注意:GitHub Enterprise Server 目前不支持 GitHub 托管的运行器。 可以在 GitHub public roadmap 上查看有关未来支持计划的更多信息。
示例概述
本文使用示例工作流演示 GitHub Actions 的某些主要 CI 功能。 此工作流触发后,会自动运行一个脚本,用于检查 GitHub Docs 站点是否有任何损坏的链接。 如果找到任何损坏的链接,工作流将使用 GitHub CLI 创建包含详细信息的 GitHub 问题。
下图显示了工作流步骤的高级视图以及它们如何在作业中运行:
此示例中使用的功能
示例工作流演示了 GitHub Actions 的以下功能。
功能 | 实现 |
---|---|
定期运行工作流 | schedule |
设置令牌的权限 | permissions |
除非满足特定条件,否则阻止作业运行 | if |
引用工作流中的机密 | 机密 |
将存储库克隆到运行器 | actions/checkout |
在运行器上安装 node | actions/setup-node |
使用第三方操作 | peter-evans/create-issue-from-file |
在运行器上运行脚本 | 使用 script/check-english-links.js |
生成输出文件 | 使用 > 运算符通过管道传输输出 |
使用 GitHub CLI 检查现有问题 | gh issue list |
使用 GitHub CLI 对问题进行注释 | gh issue comment |
示例工作流
GitHub Docs 工程团队创建了以下工作流。 若要查看 github/docs
存储库中此文件的最新版本,请参阅 check-all-english-links.yml
。
以下工作流每天检查一次所有英语链接,并通过创建新问题来报告断开的链接,供文档内容团队审查。
# 这定义工作流的名称,它将显示在 GitHub 存储库的“操作”选项卡中。 name: Check all English links # Defines the `workflow_dispatch` and `scheduled` as triggers for the workflow. # # The `workflow_dispatch` event lets you manually run this workflow from the UI. For more information, see [`workflow_dispatch`](/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch). # # The `schedule` event lets you use `cron` syntax to define a regular interval for automatically triggering the workflow. For more information, see [`schedule`](/actions/using-workflows/events-that-trigger-workflows#schedule). on: workflow_dispatch: schedule: - cron: '40 19 * * *' # once a day at 19:40 UTC / 11:40 PST # Modifies the default permissions granted to `GITHUB_TOKEN`. This will vary depending on the needs of your workflow. For more information, see "[AUTOTITLE](/actions/using-jobs/assigning-permissions-to-jobs)." permissions: contents: read issues: write # Groups together all the jobs that run in the workflow file. jobs: # Defines a job with the ID `check_all_english_links`, and the name `Check all links`, that is stored within the `jobs` key. check_all_english_links: name: Check all links # Only run the `check_all_english_links` job if the repository is named `docs-internal` and is within the `github` organization. Otherwise, the job is marked as _skipped_. if: github.repository == 'github/docs-internal' # Configures the job to run on an Ubuntu Linux runner. This means that the job will execute on a fresh virtual machine hosted by GitHub. For syntax examples using other runners, see "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idruns-on)." runs-on: ubuntu-latest # Creates custom environment variables, and redefines the built-in `GITHUB_TOKEN` variable to use a custom [secret](/actions/security-guides/using-secrets-in-github-actions). These variables will be referenced later in the workflow. env: GITHUB_TOKEN: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }} FIRST_RESPONDER_PROJECT: Docs content first responder REPORT_AUTHOR: docubot REPORT_LABEL: broken link report REPORT_REPOSITORY: github/docs-content # Groups together all the steps that will run as part of the `check_all_english_links` job. Each job in the workflow has its own `steps` section. steps: # The `uses` keyword tells the job to retrieve the action named `actions/checkout`. This is an action that checks out your repository and downloads it to the runner, allowing you to run actions against your code (such as testing tools). You must use the checkout action any time your workflow will run against the repository's code or you are using an action defined in the repository. - name: Check out repo's default branch uses: actions/checkout@v4 # This step uses the `actions/setup-node` action to install the specified version of the `node` software package on the runner, which gives you access to the `npm` command. - name: Setup Node uses: actions/setup-node@v4 with: node-version: 16.13.x cache: npm # The `run` keyword tells the job to execute a command on the runner. In this case, the `npm ci` and `npm run build` commands are run as separate steps to install and build the Node.js application in the repository. - name: Run the "npm ci" command run: npm ci - name: Run the "npm run build" command run: npm run build # This `run` command executes a script that is stored in the repository at `script/check-english-links.js`, and pipes the output to a file