You can now run Java projects faster on GitHub Actions by enabling dependency caching on the setup-java action. setup-java supports caching for both Gradle and Maven projects.
The following example enables caching for a Java project with Gradle:
steps:
- uses: actions/checkout@v2
- uses: actions/setup-java@v2
with:
distribution: 'temurin'
java-version: '11'
cache: 'gradle'
- run: ./gradlew buildFor additional examples, visit the setup-java repository.
Previously, actions written in YAML could only use scripts. Now, they can also reference other actions. This makes it easy to reduce duplication in your workflows.
For example, the following action uses 3 actions to setup buildx, log in to Docker, and publish an image. By combining these into a single action it provides a larger unit of reuse that you can put into the job of any workflow.
name: "Publish to Docker"
description: "Pushes built artifacts to Docker"
inputs:
registry_username:
description: “Username for image registry”
required: true
registry_password:
description: “Password for image registry”
required: true
runs:
using: "composite"
steps:
- uses: docker/setup-buildx-action@v1
- uses: docker/login-action@v1
with:
username: ${{inputs.registry_username}}
password: ${{inputs.registry_password}}
- uses: docker/build-push-action@v2
with:
context: .
push: true
tags: user/app:latest
Developers can then reference this action in all of their repositories as a single action:
on: [push]
jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: my-org/publish-docker@v1
with:
registry_username: ${{secrets.REGISTRY_USERNAME}}
registry_password: ${{secrets.REGISTRY_PASSWORD}}Learn more about action composition.
For questions, visit the GitHub Actions community
Windows Server 2022 with Visual Studio 2022 Preview is now available in beta on GitHub-hosted runners. Use it by putting runs-on: windows-2022 in your workflow file.
jobs:
build:
runs-on: windows-2022
steps:
- uses: actions/checkout@v2
- uses: actions/setup-dotnet@v1
- name: Build
run: dotnet build
- name: Run tests
run: dotnet testThe Windows Server 2022 runner image has different tools and tool versions than Windows Server 2019.
Read more on available runner images and beta images terms of use in docs.
macOS 11 Big Sur is now generally available on GitHub-hosted runners. Use GitHub Actions to build and publish apps for the latest Apple ecosystem by updating your workflows to include runs-on: macos-11
jobs:
build:
runs-on: macos-11
steps:
- uses: actions/checkout@v2
- name: Build
run: swift build
- name: Run tests
run: swift testThe macOS 11 Big Sur runner image has different tools and tool versions than macOS 10.15 Catalina. See the full list of changed software.
If you spot any issues with your workflows when using Big Sur, please let us know by creating an issue in the virtual-environments repository.
The Audit Log now includes events associated with GitHub Actions self-hosted runners. This data provides enterprise customers with an expanded data set for security and compliance audits.
New events will be incorporated into the audit log when:
These new events are only available to customers on the Enterprise plan and can be viewed using the REST API.
Learn more about Audit Log events
For questions please visit the GitHub Actions community forum
You can now run Node.js projects faster on GitHub Actions by enabling dependency caching on the setup-node action. setup-node supports caching from both npm and yarn package managers.
- uses: actions/setup-node@v2
with:
node-version: '14'
cache: npmFor questions, visit the GitHub Actions community
Maintainers now have additional control over when they must approve Actions runs for new contributors.
In April, we shipped an update for GitHub Actions that required maintainers to approve Actions runs for first-time contributors in their repositories. Based on your feedback we have added additional settings to give you more control over this behavior.
Learn more about approving first time contributor pull requests
GitHub Discussions integrations are now available on GitHub Actions. You can now trigger workflows on Discussion and DiscussionComment webhook events.
Get started with GitHub Discussions & Actions.
For questions or feedback, visit GitHub Discussions feedback.
Today we are making environments, environment protection rules, and environment secrets generally available.
Starting June 16 2021, GitHub-hosted Ubuntu runners will only contain the latest patch release for each supported version of the .NET SDK.
You will not be affected if you use setup-dotnet action. However, If you use a global.json file with a rollForward: disable property, your workflow will fail. To continue using .NET SDK, change your workflow to use setup-dotnet action or use some other value for rollForward property.
The setup-dotnet action is the recommended way of using .NET with GitHub Actions because it ensures consistent behavior for your workflow runs and allows you specify exactly which version your code needs. For more information please see the GitHub Actions documentation and subscribe to the announcement in the actions/virtual-environments repository.
You can now use a Beta API to approve workflow runs from public forks of first time contributors.
Learn more about using this API
Learn more about approving first time contributor pull requests
As part of our ongoing efforts to keep the hosted actions runners updated and secure, the Ubuntu 16.04 LTS virtual environment will be removed from GitHub Actions on September 20, 2021. For workflows using ubuntu-16.04, you will need to update your workflow files to run on ubuntu-latest which will run on the Ubuntu 20.04 LTS environment instead.
To help make sure all affected customers are aware of this change, we will temporarily suspend workflows on Ubuntu 16.04 LTS environment for two short 'brownout' periods ahead of the final removal. Builds that are scheduled to run during the brownout periods will fail. Therefore it is recommended that you should plan to move to a supported version of Ubuntu before September 6, 2021. The brownouts are scheduled for the following dates and times:
You can learn more about our software and image guidelines for GitHub-hosted runners in the virtual environment repository. Please contact support if you experience any issues due to this change.
GitHub actions will now require a collaborator with write access to take action to run workflows from first time users in pull requests.
Learn more about why we are making this change
Learn more about approving first time contributor pull requests
GitHub Actions now lets you control the permissions granted to the GITHUB_TOKEN secret.
The GITHUB_TOKEN is an automatically generated secret that lets you make authenticated calls to the GitHub API in your workflow runs. Actions generates a new token for each job and expires the token when a job completes. The token has write permissions to a number of API endpoints except in the case of pull requests from forks which are always read. These new settings allow you to follow a principle of least privilege in your workflows.
A new permissions key supported at the workflow and job level enables you to specify which permissions you want for the token. Any permission that is absent from the list will be set to none.
permissions:
actions: read|write|none
checks: read|write|none
contents: read|write|none
deployments: read|write|none
issues: read|write|none
packages: read|write|none
pull-requests: read|write|none
repository-projects: read|write|none
security-events: read|write|none
statuses: read|write|nonePull requests from public forks are still considered a special case and will receive a read token regardless of these settings.
A new admin setting lets you set the default permissions for the token in your organization or repository.
You can choose between two options:
Setting the default to contents:read is sufficient for any workflows that simply need to clone and build. If you need additional permissions you will need to specify those in your workflow yaml.
Learn more about setting the token permissions
GitHub Actions now supports a concurrency key at both the workflow and job level that will ensure that only a single run or job is in progress.
There are a number of scenarios where you only want a single instance of a particular workflow or job running at any given time. For example: if you have a deployment to your production environment ensuring that only a single deployment is happening at any given time and that you are always deploying the latest code can be important. The concurrency key can be any string or an expression using the github context. When a job or run starts it first checks to see if anything is currently holding on to the concurrency group specified. If not, it will start. If there is a lock on the group, the job or run will be marked as pending and will only start after the blocking job or run completes.
Learn more about concurrency groups in GitHub Actions