AgentSkillsCN

github-actions-workflow-design

GitHub Actions 工作流的设计与维护流程。当 GitHub 原生工作流、评审路由、检查或发布是主要关注范围时,可选用此流程;但请勿将其用于非 GitHub 运行时架构或数据层的设计。

SKILL.md
--- frontmatter
name: github-actions-workflow-design
description: "GitHub Actions workflow design and maintenance process. Use when GitHub-native workflows, review routing, checks, or releases are the primary scope; do not use for non-GitHub runtime architecture or data-layer design."

Github Actions Workflow Design

Trigger Boundary

  • Use when .github/workflows/*.yml design or refactoring is required.
  • Do not use for troubleshooting a specific failing run only; use github-fix-ci first.
  • Do not use for non-GitHub CI platforms.

Goal

Build reliable, maintainable, and fast GitHub Actions workflows.

Inputs

  • Required checks and branch protection policy
  • Build/test/deploy steps and runtime matrix
  • Secrets policy and environment separation

Outputs

  • Workflow specification with job graph and triggers
  • Reusable action and cache strategy
  • Validation checklist for pull request and main branch runs

Workflow

  1. Define trigger events (pull_request, push, workflow_dispatch) and scope.
  2. Split jobs by responsibility and wire explicit dependencies.
  3. Add deterministic setup, caching, and artifact boundaries.
  4. Guard deploy jobs with environment approvals and least-privilege tokens.
  5. Verify workflow with representative branch and PR scenarios.

Quality Gates

  • Required checks align with branch protection rules.
  • Workflow runtime is measured and optimized where possible.
  • Secrets and permissions are least privilege per job.
  • Failure logs are actionable without manual deep inspection.

Failure Handling

  • Stop when required job boundaries or permissions are ambiguous.
  • Escalate when workflow design conflicts with repository governance.

References

  • references/actions-permissions-matrix.md
  • references/workflow-snippets.md