actions

Subscribe to all “actions” posts via RSS or follow GitHub Changelog on Twitter to stay updated on everything we ship.

~ cd github-changelog
~/github-changelog|main git log main
showing all changes successfully

GitHub Actions: All Actions will begin running on Node16 instead of Node12

Node 12 has been out of support since April 2022, as a result we have started the deprecation process of Node 12 for GitHub Actions. We plan to migrate all actions to run on Node16 by Summer 2023. We will monitor the progress of the migration and listen to the community for how things are going before we define a final date.
To raise awareness of the upcoming change, we are adding a warning into workflows which contain Actions running on Node 12. This will come into effect starting on September 27th.

What you need to do
For Actions maintainers: Update your actions to run on Node 16 instead of Node 12 (Actions configuration settings)
For Actions users: Update your workflows with latest versions of the actions which runs on Node 16 (Using versions for Actions)

See more

GitHub Actions: Use the GITHUB_TOKEN with workflow_dispatch and repository_dispatch

Customers will now be able to use the GITHUB_TOKEN with workflow_dispatch and repository_dispatch events to trigger workflows. Prior to this change, events triggered by GITHUB_TOKEN would not create a new workflow run. This was done to prevent the accidental trigger of endless workflows. This update makes an exception for workflow_dispatch and repository_dispatch events since they are explicit calls made by the customer and not likely to end up in a loop.

name: Create Workflow Dispatch

on:
  workflow_dispatch:

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Trigger Workflow
        uses: actions/github-script@v6
        with:
          script: |
            github.rest.actions.createWorkflowDispatch({
              owner: context.repo.owner,
              repo: context.repo.repo,
              workflow_id: 'test.yml',
              ref: 'main',
            })

For more details see
Triggering a workflow from a workflow.

For questions, visit the GitHub Actions community.

To see what’s next for Actions, visit our public roadmap.

See more

GitHub Actions Larger runners – Are now in public beta

Today, we are announcing the public beta of larger GitHub hosted runners for GitHub Actions for Team and Enterprise plans 🎉 🎉

The new larger runners provide new capabilities for Team and Enterprise GitHub Action users:

  • Linux and Windows machines up to 64 cores
  • Fixed IP ranges to provide access to runners via allow list services
  • Admin control over access to larger runners and concurrency

Larger machine sizes

Developers will be able to make use of machine sizes up to 64 cores on demand to run their workflows, billed by the job minute.

image

Fixed IP ranges

Setup a fixed IP range for your machines by simply ticking a check box, this provides an IP range that can be allow listed in internal systems and in GitHub’s allow list to keep using Actions while making your GitHub environment more secure.

image

Admin control

Admin’s can choose who can have access to larger machine sizes and at what concurrency, providing guard rails on spending
image

Larger machine pricing

Larger runners are charged for in both private and public repos and do not consume included minutes.
To learn more about the larger runner per job minute pricing, check out the updated pricing docs

To learn more about using the new larger runners, check out our docs

To see what’s next for Actions, visit our public roadmap

See more

GitHub Actions: Enhancements to OpenID Connect support to enable secure cloud deployments at scale

OpenID Connect (OIDC) support in GitHub Actions is now enhanced to support secure cloud deployments at scale.

Org & repo admins can use the new OIDC API support to:

  • enable a standard OIDC configuration across their cloud deployment workflows by customizing the subject claim format.
  • ensure additional compliance & security for their OIDC based deployments by appending the issuer url with their enterprise slug
  • configure advanced OIDC policies by using the additional OIDC token claims like repository_id and repo_visibility.

Learn more about Security hardening your GitHub Workflows using OpenID Connect.

See more

GitHub Actions: Improvements to reusable workflows

Reusable workflows can now be called from a matrix and other reusable workflows.

You can now nest up to 4 levels of reusable workflows giving you greater flexibility and better code reuse. Calling a reusable workflow from a matrix allows you to create richer parameterized builds and deployments.

