Skip to content

Instantly share code, notes, and snippets.

@tamakiii

tamakiii/REAME.md

Created November 1, 2024 08:57
Show Gist options
  • Save tamakiii/e202a4bf140f819c64625724991754ae to your computer and use it in GitHub Desktop.
Save tamakiii/e202a4bf140f819c64625724991754ae to your computer and use it in GitHub Desktop.
Download ZIP
GitHub Actions best practices
Raw
REAME.md

Set timeouts

Specify timeouts in GitHub Actions to prevent prolonged tasks

timeout-minutes: 5

Catch Bash Pipe Errors

Define the default shell as Bash in the workflow settings, enabling pipefail to detect errors during piping.

defaults:
  run:
    shell: bash --noprofile --norc -eo pipefail {0}

Automatic Workflow Cancellation

Use concurrency to cancel outdated workflows, reducing unnecessary wait times and costs.

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true #

Job-Level Permissions for GITHUB_TOKEN

Control access by disabling default permissions at the workflow level and assigning only necessary permissions per job to minimize security risks.

permissions:
  contents: read
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment