💬 コミュニケーションコミュニティ

when-automating-github-actions-use-workflow-automation

AIが連携してGitHub Actionsのワークフローを自動化し、CI/CDパイプラインの構築、既存ワークフローの最適化、セキュリティ強化、テスト戦略の策定、デバッグなどを効率的に行うSkill。

📜 元の英語説明(参考)

Advanced GitHub Actions workflow automation with AI swarm coordination, intelligent CI/CD pipelines, and comprehensive repository management. Coordinates cicd-engineer, workflow-automation, tester, and security-auditor agents through mesh topology to create, optimize, and maintain GitHub Actions workflows. Handles workflow generation, performance optimization, security hardening, matrix testing strategies, and workflow debugging. Use when building CI/CD pipelines, optimizing existing workflows, or establishing automation standards.

🇯🇵 日本人クリエイター向け解説

一言でいうと

※ jpskill.com 編集部が日本のビジネス現場向けに補足した解説です。Skill本体の挙動とは独立した参考情報です。

⚡ おすすめ: コマンド1行でインストール(60秒)

下記のコマンドをコピーしてターミナル(Mac/Linux)または PowerShell(Windows)に貼り付けてください。ダウンロード → 解凍 → 配置まで全自動。

🍎 Mac / 🐧 Linux

mkdir -p ~/.claude/skills && cd ~/.claude/skills && curl -L -o when-automating-github-actions-use-workflow-automation.zip https://jpskill.com/download/18791.zip && unzip -o when-automating-github-actions-use-workflow-automation.zip && rm when-automating-github-actions-use-workflow-automation.zip

🪟 Windows (PowerShell)

$d = "$env:USERPROFILE\.claude\skills"; ni -Force -ItemType Directory $d | Out-Null; iwr https://jpskill.com/download/18791.zip -OutFile "$d\when-automating-github-actions-use-workflow-automation.zip"; Expand-Archive "$d\when-automating-github-actions-use-workflow-automation.zip" -DestinationPath $d -Force; ri "$d\when-automating-github-actions-use-workflow-automation.zip"

完了後、Claude Code を再起動 → 普通に「動画プロンプト作って」のように話しかけるだけで自動発動します。

💾 手動でダウンロードしたい(コマンドが難しい人向け)

1. 下の青いボタンを押して when-automating-github-actions-use-workflow-automation.zip をダウンロード
2. ZIPファイルをダブルクリックで解凍 → when-automating-github-actions-use-workflow-automation フォルダができる
3. そのフォルダを C:\Users\あなたの名前\.claude\skills\(Win)または ~/.claude/skills/(Mac)へ移動
4. Claude Code を再起動

⬇ .zip でダウンロード(推奨) ⬇ .skill 形式(上級者用) 元のソース ↗

⚠️ ダウンロード・利用は自己責任でお願いします。当サイトは内容・動作・安全性について責任を負いません。

🎯 このSkillでできること

下記の説明文を読むと、このSkillがあなたに何をしてくれるかが分かります。Claudeにこの分野の依頼をすると、自動で発動します。

📦 インストール方法 (3ステップ)

1. 上の「ダウンロード」ボタンを押して .skill ファイルを取得
2. ファイル名の拡張子を .skill から .zip に変えて展開(macは自動展開可)
3. 展開してできたフォルダを、ホームフォルダの .claude/skills/ に置く
- · macOS / Linux: ~/.claude/skills/
- · Windows: %USERPROFILE%\.claude\skills\

Claude Code を再起動すれば完了。「このSkillを使って…」と話しかけなくても、関連する依頼で自動的に呼び出されます。

詳しい使い方ガイドを見る →

最終更新: 2026-05-18
取得日時: 2026-05-18
同梱ファイル: 1

📖 Skill本文(日本語訳)

※ 原文(英語/中国語)を Gemini で日本語化したものです。Claude 自身は原文を読みます。誤訳がある場合は原文をご確認ください。

[スキル名] GitHub Actionsの自動化時にワークフロー自動化を使用する [原文 Markdown ↓]

