
包含品牌标识、输入/输出、文档
验证：使用devops-skills:github-actions-validator技能

查看

references/custom-actions.md

获取：

操作元数据与品牌标识
目录结构模式
版本控制与发布工作流

3. Generate Reusable Workflows

3. 生成可重用工作流

Triggers: "Create a reusable workflow...", "Make this workflow callable..."

Key Elements:

```
workflow_call
```
trigger with typed inputs
Explicit secrets (avoid
```
secrets: inherit
```
)
Outputs mapped from job outputs
Minimal permissions

yaml

on:
  workflow_call:
    inputs:
      environment:
        required: true
        type: string
    secrets:
      deploy-token:
        required: true
    outputs:
      result:
        value: ${{ jobs.build.outputs.result }}

See

references/advanced-triggers.md

for complete patterns.

触发词： "创建可重用工作流..."、"将此工作流设为可调用..."

关键元素：

带类型输入的
```
workflow_call
```
触发器
显式机密（避免使用
```
secrets: inherit
```
）
从作业输出映射的输出
最小权限

yaml

on:
  workflow_call:
    inputs:
      environment:
        required: true
        type: string
    secrets:
      deploy-token:
        required: true
    outputs:
      result:
        value: ${{ jobs.build.outputs.result }}

查看

references/advanced-triggers.md

获取完整模式。

4. Generate Security Workflows

4. 生成安全工作流

Triggers: "Add security scanning...", "Add dependency review...", "Generate SBOM..."

Components:

Dependency Review:
```
actions/dependency-review-action@v4
```
SBOM Attestations:
```
actions/attest-sbom@v2
```
CodeQL Analysis:
```
github/codeql-action
```

Required Permissions:

yaml

permissions:
  contents: read
  security-events: write  # For CodeQL
  id-token: write         # For attestations
  attestations: write     # For attestations

See

references/best-practices.md

section on security.

触发词： "添加安全扫描..."、"添加依赖审查..."、"生成SBOM..."

组件：

依赖审查：
```
actions/dependency-review-action@v4
```
SBOM证明：
```
actions/attest-sbom@v2
```
CodeQL分析：
```
github/codeql-action
```

所需权限：

yaml

permissions:
  contents: read
  security-events: write  # For CodeQL
  id-token: write         # For attestations
  attestations: write     # For attestations

查看

references/best-practices.md

中的安全章节。

5. Modern Features

5. 现代特性

Triggers: "Add job summaries...", "Use environments...", "Run in container..."

See

references/modern-features.md

for:

Job summaries (
```
$GITHUB_STEP_SUMMARY
```
)
Deployment environments with approvals
Container jobs with services
Workflow annotations

触发词： "添加作业摘要..."、"使用环境..."、"在容器中运行..."

查看

references/modern-features.md

获取：

作业摘要（
```
$GITHUB_STEP_SUMMARY
```
）
带审批的部署环境
带服务的容器作业
工作流注解

6. Public Action Documentation

6. 公共操作文档

When using public actions:

Search for documentation:

"[owner/repo] [version] github action documentation"

Or use Context7 MCP:

```
mcp__context7__resolve-library-id
```
to find action
```
mcp__context7__get-library-docs
```
for documentation

Pin to SHA with version comment:

yaml

- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0

See

references/common-actions.md

for pre-verified action versions.

使用公共操作时：

搜索文档：

"[owner/repo] [version] github action documentation"

或使用Context7 MCP：

```
mcp__context7__resolve-library-id
```
查找操作
```
mcp__context7__get-library-docs
```
获取文档

固定到SHA并添加版本注释：

yaml

- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0

查看

references/common-actions.md

获取预验证的操作版本。

Validation Workflow

验证工作流

CRITICAL: Every generated resource MUST be validated.