called `broken_links.md`. - name: Run script run: | script/check-english-links.js > broken_links.md # If the `check-english-links.js` script detects broken links and returns a non-zero (failure) exit status, then use a [workflow command](/actions/using-workflows/workflow-commands-for-github-actions#setting-an-output-parameter) to set an output that has the value of the first line of the `broken_links.md` file (this is used the next step). # # `check-english-links.js` returns 0 if no links are broken, and 1 if any links are broken. When an Actions step's exit code is 1, the action run's job status is failure and the run ends. # # The following steps create an issue for the broken link report only if any links are broken, so `if: ${{ failure() }}` ensures the steps run despite the previous step's failure of the job. - if: ${{ failure() }} name: Get title for issue id: check run: echo "title=$(head -1 broken_links.md)" >> $GITHUB_OUTPUT # Uses the `peter-evans/create-issue-from-file` action to create a new GitHub issue. This example is pinned to a specific version of the action, using the `ceef9be92406ace67ab5421f66570acf213ec395` SHA. - if: ${{ failure() }} name: Create issue from file id: broken-link-report uses: peter-evans/create-issue-from-file@ceef9be92406ace67ab5421f66570acf213ec395 with: token: ${{ env.GITHUB_TOKEN }} title: ${{ steps.check.outputs.title }} content-filepath: ./broken_links.md repository: ${{ env.REPORT_REPOSITORY }} labels: ${{ env.REPORT_LABEL }} # Uses [`gh issue list`](https://cli.github.com/manual/gh_issue_list) to locate the previously created issue from earlier runs. This is [aliased](https://cli.github.com/manual/gh_alias_set) to `gh list-reports` for simpler processing in later steps. - if: ${{ failure() }} name: Close and/or comment on old issues env: NEW_REPORT_URL: 'https://github.com/${{ env.REPORT_REPOSITORY }}/issues/${{ steps.broken-link-report.outputs.issue-number }}' run: | gh alias set list-reports "issue list \ --repo ${{ env.REPORT_REPOSITORY }} \ --author ${{ env.REPORT_AUTHOR }} \ --label '${{ env.REPORT_LABEL }}'" previous_report_url=$(gh list-reports \ --state all \ --limit 2 \ --json url \ --jq '.[].url' \ | grep -v ${{ env.NEW_REPORT_URL }} | head -1) # [`gh issue comment`](https://cli.github.com/manual/gh_issue_comment) is used to add a comment to the new issue that links to the previous one. gh issue comment ${{ env.NEW_REPORT_URL }} --body "⬅️ [Previous report]($previous_report_url)" # If an issue from a previous run is open and assigned to someone, then use [`gh issue comment`](https://cli.github.com/manual/gh_issue_comment) to add a comment with a link to the new issue without closing the old report. To get the issue URL, the `jq` expression processes the resulting JSON output. # # If an issue from a previous run is open and is not assigned to anyone, use [`gh issue comment`](https://cli.github.com/manual/gh_issue_comment) to add a comment with a link to the new issue. Then use [`gh issue close`](https://cli.github.com/manual/gh_issue_close) and [`gh issue edit`](https://cli.github.com/manual/gh_issue_edit) to close the issue and remove it from the project board. for issue_url in $(gh list-reports \ --json assignees,url \ --jq '.[] | select (.assignees != []) | .url'); do if [ "$issue_url" != "${{ env.NEW_REPORT_URL }}" ]; then gh issue comment $issue_url --body "➡️ [Newer report](${{ env.NEW_REPORT_URL }})" fi done for issue_url in $(gh list-reports \ --search 'no:assignee' \ --json url \ --jq '.[].url'); do if [ "$issue_url" != "${{ env.NEW_REPORT_URL }}" ]; then gh issue comment $issue_url --body "➡️ [Newer report](${{ env.NEW_REPORT_URL }})" # Use [`gh issue close`](https://cli.github.com/manual/gh_issue_close) to close the old issue. gh issue close $issue_url # Use [`gh issue edit`](https://cli.github.com/manual/gh_issue_edit) to edit the old issue and remove it from a specific GitHub project board. gh issue edit $issue_url --remove-project "${{ env.FIRST_RESPONDER_PROJECT }}" fi done
name: Check all English links
这定义工作流的名称,它将显示在 GitHub 存储库的“操作”选项卡中。
on:
workflow_dispatch:
schedule:
- cron: '40 19 * * *' # once a day at 19:40 UTC / 11:40 PST
Defines the workflow_dispatch
and scheduled
as triggers for the workflow.