GitHub Actionsワークフロー自動化スキル

概要

インテリジェントなエージェント連携を使用して、GitHub ActionsのCI/CDワークフローを設計、実装、最適化します。このスキルは、堅牢な継続的インテグレーションとデプロイメントのために、パイプライン生成、セキュリティ強化、パフォーマンス最適化、テストオーケストレーション、デバッグを含むエンドツーエンドのワークフロー自動化を提供します。

このスキルを使用するタイミング

このスキルは、新しいCI/CDパイプラインをゼロから作成する場合、遅いまたは非効率なワークフローを最適化する場合、マトリクステスト戦略を実装する場合、ワークフローのセキュリティとシークレット管理を強化する場合、失敗するワークフローや不安定なテストをデバッグする場合、組織のワークフロー標準を確立する場合、または他のCIシステム（Jenkins、Travis、CircleCI）からGitHub Actionsに移行する場合に有効化してください。

シンプルな単一ジョブのワークフローから複雑な多段階パイプライン、選択的なジョブトリガーを持つモノレポワークフロー、スケジュールされたワークフローとcronジョブ、または組織全体で再利用するためのワークフローテンプレートの両方に使用できます。

エージェント連携アーキテクチャ

スウォームトポロジー

メッシュトポロジーを初期化し、専門エージェント間のピアツーピア連携による並列ワークフロー開発を可能にします。メッシュトポロジーにより、セキュリティ、テスト、パフォーマンスのエージェントが直接連携できます。

# ワークフロー自動化のためのメッシュスウォームを初期化
npx claude-flow@alpha swarm init --topology mesh --max-agents 6 --strategy balanced

専門エージェントの役割

CI/CDエンジニア (cicd-engineer): パイプライン構造を設計し、適切なアクションを選択し、ジョブとステップを設定し、デプロイ戦略を実装する主要なワークフローアーキテクトです。ワークフロー全体の設計を担当します。

ワークフロー自動化 (workflow-automation): キャッシュ戦略、アーティファクト管理、ワークフローの再利用、マトリクス構成など、GitHub Actions固有の最適化に特化しています。GitHub Actionsエコシステムの専門家です。

テストエンジニア (tester): 並列テスト、マトリクステスト、テストレポート、障害分析を含むテストオーケストレーション戦略を設計します。CI/CDにおける包括的なテストカバレッジを保証します。

セキュリティ監査人 (security-auditor): シークレット管理、サードパーティアクションの審査、権限スコープ設定、サプライチェーンセキュリティなど、セキュリティ脆弱性からワークフローを強化します。

パフォーマンスアナライザー (perf-analyzer): 並列化、キャッシュ、選択的なジョブトリガー、リソース最適化を通じてワークフローの実行時間を最適化します。ワークフローのパフォーマンスメトリクスを監視します。

ワークフロー自動化プロセス (SOP)

ワークフロー1: CI/CDパイプラインをゼロから生成

新規または既存のプロジェクト向けに包括的なCI/CDワークフローを作成します。

フェーズ1: 要件分析

ステップ1.1: メッシュスウォームの初期化

# 共同ワークフロー開発のためのメッシュスウォームをセットアップ
mcp__claude-flow__swarm_init topology=mesh maxAgents=6 strategy=balanced

# 専門エージェントを生成
mcp__claude-flow__agent_spawn type=coder name=cicd-engineer
mcp__claude-flow__agent_spawn type=coordinator name=workflow-automation
mcp__claude-flow__agent_spawn type=researcher name=tester
mcp__claude-flow__agent_spawn type=analyst name=security-auditor
mcp__claude-flow__agent_spawn type=optimizer name=perf-analyzer

ステップ1.2: プロジェクト構造の分析

Task("CI/CD Engineer", "
  プロジェクトを分析し、CI/CD要件を決定します:

  1. プロジェクトタイプを検出 (Node.js, Python, Rust, Go, Javaなど)
  2. ビルドシステムを特定 (npm, cargo, maven, gradle, make)
  3. テストフレームワークとテスト場所を発見
  4. リンティングおよびフォーマットツールを確認
  5. デプロイターゲットを特定 (npm registry, Docker Hub, AWSなど)
  6. 他のCIから移行する場合は既存のワークフローをレビュー

  検出には scripts/project-analyzer.sh を使用
  プロジェクト分析をメモリに保存: github-actions/analysis
  フックを実行: npx claude-flow@alpha hooks pre-task --description 'project analysis'
", "cicd-engineer")

ステップ1.3: パイプラインステージの定義

Task("CI/CD Engineer", "
  プロジェクト分析に基づいてパイプラインステージを設計します:

  1. CIステージを定義: lint → test → build → security-scan
  2. CDステージを定義: package → deploy-staging → deploy-production
  3. トリガー条件を決定 (push, PR, tag, schedule)
  4. マトリクス構成を計画 (OS, ランタイムバージョン)
  5. ステージ間の依存関係を特定
  6. ワークフロー構造図を作成

  references/pipeline-patterns.md を参照
  パイプライン設計をメモリに保存: github-actions/pipeline-design
", "cicd-engineer")

フェーズ2: 並列ワークフロー開発

ワークフローコンポーネントを構築するために、専門エージェントを並列で実行します。

ステップ2.1: ベースワークフロー構造の生成

Task("CI/CD Engineer", "
  ベースワークフローのYAML構造を作成します:

  1. references/workflow-templates/${PROJECT_TYPE}.yml をベースとして使用
  2. ワークフロートリガーを設定 (on: push/pull_request/schedule)
  3. 依存関係を持つジョブ構造を定義
  4. ランナー環境をセットアップ (ubuntu-latest, macos-latest, windows-latest)
  5. 冗長な実行を防ぐためにコンカレンシーグループを設定
  6. 手動トリガーのために workflow_dispatch を追加

  scripts/workflow-generator.sh を使用
  ベースワークフローをメモリに保存: github-actions/base-workflow
", "cicd-engineer")

ステップ2.2: テスト戦略の実装

Task("Test Engineer", "
  テストオーケストレーションを設計および実装します:

  1. テストマトリクスを設定 (複数のNodeバージョン、Pythonバージョンなど)
  2. ジョブマトリクスで並列テスト実行をセットアップ
  3. テスト結果レポートを実装 (GitHub Actions Summary)
  4. テストカバレッジの収集とアップロードを設定
  5. デバッグのためにテストアーティファクトの収集を追加
  6. 不安定なテストの再試行ロジックをセットアップ

  references/test-strategies.md を使用
  テスト構成をメモリに保存: github-actions/testing
", "tester")

ステップ2.3: セキュリティ強化の追加


Task("Security Auditor", "
  ワークフローのセキュリティベストプラクティスを実装します:

  1. GITHUB_TOKEN の権限を最小限にスコープ設定
  2. サードパーティアクションをsにピン留め

（原文がここで切り詰められています）

📜 原文 SKILL.md(Claudeが読む英語/中国語)を展開

GitHub Actions Workflow Automation Skill

Overview

Design, implement, and optimize GitHub Actions CI/CD workflows using intelligent agent coordination. This skill provides end-to-end workflow automation including pipeline generation, security hardening, performance optimization, test orchestration, and debugging for robust continuous integration and deployment.

When to Use This Skill

Activate this skill when creating new CI/CD pipelines from scratch, optimizing slow or inefficient workflows, implementing matrix testing strategies, hardening workflow security and secrets management, debugging failing workflows or flaky tests, establishing organizational workflow standards, or migrating from other CI systems (Jenkins, Travis, CircleCI) to GitHub Actions.

Use for both simple single-job workflows and complex multi-stage pipelines, monorepo workflows with selective job triggering, scheduled workflows and cron jobs, or workflow templates for organization-wide reuse.

Agent Coordination Architecture

Swarm Topology

Initialize a mesh topology enabling parallel workflow development with peer-to-peer coordination between specialized agents. Mesh topology allows security, testing, and performance agents to collaborate directly.

# Initialize mesh swarm for workflow automation
npx claude-flow@alpha swarm init --topology mesh --max-agents 6 --strategy balanced

Specialized Agent Roles

CI/CD Engineer (cicd-engineer): Primary workflow architect that designs pipeline structure, selects appropriate actions, configures jobs and steps, and implements deployment strategies. Owns overall workflow design.

Workflow Automation (workflow-automation): Specializes in GitHub Actions-specific optimizations including caching strategies, artifact management, workflow reuse, and matrix configurations. Expert in GitHub Actions ecosystem.

Test Engineer (tester): Designs test orchestration strategies including parallel testing, matrix testing, test reporting, and failure analysis. Ensures comprehensive test coverage in CI/CD.

Security Auditor (security-auditor): Hardens workflows against security vulnerabilities including secrets management, third-party action vetting, permission scoping, and supply chain security.

Performance Analyzer (perf-analyzer): Optimizes workflow execution time through parallelization, caching, selective job triggering, and resource optimization. Monitors workflow performance metrics.

Workflow Automation Processes (SOP)

Workflow 1: Generate CI/CD Pipeline from Scratch

Create comprehensive CI/CD workflow for new or existing project.

Phase 1: Requirements Analysis

Step 1.1: Initialize Mesh Swarm

# Set up mesh swarm for collaborative workflow development
mcp__claude-flow__swarm_init topology=mesh maxAgents=6 strategy=balanced

# Spawn specialized agents
mcp__claude-flow__agent_spawn type=coder name=cicd-engineer
mcp__claude-flow__agent_spawn type=coordinator name=workflow-automation
mcp__claude-flow__agent_spawn type=researcher name=tester
mcp__claude-flow__agent_spawn type=analyst name=security-auditor
mcp__claude-flow__agent_spawn type=optimizer name=perf-analyzer

Step 1.2: Analyze Project Structure

Task("CI/CD Engineer", "
  Analyze project and determine CI/CD requirements:

  1. Detect project type (Node.js, Python, Rust, Go, Java, etc.)
  2. Identify build system (npm, cargo, maven, gradle, make)
  3. Discover test frameworks and test locations
  4. Check for linting and formatting tools
  5. Identify deployment targets (npm registry, Docker Hub, AWS, etc.)
  6. Review existing workflows if migrating from other CI

  Use scripts/project-analyzer.sh for detection
  Store project analysis in memory: github-actions/analysis
  Run hooks: npx claude-flow@alpha hooks pre-task --description 'project analysis'
", "cicd-engineer")

Step 1.3: Define Pipeline Stages

Task("CI/CD Engineer", "
  Design pipeline stages based on project analysis:

  1. Define CI stages: lint → test → build → security-scan
  2. Define CD stages: package → deploy-staging → deploy-production
  3. Determine trigger conditions (push, PR, tag, schedule)
  4. Plan matrix configurations (OS, runtime versions)
  5. Identify dependencies between stages
  6. Create workflow structure diagram

  Reference references/pipeline-patterns.md
  Store pipeline design in memory: github-actions/pipeline-design
", "cicd-engineer")

Phase 2: Parallel Workflow Development

Execute specialized agents in parallel to build workflow components.

Step 2.1: Generate Base Workflow Structure

Task("CI/CD Engineer", "
  Create base workflow YAML structure:

  1. Use references/workflow-templates/${PROJECT_TYPE}.yml as base
  2. Configure workflow triggers (on: push/pull_request/schedule)
  3. Define jobs structure with dependencies
  4. Set up runner environments (ubuntu-latest, macos-latest, windows-latest)
  5. Configure concurrency groups to prevent redundant runs
  6. Add workflow_dispatch for manual triggers

  Use scripts/workflow-generator.sh
  Store base workflow in memory: github-actions/base-workflow
", "cicd-engineer")

Step 2.2: Implement Testing Strategy

Task("Test Engineer", "
  Design and implement test orchestration:

  1. Configure test matrix (multiple Node versions, Python versions, etc.)
  2. Set up parallel test execution with job matrix
  3. Implement test result reporting (GitHub Actions Summary)
  4. Configure test coverage collection and upload
  5. Add test artifact collection for debugging
  6. Set up flaky test retry logic

  Use references/test-strategies.md
  Store test config in memory: github-actions/testing
", "tester")

Step 2.3: Add Security Hardening

Task("Security Auditor", "
  Implement workflow security best practices:

