I created a GitHub reusable workflows repository for my personal use.
What Are GitHub Reusable Workflows?
GitHub Actions’ reusable workflows is a mechanism that allows workflow files to be called from other repositories.
For example, you can call a workflow from another repository like this:
jobs:
example:
uses: masutaka/actions/.github/workflows/some-workflow.yml@main
Since you can consolidate common processes in one place, it saves you the trouble of managing the same workflow across multiple repositories.
There are some limitations and caveats to be aware of:
- Reusable workflows in private repositories cannot be called from public repositories
- Reusable workflows in private repositories can only be called from other repositories within the same org/user (different orgs are not allowed, and the Access policy setting of the called repository must be configured)
- The
envcontext at the calling workflow level is not propagated to the called workflow - Environment secrets cannot be passed (only regular secrets can be passed via
secrets: inherit) - Reusable workflows always run at the job level (they cannot be used as steps). This means a separate runner starts each time they are called, and the filesystem cannot be shared between jobs. For private repositories, this also increases Actions minutes consumption. If you want to reuse at the step level, you need to use a composite action
Since masutaka/actions is a public repository, limitations 1 and 2 do not apply.
Included Workflows
Currently, I have included the following reusable workflows:
- add_assignee_to_pr.yml (docs ) - Sets the PR creator as the assignee when a PR is created
- codeql.yml (docs ) - Detects languages from changed files and runs CodeQL analysis
- codeql_core.yml (docs ) - Runs CodeQL analysis for specified languages
- create_gh_issue.yml (docs ) - Creates a GitHub Issue from a template
- dependency_review.yml (docs ) - Reviews PR dependencies
- pushover.yml (docs ) - Sends Pushover 1 notifications for workflow failures
I referenced mdn/workflows
for the documentation structure, documenting each workflow’s usage in Markdown files under docs/ and linking to them from README.md.
Why I Created This
I had been using route06/actions , a repository where I had been a maintainer at my previous job, even after leaving the company.
However, there were a few things I wanted to customize for personal use, and creating a new pushover.yml workflow prompted me to copy the necessary workflow files and create my own repository.
Up until then, the same pushover.yml file was duplicated across my personal repositories, but I took this opportunity to consolidate everything into masutaka/actions.
Handling Licenses
Both repositories are under the MIT License. For workflow files copied over, I added attribution to the original repository at the top of each file like this:
Example: codeql.yml :
# Derived from https://github.com/route06/actions/blob/main/.github/workflows/codeql.yml
# Copyright (c) 2024 ROUTE06, Inc.
# Licensed under the MIT License.
I also included both copyrights in the LICENSE file. I believe this satisfies the requirements of the MIT License.
Copyright (c) Takashi Masuda
Copyright (c) 2024 ROUTE06, Inc.
Conclusion
Until now, similar workflow files were scattered across my personal repositories, and I had to update multiple repositories every time a change was needed. By consolidating them into masutaka/actions, changes can now be made in one place.
As my personal repositories continue to grow, I plan to keep consolidating shareable workflows here going forward.
References
- Reuse workflows - GitHub Docs
- Creating a composite action - GitHub Docs
- mdn/workflows
- route06/actions
-
A push notification service for iOS/Android ↩︎