You can use the if conditional to prevent a step from running unless a condition is met.
You can use any supported context and expression to create a conditional.
For more information on which contexts are supported in this key, see Contexts reference.
When you use expressions in an if conditional, you can, optionally, omit the ${{ }} expression syntax because
GitHub Actions automatically evaluates the if conditional as an expression.
However, this exception does not apply everywhere.
For more information, see Evaluate expressions in workflows and actions.
Sets variables for steps to use in the runner environment.
You can also set variables for the entire workflow or a job.
For more information, see module.env and BaseJob.env.
When more than one environment variable is defined with the same name, GitHub uses the most specific variable.
For example, an environment variable defined in a step will override job and workflow environment variables with
the same name, while the step executes.
An environment variable defined for a job will override a workflow variable with the same name, while the job executes.
Public actions may specify expected variables in the README file.
If you are setting a secret or sensitive value, such as a password or token, you must set secrets using the
secrets context.
For more information, see Contexts reference.
Using the working-directory keyword, you can specify the working directory of where to run the command.
Alternatively, you can specify a default working directory for all run steps in a job, or for all run steps in the
entire workflow.
For more information, see defaults.run.working-directory and jobs.<job_id>.defaults.run.working-directory.
You can override the default shell settings in the runner's operating system and the job's default using the shell keyword.
You can use built-in shell keywords, or you can define a custom set of shell options.
The shell command that is run internally executes a temporary file that contains the commands specified in the run keyword.
Selects an action to run as part of a step in your job.
An action is a reusable unit of code.
You can use an action defined in the same repository as the workflow, a public repository, or in a published
Docker container image.
We strongly recommend that you include the version of the action you are using by specifying a Git ref, SHA, or
Docker tag.
If you don't specify a version, it could break your workflows or cause unexpected behavior when the action owner
publishes an update.
Using the commit SHA of a released action version is the safest for stability and security.
If the action publishes major version tags, you should expect to receive critical fixes and security patches
while still retaining compatibility. Note that this behavior is at the discretion of the action's author.
Using the default branch of an action may be convenient, but if someone releases a new major version with a
breaking change, your workflow could break.
Some actions require inputs that you must set using the with keyword. Review the action's README file to determine
the inputs required.
Actions are either JavaScript files or Docker containers.
If the action you're using is a Docker container you must run the job in a Linux environment.
For more details, see runs-on.
Type-safe GitHub Action of the actions/dependency-review-action action.