  1. Scope GITHUB_TOKEN permissions to minimum required
  2. Pin third-party actions to specific SHA (not @v1 tags)
  3. Configure secrets management properly
  4. Add dependency scanning (Dependabot, Snyk)
  5. Implement SAST scanning (CodeQL, Semgrep)
  6. Add container image scanning if using Docker
  7. Configure branch protection rules

  Use references/workflow-security.md
  Store security config in memory: github-actions/security
", "security-auditor")

Step 2.4: Optimize Performance

Task("Performance Analyzer", "
  Optimize workflow execution time:

  1. Implement aggressive caching (dependencies, build artifacts)
  2. Configure conditional job execution (path filters)
  3. Parallelize independent jobs where possible
  4. Use faster runners (GitHub-hosted vs self-hosted)
  5. Optimize Docker layer caching for containerized workflows
  6. Add build time monitoring

  Use references/optimization-techniques.md
  Store optimization config in memory: github-actions/optimization
", "perf-analyzer")

Step 2.5: Configure Deployment Automation

Task("Workflow Automation", "
  Set up deployment automation:

  1. Configure environment-specific deployment jobs
  2. Implement deployment approvals for production
  3. Add rollback capability
  4. Configure deployment status checks
  5. Set up deployment notifications (Slack, Discord)
  6. Implement blue-green or canary deployment if applicable

  Use references/deployment-automation.md
  Store deployment config in memory: github-actions/deployment
", "workflow-automation")

Phase 3: Workflow Integration and Testing

Step 3.1: Synthesize Workflow Components

Task("CI/CD Engineer", "
  Integrate all agent contributions into final workflow:

  1. Retrieve all components from memory (base, testing, security, optimization, deployment)
  2. Merge configurations ensuring no conflicts
  3. Validate YAML syntax using scripts/workflow-validator.sh
  4. Check for logical errors (circular dependencies, missing inputs)
  5. Add comprehensive comments explaining each section
  6. Generate workflow diagram showing job dependencies

  Store final workflow in memory: github-actions/final
", "cicd-engineer")

Step 3.2: Validate Workflow Locally

# Validate workflow syntax
bash scripts/workflow-validator.sh \
  --workflow ".github/workflows/ci.yml" \
  --check-actions true \
  --check-secrets true

# Test workflow locally using act
act push --job test --dry-run

Step 3.3: Create Pull Request with Workflow

# Create feature branch and commit workflow
git checkout -b "ci/add-github-actions-workflow"
mkdir -p .github/workflows
cp final-workflow.yml .github/workflows/ci.yml
git add .github/workflows/ci.yml
git commit -m "ci: add GitHub Actions CI/CD workflow"
git push origin ci/add-github-actions-workflow

# Create PR
bash scripts/github-api.sh create-pr \
  --repo <owner/repo> \
  --head "ci/add-github-actions-workflow" \
  --base "main" \
  --title "Add GitHub Actions CI/CD Pipeline" \
  --body-file "references/workflow-pr-description.md"

Step 3.4: Monitor First Workflow Run

Task("CI/CD Engineer", "
  Monitor and validate first workflow execution:

  1. Watch workflow run in GitHub Actions UI
  2. Check for job failures or warnings
  3. Validate caching is working correctly
  4. Verify test results are reported properly
  5. Confirm security scans complete successfully
  6. Measure total workflow execution time

  Store first-run metrics in memory: github-actions/first-run
", "cicd-engineer")

Workflow 2: Optimize Existing Workflow Performance

Improve slow or inefficient workflows.

Phase 1: Performance Analysis

Step 1.1: Collect Workflow Metrics

# Analyze workflow execution history
bash scripts/workflow-analytics.sh analyze \
  --repo <owner/repo> \
  --workflow "ci.yml" \
  --runs 50 \
  --output "references/workflow-metrics.json"

Step 1.2: Identify Bottlenecks

Task("Performance Analyzer", "
  Analyze workflow performance and identify bottlenecks:

  1. Review workflow metrics from references/workflow-metrics.json
  2. Identify slowest jobs and steps
  3. Check cache hit rates (low = opportunity)
  4. Analyze dependency installation time
  5. Check for serialized jobs that could be parallelized
  6. Identify redundant operations across jobs

  Use scripts/bottleneck-analyzer.sh
  Store bottleneck analysis in memory: github-actions/bottlenecks
", "perf-analyzer")

