All skills
Skillintermediate

Common GitHub Actions Reference

**Last Updated:** February 2026 **Source:** Official GitHub Actions repositories and Context7 verified documentation

Claude Code Knowledge Pack7/10/2026

Overview

Common GitHub Actions Reference

Last Updated: February 2026 Source: Official GitHub Actions repositories and Context7 verified documentation

This document catalogs frequently used GitHub Actions with current versions, inputs, outputs, and usage examples.

Important Notes for 2026:

  • All actions should be pinned to full 40-character SHA for security
  • Node 24 runtime is now supported (Node 20 EOL: April 2026, default switch: March 4, 2026)
  • actions/cache v5.0.3 recommended (Node 24 runtime, runner v2.327.1+)
  • Cache size limits: 10 GB free per repository, additional storage available (as of February 2026)

Table of Contents

  1. Repository and Checkout
  2. Language and Tool Setup
  3. Caching
  4. Artifacts
  5. Docker
  6. Cloud Providers
  7. Testing and Code Quality
  8. Notifications
  9. Release and Publishing
  10. Security

Repository and Checkout

actions/checkout

Latest Version: v6 (v6.0.2) SHA: de0fac2e4500dabe0009e67214ff5f5447ce83dd Minimum Runner: v2.327.1+

Description: Checkout repository code with improved performance, tag handling, and security

Common Inputs:

  • fetch-depth: Number of commits to fetch (default: 1, use 0 for full history)
  • ref: Branch, tag, or SHA to checkout
  • token: PAT for private repos (default: ${{ github.token }})
  • submodules: Whether to checkout submodules (false, true, recursive)
  • lfs: Whether to download Git LFS files (default: false)
  • sparse-checkout: Paths to checkout (cone mode or individual files) - Available in v5+
  • sparse-checkout-cone-mode: Use cone mode for sparse checkout (default: true)

Required Permissions:

permissions:
  contents: read

Examples:

Basic checkout:

- name: Checkout code
  uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
  with:
    fetch-depth: 1

Full history (for changelog/tags):

- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
  with:
    fetch-depth: 0

Sparse checkout (specific directories):

- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
  with:
    sparse-checkout: |
      .github
      src
      tests

Checkout PR HEAD commit:

- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
  with:
    ref: ${{ github.event.pull_request.head.sha }}

Checkout private repository:

- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
  with:
    repository: my-org/my-private-repo
    token: ${{ secrets.GH_PAT }}
    path: my-repo

Language and Tool Setup

actions/setup-node

Latest Version: v6 (v6.2.0) SHA: 6044e13b5dc448c55e2357c09f80417699197238 Minimum Runner: v2.328.0+ (for Node 24 support)

Description: Setup Node.js environment with Node 24 support

Important: Node 24 runtime is now supported. Node 20 deprecation timeline: Default switch March 4, 2026 → EOL April 2026 → Complete removal Summer 2026.

Common Inputs:

  • node-version: Version to use (e.g., '24', '20', '18.x', 'lts/*')
  • cache: Package manager to cache ('npm', 'yarn', 'pnpm')
  • cache-dependency-path: Path to lock file(s)
  • registry-url: NPM registry URL for publishing
  • always-auth: Set always-auth in npmrc (default: false)

Examples:

Basic setup with caching:

- name: Setup Node.js 24
  uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
  with:
    node-version: '24'
    cache: 'npm'

Multi-lock-file caching:

- uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
  with:
    node-version: '24'
    cache: 'npm'
    cache-dependency-path: |
      package-lock.json
      packages/*/package-lock.json

Setup for package publishing:

- uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
  with:
    node-version: '20'
    registry-url: 'https://registry.npmjs.org'

- run: npm publish
  env:
    NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

actions/setup-python

Latest Version: v6 (v6.2.0) SHA: a309ff8b426b58ec0e2a45f0f869d46889d02405

Description: Setup Python environment

Common Inputs:

  • python-version: Version to use (e.g., '3.11', '3.x')
  • cache: Package manager to cache ('pip', 'pipenv', 'poetry')
  • cache-dependency-path: Path to requirements file

Example:

- name: Setup Python
  uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
  with:
    python-version: '3.11'
    cache: 'pip'
    cache-dependency-path: 'requirements*.txt'

actions/setup-java

Latest Version: v4 (v4.0.0) SHA: 387ac29b308b003ca37ba93a6cab5eb57c8f5f93

Description: Setup Java environment

Common Inputs:

  • distribution: Java distribution ('temurin', 'zulu', 'adopt', etc.)
  • java-version: Version to use (e.g., '17', '11')
  • cache: Build tool to cache ('maven', 'gradle', 'sbt')