Learn more about nesting reusable workflows.

Learn more about using reusable workflows with the matrix strategy..

For questions and feedback, visit the GitHub Actions community.

See more

Merge group webhook event and GitHub Actions workflow trigger

This feature is available to repositories enrolled in the Pull Request Merge Queue beta.

A new webhook event and GitHub Actions workflow trigger (merge_group) makes it easier to run required status checks on merge groups created by merge queue. A merge group includes the changes from one or more pull requests and must pass the status checks required by the target branch.

A merge_group webhook event, which currently has one supported action (checks_requested), is sent after a merge group is created and informs receivers, including GitHub Actions, when status checks are needed on the merge group. The event payload includes head_sha, the commit SHA that should be validated and have status reported on using check runs or commit statuses. For GitHub Actions, status is reported automatically at the conclusion of jobs in the triggered workflow.

To trigger a GitHub Actions workflow for a merge group, the merge_group trigger should be used. The following example triggers on individual pull requests and merge groups targeting the main branch:

# Trigger this workflow on individual pull requests and merge groups that target the `main` branch
on:
  pull_request:
    branches: [ main ]
  merge_group:
    branches: [ main ]

A push event is still sent when a merge group branch is created, and will trigger a GitHub Actions workflow. However, unlike a merge_group event, a push event does not include the target branch of the merge group.

Learn more about using merge queue.

Learn more about the new GitHub Actions merge_group workflow trigger and the merge_group webhook event.

See more

GitHub Actions: Ubuntu 22.04 is now generally available on GitHub-hosted runners

Ubuntu 22.04 is now generally available on GitHub-hosted runners. To use it now, simply add runs-on: ubuntu-22.04 in your workflow file. Otherwise, our recommendation is to use ubuntu-latest, which currently utilizes Ubuntu 20.04 but will begin running on Ubuntu 22.04 in the near future. This will ensure your workflows are always using a recent OS and removes the need to constantly update workflow files with image versions.

jobs:
  build:
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-dotnet@v1
      - name: Build
        run: dotnet build
      - name: Run tests
        run: dotnet test

The Ubuntu 22.04 runner image has different tools and tool versions than Ubuntu 20.04.

Read more on available runner images and beta images terms of use in our documentation.

See more

GitHub Actions: The Ubuntu 18.04 Actions runner image is being deprecated and will be removed by 12/1/22

The Ubuntu 18.04 Actions runner image started our deprecation process on 8/8/22 and will be fully unsupported by 12/1/22. To raise awareness of the upcoming removal, jobs using Ubuntu 18.04 will temporarily fail during scheduled time periods defined below:

  • October 3, 12:00 UTC – October 3, 14:00 UTC
  • October 18, 14:00 UTC – October 18, 16:00 UTC
  • November 15, 18:00 UTC – November 15, 20:00 UTC
  • November 30, 20:00 UTC – November 30, 22:00 UTC
  • December 15, 20:00 UTC – December 16 00:00 UTC
  • January 5, 10.00 UTC – January 5, 14.00 UTC
  • January 13, 12.00 UTC – January 13, 16.00 UTC
  • January 18, 14.00 UTC – January 18, 18.00 UTC
  • January 24, 16.00 UTC – January 24, 20.00 UTC
  • February 7, 16.00 UTC – February 7, 22.00 UTC
  • February 21, 10.00 UTC – February 21, 22.00 UTC
  • March 6, 00.00 UTC – March 7, 00.00 UTC
  • March 13, 00.00 UTC – March 14, 00.00 UTC
  • March 21, 00.00 UTC – March 22, 00.00 UTC
  • March 28, 00.00 UTC – March 29, 00.00 UTC

What you need to do

Workflows using the ubuntu-18.04 YAML workflow label should be updated to ubuntu-20.04, ubuntu-22.04, or ubuntu-latest. You can always get up-to-date information on our tools by reading about the software in GitHub Actions virtual environments. Please contact GitHub Support.

