Code Reference

Glossary

GitHub Actions · Reference cheat sheet

Glossary

GitHub Actions · Reference cheat sheet


📋 Overview

Alphabetical glossary of core GitHub Actions terms for workflows, jobs, runners, secrets, and reusable automation.

🔧 Core concepts

TermDefinition
ActionA reusable unit of work published for use as a step (uses:).
ArtifactA file set uploaded from a job and downloadable later in the workflow.
CacheStored dependencies keyed for faster restores across runs.
CheckoutThe common first step that clones the repository onto the runner.
Composite actionAn action defined as a sequence of steps in an action.yml.
ConcurrencyControls that cancel or queue overlapping workflow runs.
ContextBuilt-in objects such as github, env, secrets, and steps used in expressions.
EnvironmentA named deployment target with protection rules and secrets.
EventA repository activity that can trigger a workflow, such as push.
ExpressionA $\{\{ \}\} expression evaluated for conditions, inputs, and contexts.
JobA set of steps that runs on the same runner.
MatrixA strategy that expands one job into many variants of inputs.
NeedsA job dependency declaring that another job must succeed first.
OIDCFederated auth letting workflows obtain cloud tokens without long-lived keys.
PermissionToken scopes limiting what GITHUB_TOKEN may do.
Reusable workflowA callable workflow invoked by other workflows with uses:.
RunnerThe machine (GitHub-hosted or self-hosted) that executes a job.
SecretAn encrypted value exposed to workflows as an environment variable.
Service containerA Docker service (e.g. Postgres) attached to a job for tests.
StepA single command or action invocation inside a job.
TriggerThe on: configuration that starts a workflow for matching events.
WorkflowA YAML automation file under .github/workflows/.
Workflow callThe event that allows one workflow to be invoked by another.
Workflow dispatchA manual trigger that can accept typed inputs.
Workflow runOne execution instance of a workflow.

💡 Examples

Workflow trigger and job:

name: CI
on:
  push:
    branches: [main]
jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: "22"
      - run: npm ci && npm test

Matrix strategy:

strategy:
  matrix:
    node: [20, 22]
    os: [ubuntu-latest, windows-latest]
runs-on: ${{ matrix.os }}

Secrets and expressions:

env:
  API_KEY: ${{ secrets.API_KEY }}
if: ${{ github.ref == 'refs/heads/main' }}

⚠️ Pitfalls

  • Confusing job (runner-scoped) with step (sequential unit inside a job).
  • Mixing secrets (encrypted) with ordinary env vars committed in YAML.
  • Treating cache as an artifact store — caches are best-effort and can miss.
  • Equating reusable workflows with composite actions — different call sites and capabilities.
  • Assuming matrix failures always fail-fast the same way — fail-fast is configurable.

On this page