-
Notifications
You must be signed in to change notification settings - Fork 1
Cheatsheet
Shmuel Max edited this page May 4, 2026
·
1 revision
# PRs
gh pr create --fill --draft
gh pr checkout 1234
gh pr checks --watch
gh pr review --approve
gh pr merge --squash --delete-branch
# Runs
gh run list --workflow=ci.yml --limit 5
gh run watch <run-id>
gh run view <run-id> --log-failed
gh run rerun <run-id> --failed
# Workflows
gh workflow run deploy.yml -f environment=staging
gh workflow disable ci.yml
# Releases
gh release create v1.2.0 --generate-notesname: CI
on:
push: { branches: [main] }
pull_request:
permissions: {} # deny-by-default
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
test:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
cache: npm
- run: npm ci
- run: npm test# .github/workflows/deploy.yml — callee
on:
workflow_call:
inputs:
environment: { type: string, required: true }
secrets:
DEPLOY_TOKEN: { required: true }
# Caller
jobs:
staging:
uses: ./.github/workflows/deploy.yml
with: { environment: staging }
secrets: inherit| Context | When |
|---|---|
${{ github.event_name }} |
Trigger (push, pull_request, workflow_dispatch…) |
${{ github.ref }} |
Full ref (refs/heads/main) |
${{ github.ref_name }} |
Just the branch/tag name |
${{ github.sha }} |
Commit SHA |
${{ github.actor }} |
Who triggered |
${{ runner.os }} |
Linux / Windows / macOS
|
${{ secrets.X }} |
Repo/org/env secret |
${{ vars.X }} |
Repo/org/env variable |
- ✅ Require PR before merge
- ✅ Require ≥1 approval (≥2 for sensitive paths via CODEOWNERS)
- ✅ Require status checks (CI green)
- ✅ Require up-to-date branches
- ✅ Restrict force-pushes & deletions