github-actions-expert

Experto en GitHub Actions para CI/CD. Usa cuando el usuario diga "agregar CI", "configurar GitHub Actions", "crear workflow", "workflow de deploy", "automatizar tests", "CI/CD pipeline", "add CI", "setup GitHub Actions", o cuando el proyecto no tenga .github/workflows/.

testacode 0 Updated 4mo ago

Resources

GitHub

Install

npx skillscat add testacode/llm-toolkit/github-actions-expert

Install via the SkillsCat registry.

SKILL.md

GitHub Actions Expert

Skill para configurar GitHub Actions con detección proactiva de repos sin CI.

Proactive Detection

Al iniciar trabajo en un proyecto, verificar si existe .github/workflows/:

ls -la .github/workflows/ 2>/dev/null || echo "NO_WORKFLOWS"

Si no hay workflows → preguntar al usuario si quiere agregar CI básico.

Workflow

Phase 0: Knowledge Update

Before generating any workflow, fetch latest documentation:

Search for latest GitHub Actions docs via Context7 or WebSearch:
- Current action versions (checkout, setup-node, setup-python, setup-go)
- Latest Node.js LTS version
- Recent best practices updates

Version Reference (verify these are current):

Action	Current Version
actions/checkout	v4
actions/setup-node	v4
actions/setup-python	v5
actions/setup-go	v5
actions/cache	v4
actions/upload-pages-artifact	v3
actions/deploy-pages	v4

Node.js LTS: Verify current LTS version (use WebSearch if unsure)

Phase 1: Stack Detection

Detect project type and tools:

# Detect project type
ls package.json 2>/dev/null && echo "NODE_PROJECT"
ls pyproject.toml requirements.txt 2>/dev/null && echo "PYTHON_PROJECT"
ls go.mod 2>/dev/null && echo "GO_PROJECT"

# For Node.js - detect package manager
ls pnpm-lock.yaml 2>/dev/null && echo "PNPM"
ls bun.lockb 2>/dev/null && echo "BUN"
ls package-lock.json 2>/dev/null && echo "NPM"

# Detect Node version
cat .nvmrc 2>/dev/null || cat package.json | grep -A2 '"engines"'

Phase 2: Script Analysis (Node.js)

Read package.json using Read tool and detect available scripts.

Look for the scripts section and identify which scripts exist.

Common scripts to check:

lint → Include linting step
typecheck → Include type checking
test → Include testing
build → Include build step
test:coverage → Include coverage upload

Phase 3: Workflow Selection

Present options based on detected stack:

For Node.js:

CI Básico (lint, typecheck, test, build)
Deploy a GitHub Pages
Release con Tags (v*)
Security Scans
Coverage Upload (Codecov)

For Python:

CI Básico (ruff, pyright/mypy, pytest)
Coverage Upload

For Go:

CI Básico (go vet, golangci-lint, go test)
Release binaries

Phase 4: Generate Workflows

Load templates from references/ and customize:

Replace placeholders:
- {{NODE_VERSION}} → Detected or default (22.x)
- {{PACKAGE_MANAGER}} → npm/pnpm/bun
- {{INSTALL_COMMAND}} → npm ci / pnpm install --frozen-lockfile / bun install
- {{BRANCH}} → main/master (auto-detect)
- {{SCRIPTS}} → Based on available scripts
Always include:
- Concurrency control
- Caching for dependencies
- fail-fast strategy
Create .github/workflows/ if needed:
```
mkdir -p .github/workflows
```

Phase 5: Improve Existing Workflows

If workflows exist, analyze for anti-patterns:

cat .github/workflows/*.yml

Anti-patterns to detect:

Anti-Pattern	Fix
`actions/*@v3`	Update to `@v4`
`setup-node` without cache	Add `cache: 'npm'`
`npm install`	Use `npm ci`
No `concurrency:`	Add concurrency control
Matrix with single version	Remove unnecessary matrix
Missing `fail-fast: true`	Add explicit fail-fast

See references/anti-patterns.md for full guide.

Phase 6: Verification

After generating:

Validate YAML (if actionlint available):

which actionlint && actionlint .github/workflows/*.yml

Check required permissions:
- GitHub Pages → pages: write, id-token: write
- Releases → contents: write
- PRs → pull-requests: write

Show summary:

Workflows Created/Updated
=========================

✓ .github/workflows/ci.yml
  - Triggers: push (main), pull_request
  - Jobs: lint, typecheck, test, build
  - Node: 22.x with npm

Next Steps:
1. Review generated workflows
2. git add .github/workflows/
3. git commit -m "ci: add GitHub Actions workflow"
4. Push to trigger first run

Templates Reference

Templates are in references/ directory:

Template	Description
`nodejs-ci.yml`	Standard CI with lint/typecheck/test/build
`nodejs-deploy-pages.yml`	Deploy to GitHub Pages
`nodejs-release.yml`	Release on tag push (v*)
`python-ci.yml`	Python CI with uv/pip, ruff, pytest
`go-ci.yml`	Go CI with vet, lint, test
`security.yml`	npm audit + secrets scanning

Best Practices Enforced

Always use latest action versions (@v4 for most)
Use npm ci over npm install for reproducible builds
Enable caching in setup-node/setup-python/setup-go
Add concurrency control to cancel outdated runs
Use fail-fast: true to cancel parallel jobs on failure
Specify permissions explicitly when needed
Use Node 22.x (current LTS)

Concurrency Control Template

Always include in workflows:

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}

This cancels outdated PR runs but never cancels main branch runs.

Package Manager Detection

Lockfile	Package Manager	Install Command
`pnpm-lock.yaml`	pnpm	`pnpm install --frozen-lockfile`
`bun.lockb`	bun	`bun install --frozen-lockfile`
`package-lock.json`	npm	`npm ci`
None	npm	`npm ci` (after `npm install` generates lock)

Branch Detection

# Detect default branch
git symbolic-ref refs/remotes/origin/HEAD 2>/dev/null | sed 's@^refs/remotes/origin/@@'
# Or fallback
git branch -r | grep -E 'origin/(main|master)' | head -1 | sed 's@origin/@@'

github-actions-expert

Resources

Install

GitHub Actions Expert

Proactive Detection

Workflow

Phase 0: Knowledge Update

Phase 1: Stack Detection

Phase 2: Script Analysis (Node.js)

Phase 3: Workflow Selection

Phase 4: Generate Workflows

Phase 5: Improve Existing Workflows

Phase 6: Verification

Templates Reference

Best Practices Enforced

Concurrency Control Template

Package Manager Detection

Branch Detection

Categories

Install

Recommended Skills