Phase 2: Optimization Implementation

Step 2.1: Implement Caching Strategy

# Add aggressive caching
- name: Cache dependencies
  uses: actions/cache@v4
  with:
    path: |
      ~/.npm
      ~/.cargo/registry
      ~/.cargo/git
      target/
    key: ${{ runner.os }}-deps-${{ hashFiles('**/package-lock.json', '**/Cargo.lock') }}
    restore-keys: |
      ${{ runner.os }}-deps-

Step 2.2: Parallelize Independent Jobs

# Convert serial jobs to parallel
jobs:
  lint:
    runs-on: ubuntu-latest
    # Remove "needs: build" to run in parallel with build

  test:
    runs-on: ubuntu-latest
    # Remove "needs: build" if tests don't need build artifacts

  security-scan:
    runs-on: ubuntu-latest
    # Run in parallel with other jobs

Step 2.3: Add Path Filtering

# Only run workflows when relevant files change
on:
  push:
    paths:
      - 'src/**'
      - 'tests/**'
      - 'package.json'
      - '.github/workflows/ci.yml'
  pull_request:
    paths:
      - 'src/**'
      - 'tests/**'

Step 2.4: Optimize Docker Builds

# Use Docker layer caching and buildx
- name: Set up Docker Buildx
  uses: docker/setup-buildx-action@v3

- name: Build and push
  uses: docker/build-push-action@v5
  with:
    context: .
    push: true
    tags: ${{ env.IMAGE_TAG }}
    cache-from: type=gha
    cache-to: type=gha,mode=max

Phase 3: Validation

Step 3.1: Measure Improvement

# Compare workflow execution time before/after
bash scripts/workflow-analytics.sh compare \
  --before "references/metrics-before.json" \
  --after "references/metrics-after.json" \
  --output "references/improvement-report.md"

Workflow 3: Debug Failing Workflow

Systematically debug and fix failing workflows.

Phase 1: Failure Analysis

Step 1.1: Collect Failure Context

# Fetch failed workflow run details
bash scripts/github-api.sh get-workflow-run \
  --repo <owner/repo> \
  --run-id <run-id> \
  --include-logs true \
  --output "references/failed-run.json"

Step 1.2: Analyze Failure Patterns

Task("CI/CD Engineer", "
  Analyze workflow failure:

  1. Review failure logs from references/failed-run.json
  2. Classify failure type (test failure, build error, timeout, rate limit)
  3. Check if failure is intermittent (flaky) or consistent
  4. Identify changed files that might have triggered failure
  5. Check for environment-specific issues (OS, runtime version)
  6. Review recent workflow file changes

  Store failure analysis in memory: github-actions/failure-analysis
", "cicd-engineer")

Phase 2: Root Cause Investigation

Step 2.1: Reproduce Locally

# Reproduce workflow locally using act
act push \
  --job <failed-job-name> \
  --secret-file .secrets \
  --verbose

Step 2.2: Add Debug Logging

# Temporarily add debug steps
- name: Debug Environment
  run: |
    echo "Runner OS: ${{ runner.os }}"
    echo "Node Version: $(node --version)"
    echo "Working Directory: $(pwd)"
    ls -la
    env | sort

- name: Debug Dependencies
  run: |
    npm list --depth=0 || true
    cargo tree --depth=0 || true

Phase 3: Fix Implementation

Step 3.1: Apply Fix

Based on root cause, apply appropriate fix:

Flaky Test Fix:

# Add test retry logic
- name: Run Tests with Retry
  uses: nick-fields/retry@v2
  with:
    timeout_minutes: 10
    max_attempts: 3
    command: npm test

Timeout Fix:

# Increase timeout for slow jobs
jobs:
  build:
    timeout-minutes: 30  # Increased from default 6 hours

Dependency Issue Fix:

# Lock dependency versions
- name: Install Dependencies
  run: npm ci  # Use ci instead of install for reproducible builds

Step 3.2: Validate Fix

# Push fix and monitor workflow
git add .github/workflows/ci.yml
git commit -m "fix(ci): resolve workflow failure in build job"
git push origin main