The workflow_dispatch
event lets you manually run this workflow from the UI. For more information, see workflow_dispatch
.
The schedule
event lets you use cron
syntax to define a regular interval for automatically triggering the workflow. For more information, see schedule
.
permissions:
contents: read
issues: write
Modifies the default permissions granted to GITHUB_TOKEN
. This will vary depending on the needs of your workflow. For more information, see "为作业分配权限."
jobs:
Groups together all the jobs that run in the workflow file.
check_all_english_links:
name: Check all links
Defines a job with the ID check_all_english_links
, and the name Check all links
, that is stored within the jobs
key.
if: github.repository == 'github/docs-internal'
Only run the check_all_english_links
job if the repository is named docs-internal
and is within the github
organization. Otherwise, the job is marked as skipped.
runs-on: ubuntu-latest
Configures the job to run on an Ubuntu Linux runner. This means that the job will execute on a fresh virtual machine hosted by GitHub. For syntax examples using other runners, see "GitHub Actions 的工作流语法."
env:
GITHUB_TOKEN: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
FIRST_RESPONDER_PROJECT: Docs content first responder
REPORT_AUTHOR: docubot
REPORT_LABEL: broken link report
REPORT_REPOSITORY: github/docs-content
Creates custom environment variables, and redefines the built-in GITHUB_TOKEN
variable to use a custom secret. These variables will be referenced later in the workflow.
steps:
Groups together all the steps that will run as part of the check_all_english_links
job. Each job in the workflow has its own steps
section.
- name: Check out repo's default branch
uses: actions/checkout@v4
The uses
keyword tells the job to retrieve the action named actions/checkout
. This is an action that checks out your repository and downloads it to the runner, allowing you to run actions against your code (such as testing tools). You must use the checkout action any time your workflow will run against the repository's code or you are using an action defined in the repository.
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: 16.13.x
cache: npm
This step uses the actions/setup-node
action to install the specified version of the node
software package on the runner, which gives you access to the npm
command.
- name: Run the "npm ci" command
run: npm ci
- name: Run the "npm run build" command
run: npm run build
The run
keyword tells the job to execute a command on the runner. In this case, the npm ci
and npm run build
commands are run as separate steps to install and build the Node.js application in the repository.
- name: Run script
run: |
script/check-english-links.js > broken_links.md
This run
command executes a script that is stored in the repository at script/check-english-links.js
, and pipes the output to a file called broken_links.md
.
- if: ${{ failure() }}
name: Get title for issue
id: check
run: echo "title=$(head -1 broken_links.md)" >> $GITHUB_OUTPUT
If the check-english-links.js
script detects broken links and returns a non-zero (failure) exit status, then use a workflow command to set an output that has the value of the first line of the broken_links.md
file (this is used the next step).
check-english-links.js
returns 0 if no links are broken, and 1 if any links are broken. When an Actions step's exit code is 1, the action run's job status is failure and the run ends.
The following steps create an issue for the broken link report only if any links are broken, so if: ${{ failure() }}
ensures the steps run despite the previous step's failure of the job.
- if: ${{ failure() }}
name: Create issue from file
id: broken-link-report
uses: peter-evans/create-issue-from-file@ceef9be92406ace67ab5421f66570acf213ec395
with:
token: ${{ env.GITHUB_TOKEN }}
title: ${{ steps.check.outputs.title }}
content-filepath: ./broken_links.md
repository: ${{ env.REPORT_REPOSITORY }}
labels: ${{ env.REPORT_LABEL }}
Uses the peter-evans/create-issue-from-file
action to create a new GitHub issue. This example is pinned to a specific version of the action, using the ceef9be92406ace67ab5421f66570acf213ec395
SHA.
- if: ${{ failure() }}
name: Close and/or comment on old issues
env:
NEW_REPORT_URL: 'https://github.com/${{ env.REPORT_REPOSITORY }}/issues/${{ steps.broken-link-report.outputs.issue-number }}'
run: |
gh alias set list-reports "issue list \
--repo ${{ env.REPORT_REPOSITORY }} \
--author ${{ env.REPORT_AUTHOR }} \
--label '${{ env.REPORT_LABEL }}'"
previous_report_url=$(gh list-reports \
--state all \
--limit 2 \
--json url \
--jq '.[].url' \
| grep -v ${{ env.NEW_REPORT_URL }} | head -1)
Uses gh issue list
to locate the previously created issue from earlier runs. This is aliased to gh list-reports
for simpler processing in later steps.