Generate workflow/action file
Invoke
```
devops-skills:github-actions-validator
```
skill
If errors: fix and re-validate
If success: present with usage instructions

Skip validation only for:

Partial code snippets
Documentation examples
User explicitly requests skip

重要提示： 所有生成的资源必须经过验证。

生成工作流/操作文件
调用
```
devops-skills:github-actions-validator
```
技能
如有错误：修复后重新验证
如验证通过：提供使用说明

仅在以下情况可跳过验证：

部分代码片段
文档示例
用户明确要求跳过

Mandatory Standards

强制标准

All generated resources must follow:

Standard	Implementation
Security	Pin to SHA, minimal permissions, mask secrets
Performance	Caching, concurrency, shallow checkout
Naming	Descriptive names, lowercase-hyphen files
Error Handling	Timeouts, cleanup with `if: always()`

See

references/best-practices.md

for complete guidelines.

所有生成的资源必须遵循：

标准	实现方式
安全性	固定到SHA、最小权限、隐藏机密
性能	缓存、并发、浅克隆
命名	描述性名称、小写连字符文件名
错误处理	超时、使用 `if: always()` 清理

查看

references/best-practices.md

获取完整指南。

Resources

资源

Reference Documents

参考文档

Document	Content	When to Use
`references/best-practices.md`	Security, performance, patterns	Every workflow
`references/common-actions.md`	Action versions, inputs, outputs	Public action usage
`references/expressions-and-contexts.md`	`${{ }}` syntax, contexts, functions	Complex conditionals
`references/advanced-triggers.md`	workflow_run, dispatch, ChatOps	Workflow orchestration
`references/custom-actions.md`	Metadata, structure, versioning	Custom action creation
`references/modern-features.md`	Summaries, environments, containers	Enhanced workflows

文档	内容	使用场景
`references/best-practices.md`	安全、性能、模式	所有工作流
`references/common-actions.md`	操作版本、输入、输出	使用公共操作时
`references/expressions-and-contexts.md`	`${{ }}` 语法、上下文、函数	复杂条件判断
`references/advanced-triggers.md`	workflow_run、dispatch、ChatOps	工作流编排
`references/custom-actions.md`	元数据、结构、版本控制	创建自定义操作时
`references/modern-features.md`	摘要、环境、容器	增强型工作流

Templates

模板

Template	Location
Basic Workflow	`assets/templates/workflow/basic_workflow.yml`
Composite Action	`assets/templates/action/composite/action.yml`
Docker Action	`assets/templates/action/docker/`
JavaScript Action	`assets/templates/action/javascript/`

模板	位置
基础工作流	`assets/templates/workflow/basic_workflow.yml`
复合操作	`assets/templates/action/composite/action.yml`
Docker操作	`assets/templates/action/docker/`
JavaScript操作	`assets/templates/action/javascript/`

Common Patterns

常见模式

Matrix Testing

矩阵测试

yaml

strategy:
  matrix:
    os: [ubuntu-latest, windows-latest]
    node: [18, 20, 22]
  fail-fast: false

yaml

strategy:
  matrix:
    os: [ubuntu-latest, windows-latest]
    node: [18, 20, 22]
  fail-fast: false

Conditional Deployment

条件部署

yaml

deploy:
  if: github.event_name == 'push' && github.ref == 'refs/heads/main'

yaml

deploy:
  if: github.event_name == 'push' && github.ref == 'refs/heads/main'

Artifact Sharing

工件共享

yaml

undefined

yaml

undefined

Upload

上传

uses: actions/upload-artifact@v4 with: name: build-${{ github.sha }} path: dist/

uses: actions/upload-artifact@v4 with: name: build-${{ github.sha }} path: dist/

Download (in dependent job)

下载（在依赖作业中）

uses: actions/download-artifact@v4 with: name: build-${{ github.sha }}

---

uses: actions/download-artifact@v4 with: name: build-${{ github.sha }}

---

Workflow Summary

工作流总结

Understand requirements
Reference appropriate docs
Generate with standards
Search for public action docs (if needed)
Validate with devops-skills:github-actions-validator
Fix any errors
Present validated result

理解需求
参考相应文档
生成符合标准的资源
搜索公共操作文档（如有需要）
验证：使用devops-skills:github-actions-validator
修复任何错误
交付验证通过的结果