*update: we extended the deprecation schedule until April 2023 with updated dates for brownouts.

See more

GitHub Actions: Self-hosted runners now support Apple M1 hardware

Actions runner support for Apple silicon hardware, such as the M1 chip, is now generally available. This provides teams with the capability to run self-hosted macOS workflows in a macOS ARM64 runtime. Now the Actions runner supports M1 and the ARM64 runtime meaning developers can run it on their own M1 or M2 hardware.

Based on initial testing, there are currently two issues to be aware of:

  • macOS ARM64 does not support node12. Therefore, the runner will automatically use node16 to execute any javascript Action written for node12.
  • All actions provided by GitHub are compatible with the runner except for a known issue with setup-python. The fix for that can be tracked here.

For additional information on how to set up a self-hosted macOS ARM64 runner, please refer to our documentation. If you have any feedback or questions for Actions self-hosted Apple silicon support, you can submit an issue in the runner repository.

See more

GitHub Actions: runner images repository refresh

The repository that houses the images installed on GitHub-hosted runners has been renamed from actions/virtual-environments to actions/runner-images. These images are maintained by GitHub and used by GitHub Actions.

If you have forked this repository you will not be affected by this change.

All git clone, git fetch, or git push operations targeting the previous location will continue to function as if made on the new location. However, to reduce confusion, you should update any existing local clones to point to the new repository URL.

For more information and updates you can visit the newly improved runner images repository.

See more

GitHub Actions: Remove offline self-hosted runners

Previously we retained self-hosted GitHub Action runners in the GitHub Actions UI for 30 days after they were last seen to connect. With the growth in the use of ephemeral runners and the scale of use of self-hosted, this is becoming hard for users to manage. As a result, we are making the following changes to the time we retain offline runners for.

A non-ephemeral self-hosted Actions runner is automatically removed from GitHub if we have not seen it connect to GitHub for more than 14 days.

An ephemeral self-hosted Actions runner is automatically removed from GitHub if we have not seen it connect to GitHub for more than one day.

Learn more about self-hosted runners in GitHub Actions

For questions, visit the GitHub Actions community

To see what's next for Actions, visit our public roadmap

See more

GitHub CLI extension to manage Actions cache

You can now manage Actions cache from your terminal by installing the new GitHub CLI extension for Actions cache:

    gh extension install actions/gh-actions-cache

This extension is built on top of GitHub APIs for cache management and enables you to get:

  • More transparency by listing all the active caches in a repository and sorting by metadata like cache size, creation time or last accessed time.
  • Better control over cache usage by deleting a corrupt or a stale cache entry

Learn more about dependency caching to speed up your Actions workflows.

See more

Differentiating triggering actor from executing actor

Starting next week, workflow re-runs in GitHub Actions will use the initial run’s actor for privilege evaluation. The actor who triggered the re-run will continue to be displayed in the UI, and can be accessed in a workflow via the triggering_actor field in the github context.

Currently, the privileges (e.g. – secrets, permissions) of a run are derived from the triggering actor. This poses a challenge in situations where the actor triggering a re-run is different than the original executing actor. The upcoming change will differentiate the initial executing actor from the triggering actor, enabling the stable execution of re-runs.

For more details see Re-running workflows and jobs.

For questions, visit the GitHub Actions community.

To see what’s next for Actions, visit our public roadmap.

See more

List and delete caches in your Actions workflows

You can now get more transparency and control over dependency caching in your actions workflows.

Actions users who use actions/cache to make jobs faster on GitHub Actions can now use our cache list and delete APIs to:

  • list all the Actions caches within a repository and sort by specific metadata like cache size, creation time or last accessed time.
  • delete a corrupt or a stale cache entry by providing the cache key or ID.

Learn more about Managing caching dependencies to speed up workflows.

See more
View more changes