gh issue comment ${{ env.NEW_REPORT_URL }} --body "⬅️ [Previous report]($previous_report_url)"
gh issue comment
is used to add a comment to the new issue that links to the previous one.
for issue_url in $(gh list-reports \
--json assignees,url \
--jq '.[] | select (.assignees != []) | .url'); do
if [ "$issue_url" != "${{ env.NEW_REPORT_URL }}" ]; then
gh issue comment $issue_url --body "➡️ [Newer report](${{ env.NEW_REPORT_URL }})"
fi
done
for issue_url in $(gh list-reports \
--search 'no:assignee' \
--json url \
--jq '.[].url'); do
if [ "$issue_url" != "${{ env.NEW_REPORT_URL }}" ]; then
gh issue comment $issue_url --body "➡️ [Newer report](${{ env.NEW_REPORT_URL }})"
If an issue from a previous run is open and assigned to someone, then use gh issue comment
to add a comment with a link to the new issue without closing the old report. To get the issue URL, the jq
expression processes the resulting JSON output.
If an issue from a previous run is open and is not assigned to anyone, use gh issue comment
to add a comment with a link to the new issue. Then use gh issue close
and gh issue edit
to close the issue and remove it from the project board.
gh issue close $issue_url
Use gh issue close
to close the old issue.
gh issue edit $issue_url --remove-project "${{ env.FIRST_RESPONDER_PROJECT }}"
fi
done
Use gh issue edit
to edit the old issue and remove it from a specific GitHub project board.
# 这定义工作流的名称,它将显示在 GitHub 存储库的“操作”选项卡中。
name: Check all English links
# Defines the `workflow_dispatch` and `scheduled` as triggers for the workflow.
#
# The `workflow_dispatch` event lets you manually run this workflow from the UI. For more information, see [`workflow_dispatch`](/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch).
#
# The `schedule` event lets you use `cron` syntax to define a regular interval for automatically triggering the workflow. For more information, see [`schedule`](/actions/using-workflows/events-that-trigger-workflows#schedule).
on:
workflow_dispatch:
schedule:
- cron: '40 19 * * *' # once a day at 19:40 UTC / 11:40 PST
# Modifies the default permissions granted to `GITHUB_TOKEN`. This will vary depending on the needs of your workflow. For more information, see "[AUTOTITLE](/actions/using-jobs/assigning-permissions-to-jobs)."
permissions:
contents: read
issues: write
# Groups together all the jobs that run in the workflow file.
jobs:
# Defines a job with the ID `check_all_english_links`, and the name `Check all links`, that is stored within the `jobs` key.
check_all_english_links:
name: Check all links
# Only run the `check_all_english_links` job if the repository is named `docs-internal` and is within the `github` organization. Otherwise, the job is marked as _skipped_.
if: github.repository == 'github/docs-internal'
# Configures the job to run on an Ubuntu Linux runner. This means that the job will execute on a fresh virtual machine hosted by GitHub. For syntax examples using other runners, see "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idruns-on)."
runs-on: ubuntu-latest
# Creates custom environment variables, and redefines the built-in `GITHUB_TOKEN` variable to use a custom [secret](/actions/security-guides/using-secrets-in-github-actions). These variables will be referenced later in the workflow.
env:
GITHUB_TOKEN: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
FIRST_RESPONDER_PROJECT: Docs content first responder
REPORT_AUTHOR: docubot
REPORT_LABEL: broken link report
REPORT_REPOSITORY: github/docs-content
# Groups together all the steps that will run as part of the `check_all_english_links` job. Each job in the workflow has its own `steps` section.
steps:
# The `uses` keyword tells the job to retrieve the action named `actions/checkout`. This is an action that checks out your repository and downloads it to the runner, allowing you to run actions against your code (such as testing tools). You must use the checkout action any time your workflow will run against the repository's code or you are using an action defined in the repository.
- name: Check out repo's default branch
uses: actions/checkout@v4
# This step uses the `actions/setup-node` action to install the specified version of the `node` software package on the runner, which gives you access to the `npm` command.
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: 16.13.x
cache: npm
# The `run` keyword tells the job to execute a command on the runner. In this case, the `npm ci` and `npm run build` commands are run as separate steps to install and build the Node.js application in the repository.
- name: Run the "npm ci" command
run: npm ci
- name: Run the "npm run build" command
run: npm run build
# This `run` command executes a script that is stored in the repository at `script/check-english-links.js`, and pipes the output to a file called `broken_links.md`.
