repository-manifest
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseRepository Manifest Reference
仓库清单参考
Use this skill when editing repository-side manifests. Keep the body small and load references only as needed.
编辑仓库侧清单时使用此Skill。保持内容精简,仅按需加载参考文档。
Core Rules
核心规则
- All fields are optional. Omitted fields are left unchanged on GitHub.
spec - manages one repository.
Repository - manages many repositories with shared
RepositorySet.defaults - For new setups, prefer over classic
rulesets.branch_protection - Secret values must use indirection, never literal secrets.
${ENV_*}
- 所有字段均为可选。省略的字段在GitHub上会保持原有值不变。
spec - 用于管理单个仓库。
Repository - 通过共享
RepositorySet配置管理多个仓库。defaults - 新配置优先使用而非传统的
rulesets。branch_protection - 密钥值必须使用间接引用,绝对不要直接填写明文密钥。
${ENV_*}
Repository
Repository
yaml
apiVersion: gh-infra/v1
kind: Repository
metadata:
owner: my-org
name: my-repo
spec:
# declare only managed fieldsRead these references as needed:
- General settings and lifecycle: references/general.md
- Labels and label sync: references/labels.md
- Actions settings and validation traps: references/actions.md
- Rulesets and branch protection: references/protection.md
- Secrets and variables: references/secrets-variables.md
yaml
apiVersion: gh-infra/v1
kind: Repository
metadata:
owner: my-org
name: my-repo
spec:
# declare only managed fields按需阅读以下参考文档:
- 通用配置与生命周期: references/general.md
- 标签与标签同步: references/labels.md
- Actions配置与验证陷阱: references/actions.md
- 规则集与分支保护: references/protection.md
- 密钥与变量: references/secrets-variables.md
RepositorySet
RepositorySet
Use when many repositories share defaults.
RepositorySetyaml
apiVersion: gh-infra/v1
kind: RepositorySet
metadata:
owner: my-org
defaults:
spec:
visibility: public
features:
wiki: false
merge_strategy:
allow_squash_merge: true
allow_rebase_merge: false
auto_delete_head_branches: true
rulesets:
- name: protect-main
target: branch
enforcement: active
conditions:
ref_name:
include: ["refs/heads/main"]
rules:
pull_request:
required_approving_review_count: 1
non_fast_forward: true
repositories:
- name: repo-a
spec:
description: "Service A"
topics: [go, api]
- name: repo-b
spec:
description: "Service B"
topics: [python, cli]
features:
wiki: trueOverride behavior matters:
- Scalars are replaced
- Lists are replaced entirely
- Maps are merged by key
This means replace the default list, while replaces as a scalar.
labelslabel_syncRead references/repository-set.md for the exact merge rules.
当多个仓库需要共享默认配置时使用。
RepositorySetyaml
apiVersion: gh-infra/v1
kind: RepositorySet
metadata:
owner: my-org
defaults:
spec:
visibility: public
features:
wiki: false
merge_strategy:
allow_squash_merge: true
allow_rebase_merge: false
auto_delete_head_branches: true
rulesets:
- name: protect-main
target: branch
enforcement: active
conditions:
ref_name:
include: ["refs/heads/main"]
rules:
pull_request:
required_approving_review_count: 1
non_fast_forward: true
repositories:
- name: repo-a
spec:
description: "Service A"
topics: [go, api]
- name: repo-b
spec:
description: "Service B"
topics: [python, cli]
features:
wiki: true覆盖规则说明:
- 标量值会被直接替换
- 列表会被完全覆盖
- 映射会按键合并
这意味着会替换默认列表,而作为标量会直接被替换。
labelslabel_sync阅读references/repository-set.md了解确切的合并规则。
High-Value Gotchas
常见踩坑提示
- is required when setting any other
actions.enabledfieldactions.* - is valid only with
actions.selected_actionsallowed_actions: selected - deletes unmanaged labels; review
label_sync: mirrorcarefullyplan - for , use the dedicated
gh infra import --intoskillimport-into - Repository deletion is not supported
- 设置任何其他字段时必须配置
actions.*actions.enabled - 仅在
actions.selected_actions时生效allowed_actions: selected - 会删除未被管理的标签,请务必仔细检查
label_sync: mirror结果plan - 执行时,请使用专门的
gh infra import --intoSkillimport-into - 不支持仓库删除操作
Verification
验证
bash
gh infra validate <path>
gh infra plan <path>bash
gh infra validate <path>
gh infra plan <path>