Example:

- name: Setup Java
  uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 # v4.0.0
  with:
    distribution: 'temurin'
    java-version: '17'
    cache: 'maven'

actions/setup-go

Latest Version: v5 (v5.0.0) SHA: 0c52d547c9bc32b1aa3301fd7a9cb496313a4491

Description: Setup Go environment

Common Inputs:

  • go-version: Version to use (e.g., '1.21', 'stable')
  • cache: Whether to cache dependencies (default: true)
  • cache-dependency-path: Path to go.sum

Example:

- name: Setup Go
  uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
  with:
    go-version: '1.21'
    cache-dependency-path: go.sum

Caching

actions/cache

Latest Version: v5 (v5.0.3) SHA: cdf6c1fa76f9f475f3d7449005a359c84ca0f306

Description: Cache dependencies and build outputs with Node 24 runtime support

Important: actions/cache v5 requires GitHub Actions runner v2.327.1 or later. Repositories get 10 GB free cache storage, with additional storage available.

Required Inputs:

  • path: Directories to cache
  • key: Cache key (must be unique)

Optional Inputs:

  • restore-keys: Fallback keys if exact key not found

Example:

- name: Cache dependencies
  uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
  with:
    path: |
      ~/.npm
      ~/.cache
      node_modules
    key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
    restore-keys: |
      ${{ runner.os }}-node-

Artifacts

actions/upload-artifact

Latest Version: v4 (v4.3.1) SHA: 5d5d22a31266ced268874388b861e4b58bb5c2f3

Description: Upload build artifacts

Required Inputs:

  • name: Artifact name
  • path: Files to upload

Optional Inputs:

  • retention-days: How long to keep artifact (1-90, default: 90)
  • if-no-files-found: What to do if no files found (warn, error, ignore)

Example:

- name: Upload build artifacts
  uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
  with:
    name: build-${{ github.sha }}
    path: dist/
    retention-days: 7
    if-no-files-found: error

actions/download-artifact

Latest Version: v4 (v4.1.4) SHA: c850b930e6ba138125429b7e5c93fc707a7f8427

Description: Download artifacts from previous jobs

Optional Inputs:

  • name: Artifact name (downloads all if not specified)
  • path: Destination path

Example:

- name: Download build artifacts
  uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
  with:
    name: build-${{ github.sha }}
    path: dist/

Docker

docker/setup-buildx-action

Latest Version: v3 (v3.3.0) SHA: d70bba72b1f3fd22344832f00baa16ece964efeb

Description: Setup Docker Buildx for advanced builds

Example:

- name: Set up Docker Buildx
  uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0

docker/login-action

Latest Version: v3 (v3.1.0) SHA: e92390c5fb421da1463c202d546fed0ec5c39f20

Description: Login to Docker registry

Common Inputs:

  • registry: Registry to login to (default: Docker Hub)
  • username: Username
  • password: Password or token

Example:

# Docker Hub
- name: Login to Docker Hub
  uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
  with:
    username: ${{ secrets.DOCKERHUB_USERNAME }}
    password: ${{ secrets.DOCKERHUB_TOKEN }}

# GitHub Container Registry
- name: Login to GHCR
  uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
  with:
    registry: ghcr.io
    username: ${{ github.actor }}
    password: ${{ secrets.GITHUB_TOKEN }}

docker/build-push-action

Latest Version: v5 (v5.3.0) SHA: 2cdde995de11925a030ce8070c3d77a52ffcf1c0

Description: Build and push Docker images

Common Inputs:

  • context: Build context path
  • file: Dockerfile path
  • push: Whether to push image (default: false)
  • tags: Image tags
  • platforms: Target platforms (e.g., linux/amd64,linux/arm64)
  • cache-from: Cache sources
  • cache-to: Cache destinations
  • build-args: Build arguments
  • secrets: Build secrets

Example:

- name: Build and push Docker image
  uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
  with:
    context: .
    platforms: linux/amd64,linux/arm64
    push: true
    tags: |
      user/app:latest
      user/app:${{ github.sha }}
    cache-from: type=gha
    cache-to: type=gha,mode=max
    build-args: |
      VERSION=${{ github.sha }}
      BUILD_DATE=${{ github.event.head_commit.timestamp }}

Cloud Providers

aws-actions/configure-aws-credentials

Latest Version: v4 (v4.0.2) SHA: e3dd6a429d7300a6a4c196c26e071d42e0343502

Description: Configure AWS credentials for GitHub Actions

Common Inputs:

