Search results for: GitHub Actions

GitHub has partnered with the OpenSSF and Project Sigstore to add container image signing to our default “Publish Docker Container” workflow.

GitHub Actions workflows triggered by Dependabot will now be sent the Dependabot secrets. This change will enable you to pull from private package registries in your CI using the same…

DRY your Actions configuration with reusable workflows (and more!)

Reusable workflows are now generally available. Reusable workflows help you reduce duplication by enabling you to reuse an entire workflow as if it were an action. A number of improvements…

You can now run workflows for Python projects faster on GitHub Actions by enabling dependency caching on the setup-python action. setup-python supports caching for both pip and pipenv projects. The…

The OpenID Connect (OIDC) support for secure cloud deployments with GitHub Actions is now generally available.You can configure your workflows to request short-lived access tokens that are automatically rotated for…

GitHub Actions now supports OpenID Connect for secure deployment to different cloud providers via short-lived, auto-rotated tokens.

You can now enjoy a higher per-repository cache size. The cache storage for each repository has doubled to 10GB. This enables Actions users on github.com to run workflows faster by caching…

Check out some advanced automation and CI/CD capabilities you can use today with GitHub Actions on any GitHub account.

Windows Server 2022 with Visual Studio 2022 is now generally available on GitHub-hosted runners. To use it now, simply add runs-on: windows-2022 in your workflow file. Otherwise, our recommendation is…

You can now specify input types for manually triggered workflows allowing you to provide a better experience to users of your workflow. In addition to the default string type, we…

Actions written in YAML, also known as composite actions, now support if conditionals. This lets you prevent specific steps from executing unless a condition has been met. Like steps defined…

Tips on how to get started using GitHub Actions and resources to learn more about making it work for you.

GitHub Actions now supports OpenID Connect (OIDC) for secure deployments to cloud, which uses short-lived tokens that are automatically rotated for each deployment. This enables: Seamless authentication between Cloud Providers…

GitHub Actions can automate several common security and compliance tasks, even if your CI/CD pipeline is managed by another tool.

As part of our ongoing efforts to keep GitHub-hosted runners updated and secure, the Windows 2016 virtual environment will be removed from GitHub Actions on March 15, 2022. We recommend…

Managing self-hosted runners within an enterprise no longer requires personal access tokens with the admin:enterprise scope. Tighten down the permissions on your token by using the manage_runners:enterprise scope instead. A…

In March we made a change in GitHub Actions that forced workflows triggered by Dependabot to run with a read-only token. This change was made to protect your repositories from…

Now available in public beta, you can reuse entire workflows as if they were an action. Instead of copying and pasting workflow definitions across repositories, you can now reference an…

macOS Big Sur (11) became generally available on GitHub-hosted runners in August 2021. Over the next 8 weeks, jobs using the macos-latest runner label will migrate from Catalina (10.15) to…

GitHub Actions now supports ephemeral (i.e. single job) self-hosted runners and a new workflow_job webhook to make autoscaling your runners easier. After a job is run, ephemeral runners are automatically…