- name: Run script
run: |
script/check-english-links.js > broken_links.md
# If the `check-english-links.js` script detects broken links and returns a non-zero (failure) exit status, then use a [workflow command](/actions/using-workflows/workflow-commands-for-github-actions#setting-an-output-parameter) to set an output that has the value of the first line of the `broken_links.md` file (this is used the next step).
#
# `check-english-links.js` returns 0 if no links are broken, and 1 if any links are broken. When an Actions step's exit code is 1, the action run's job status is failure and the run ends.
#
# The following steps create an issue for the broken link report only if any links are broken, so `if: ${{ failure() }}` ensures the steps run despite the previous step's failure of the job.
- if: ${{ failure() }}
name: Get title for issue
id: check
run: echo "title=$(head -1 broken_links.md)" >> $GITHUB_OUTPUT
# Uses the `peter-evans/create-issue-from-file` action to create a new GitHub issue. This example is pinned to a specific version of the action, using the `ceef9be92406ace67ab5421f66570acf213ec395` SHA.
- if: ${{ failure() }}
name: Create issue from file
id: broken-link-report
uses: peter-evans/create-issue-from-file@ceef9be92406ace67ab5421f66570acf213ec395
with:
token: ${{ env.GITHUB_TOKEN }}
title: ${{ steps.check.outputs.title }}
content-filepath: ./broken_links.md
repository: ${{ env.REPORT_REPOSITORY }}
labels: ${{ env.REPORT_LABEL }}
# Uses [`gh issue list`](https://cli.github.com/manual/gh_issue_list) to locate the previously created issue from earlier runs. This is [aliased](https://cli.github.com/manual/gh_alias_set) to `gh list-reports` for simpler processing in later steps.
- if: ${{ failure() }}
name: Close and/or comment on old issues
env:
NEW_REPORT_URL: 'https://github.com/${{ env.REPORT_REPOSITORY }}/issues/${{ steps.broken-link-report.outputs.issue-number }}'
run: |
gh alias set list-reports "issue list \
--repo ${{ env.REPORT_REPOSITORY }} \
--author ${{ env.REPORT_AUTHOR }} \
--label '${{ env.REPORT_LABEL }}'"
previous_report_url=$(gh list-reports \
--state all \
--limit 2 \
--json url \
--jq '.[].url' \
| grep -v ${{ env.NEW_REPORT_URL }} | head -1)
# [`gh issue comment`](https://cli.github.com/manual/gh_issue_comment) is used to add a comment to the new issue that links to the previous one.
gh issue comment ${{ env.NEW_REPORT_URL }} --body "⬅️ [Previous report]($previous_report_url)"
# If an issue from a previous run is open and assigned to someone, then use [`gh issue comment`](https://cli.github.com/manual/gh_issue_comment) to add a comment with a link to the new issue without closing the old report. To get the issue URL, the `jq` expression processes the resulting JSON output.
#
# If an issue from a previous run is open and is not assigned to anyone, use [`gh issue comment`](https://cli.github.com/manual/gh_issue_comment) to add a comment with a link to the new issue. Then use [`gh issue close`](https://cli.github.com/manual/gh_issue_close) and [`gh issue edit`](https://cli.github.com/manual/gh_issue_edit) to close the issue and remove it from the project board.
for issue_url in $(gh list-reports \
--json assignees,url \
--jq '.[] | select (.assignees != []) | .url'); do
if [ "$issue_url" != "${{ env.NEW_REPORT_URL }}" ]; then
gh issue comment $issue_url --body "➡️ [Newer report](${{ env.NEW_REPORT_URL }})"
fi
done
for issue_url in $(gh list-reports \
--search 'no:assignee' \
--json url \
--jq '.[].url'); do
if [ "$issue_url" != "${{ env.NEW_REPORT_URL }}" ]; then
gh issue comment $issue_url --body "➡️ [Newer report](${{ env.NEW_REPORT_URL }})"
# Use [`gh issue close`](https://cli.github.com/manual/gh_issue_close) to close the old issue.
gh issue close $issue_url
# Use [`gh issue edit`](https://cli.github.com/manual/gh_issue_edit) to edit the old issue and remove it from a specific GitHub project board.
gh issue edit $issue_url --remove-project "${{ env.FIRST_RESPONDER_PROJECT }}"
fi
done
后续步骤
- 若要了解 GitHub Actions 概念,请参阅“了解 GitHub Actions”。
- 有关创建基本工作流的分步指南,请参阅“GitHub Actions 快速入门”。
- 如果你熟悉 GitHub Actions 的基础知识,可以在“关于工作流程”中了解工作流及其功能。