# Monitor workflow run
bash scripts/workflow-monitor.sh \
  --repo <owner/repo> \
  --branch "main" \
  --wait-for-completion true

Advanced Workflow Patterns

Matrix Testing Strategy

jobs:
  test:
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        os: [ubuntu-latest, macos-latest, windows-latest]
        node-version: [16, 18, 20]
        include:
          # Add specific configuration combinations
          - os: ubuntu-latest
            node-version: 20
            coverage: true
        exclude:
          # Exclude problematic combinations
          - os: windows-latest
            node-version: 16
      fail-fast: false  # Continue even if one combination fails

Reusable Workflows

# .github/workflows/reusable-build.yml
name: Reusable Build Workflow
on:
  workflow_call:
    inputs:
      environment:
        required: true
        type: string
    secrets:
      deploy_key:
        required: true

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Build
        run: npm run build

Call reusable workflow:

jobs:
  prod-build:
    uses: ./.github/workflows/reusable-build.yml
    with:
      environment: production
    secrets:
      deploy_key: ${{ secrets.PROD_DEPLOY_KEY }}

Composite Actions

Create reusable action compositions:

# .github/actions/setup-project/action.yml
name: 'Setup Project'
description: 'Set up Node.js and install dependencies with caching'
inputs:
  node-version:
    description: 'Node.js version'
    required: true
runs:
  using: 'composite'
  steps:
    - uses: actions/setup-node@v4
      with:
        node-version: ${{ inputs.node-version }}
        cache: 'npm'
    - run: npm ci
      shell: bash

Conditional Execution

jobs:
  deploy:
    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
    runs-on: ubuntu-latest
    steps:
      - name: Deploy to Production
        run: ./deploy.sh

MCP Tool Integration

Task Orchestration

# Orchestrate workflow optimization
mcp__claude-flow__task_orchestrate \
  task="Optimize CI/CD workflow performance" \
  strategy=parallel \
  maxAgents=5 \
  priority=high

Swarm Monitoring

# Monitor workflow automation agents
mcp__claude-flow__swarm_status verbose=true

# Get agent metrics
mcp__claude-flow__agent_metrics metric=all

Best Practices

Pin Action Versions: Always pin actions to specific commit SHA for security and reproducibility. Never use @main or @latest.

Minimal Permissions: Set permissions at job level with least privilege required. Don't grant unnecessary permissions.

Secrets Management: Never log secrets or echo environment variables that might contain secrets. Use GitHub Secrets for sensitive data.

Fail Fast Configuration: Use fail-fast: false in matrix to see all failures, not just first one.

Caching Strategy: Cache dependencies aggressively but use specific cache keys to avoid stale caches.

Workflow Documentation: Add comments explaining non-obvious workflow logic. Future maintainers will thank you.

Monitoring and Alerts: Set up Slack/Discord notifications for workflow failures. Don't rely on checking GitHub manually.

Testing Before Merge: Test workflow changes in feature branches before merging to main.

Error Handling

API Rate Limiting: Implement exponential backoff for GitHub API calls. Use GITHUB_TOKEN for authenticated requests.

Flaky Tests: Implement retry logic for intermittently failing tests. Track flaky tests and fix root causes.

Timeout Management: Set reasonable timeouts for each job. Don't let workflows run indefinitely.

Artifact Storage: Clean up old artifacts to avoid storage quota issues. Use artifact retention policies.

Workflow Syntax Errors: Always validate YAML syntax locally before pushing. Use actionlint for linting.

References

references/workflow-templates/ - Language-specific workflow templates
references/pipeline-patterns.md - Common CI/CD pipeline patterns
references/test-strategies.md - Test orchestration strategies
references/workflow-security.md - Security best practices
references/optimization-techniques.md - Performance optimization guide
references/deployment-automation.md - Deployment workflow patterns
scripts/project-analyzer.sh - Project type and build system detection
scripts/workflow-generator.sh - Workflow YAML generation
scripts/workflow-validator.sh - Workflow syntax validation
scripts/workflow-analytics.sh - Workflow performance analysis
scripts/bottleneck-analyzer.sh - Performance bottleneck identification
scripts/workflow-monitor.sh - Real-time workflow monitoring