  • aws-access-key-id: AWS access key ID
  • aws-secret-access-key: AWS secret access key
  • aws-region: AWS region
  • role-to-assume: IAM role ARN for OIDC
  • role-session-name: Session name

Example (with secrets):

- name: Configure AWS credentials
  uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
  with:
    aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
    aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
    aws-region: us-east-1

Example (with OIDC - preferred):

- name: Configure AWS credentials
  uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
  with:
    role-to-assume: arn:aws:iam::123456789012:role/GitHubActionsRole
    role-session-name: GitHubActions-${{ github.run_id }}
    aws-region: us-east-1

azure/login

Latest Version: v2 (v2.0.0) SHA: 6c251865b4e6290e7b78be643ea2d005a6c79ee5

Description: Login to Azure

Common Inputs:

  • creds: Azure credentials JSON
  • client-id: Service principal client ID (for OIDC)
  • tenant-id: Azure tenant ID (for OIDC)
  • subscription-id: Azure subscription ID (for OIDC)

Example:

- name: Azure Login
  uses: azure/login@6c251865b4e6290e7b78be643ea2d005a6c79ee5 # v2.0.0
  with:
    creds: ${{ secrets.AZURE_CREDENTIALS }}

Testing and Code Quality

codecov/codecov-action

Latest Version: v4 (v4.0.1) SHA: e0b68c6749509c5f83f984dd99a76a1c1a231044

Description: Upload code coverage to Codecov

Common Inputs:

  • token: Codecov token
  • files: Coverage files to upload
  • fail_ci_if_error: Fail CI if upload fails

Example:

- name: Upload coverage to Codecov
  uses: codecov/codecov-action@e0b68c6749509c5f83f984dd99a76a1c1a231044 # v4.0.1
  with:
    token: ${{ secrets.CODECOV_TOKEN }}
    files: ./coverage/lcov.info
    fail_ci_if_error: true

github/super-linter

Latest Version: v5 (v5.7.2) SHA: 45fc0d88288beee4701c62761281edfee85655d7

Description: Run multiple linters in one action

Common Inputs:

  • validate_all_codebase: Lint entire codebase or just changes
  • default_branch: Default branch name
  • disable_errors: Don't fail on errors

Example:

- name: Lint code
  uses: github/super-linter@45fc0d88288beee4701c62761281edfee85655d7 # v5.7.2
  env:
    VALIDATE_ALL_CODEBASE: false
    DEFAULT_BRANCH: main
    GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Notifications

slackapi/slack-github-action

Latest Version: v1 (v1.25.0) SHA: 6c661ce58804a1a20f6dc5fbee7f0381b469e001

Description: Send Slack notifications

Common Inputs:

  • webhook-url: Slack webhook URL
  • payload: JSON payload to send

Example:

- name: Notify Slack
  uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0
  with:
    webhook-url: ${{ secrets.SLACK_WEBHOOK_URL }}
    payload: |
      {
        "text": "Build completed: ${{ job.status }}",
        "blocks": [
          {
            "type": "section",
            "text": {
              "type": "mrkdwn",
              "text": "*Status:* ${{ job.status }}\
*Branch:* ${{ github.ref }}"
            }
          }
        ]
      }

Release and Publishing

actions/create-release

Note: Deprecated. Use gh release create or softprops/action-gh-release instead.

softprops/action-gh-release

Latest Version: v2 (v2.0.2) SHA: 9d7c94cfd0a1f3ed45544c887983e9fa900f0564

Description: Create GitHub releases

Common Inputs:

  • tag_name: Release tag (default: from tag trigger)
  • name: Release name
  • body: Release description
  • draft: Create as draft
  • prerelease: Mark as prerelease
  • files: Files to upload

Example:

- name: Create Release
  uses: softprops/action-gh-release@9d7c94cfd0a1f3ed45544c887983e9fa900f0564 # v2.0.2
  with:
    tag_name: ${{ github.ref }}
    name: Release ${{ github.ref_name }}
    body_path: CHANGELOG.md
    draft: false
    prerelease: false
    files: |
      dist/*.zip
      dist/*.tar.gz
  env:
    GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

actions/github-script

Latest Version: v7 (v7.0.1) SHA: 60a0d83039c74a4aee543508d2ffcb1c3799cdea

Description: Run JavaScript with GitHub API access

Common Inputs:

  • script: JavaScript code to execute
  • github-token: GitHub token (default: ${{ github.token }})

Example:

- name: Create comment
  uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
  with:
    github-token: ${{ secrets.GITHUB_TOKEN }}
    script: |
      github.rest.issues.createComment({
        issue_number: context.issue.number,
        owner: context.repo.owner,