GitHub Actions Cheat Sheet

Updated 2026-04-29

GitHub Actions is GitHub's CI/CD and automation platform built directly into repositories, enabling workflows to run on code events, schedules, or manual triggers. It eliminates external CI/CD dependencies by providing hosted runners, a marketplace of pre-built actions, and flexible YAML-based workflow definitions. The platform scales from simple automated testing to complex deployment pipelines with matrix builds, reusable workflows, and fine-grained security controls—making it the de facto automation solution for projects hosted on GitHub. In 2026, hosted runner prices dropped up to 39% and major new features include timezone-aware schedules, artifact attestations, OIDC custom properties, and a new case expression function.

What This Cheat Sheet Covers

This topic spans 18 focused tables and 156 indexed concepts. Below is a complete table-by-table outline of this topic, spanning foundational concepts through advanced details.

Table 1: Workflow TriggersTable 2: Workflow Syntax ElementsTable 3: Job ConfigurationTable 4: Step ConfigurationTable 5: Matrix StrategyTable 6: Workflow Event FiltersTable 7: Expressions and ContextsTable 8: Expression FunctionsTable 9: Common Marketplace ActionsTable 10: Secrets and VariablesTable 11: Runner TypesTable 12: Caching and ArtifactsTable 13: Reusable Workflows and ActionsTable 14: Security and PermissionsTable 15: Deployment and EnvironmentsTable 16: Advanced Workflow ControlTable 17: Debugging and TroubleshootingTable 18: Cost Optimization

Table 1: Workflow Triggers

Event	Example	Description
push	`on:` `push:` `branches: [main]`	• Triggers on commits pushed to specified branches or tags • most common trigger for CI pipelines.
pull_request	`on:` `pull_request:` `types: [opened, synchronize]`	• Runs on PR events like open, sync, or close • uses the merge commit with base branch permissions from forks.
workflow_dispatch	`on:` `workflow_dispatch:` `inputs:` `environment:` `required: true`	Allows manual triggering via UI or API with optional custom input parameters (up to 25 inputs).
schedule	`on:` `schedule:` `- cron: '30 5 * * 1'` `timezone: 'America/New_York'`	• Runs workflow at specific times using POSIX cron syntax • supports IANA timezone field (defaults to UTC) • useful for nightly builds or regular maintenance.
workflow_call	`on:` `workflow_call:` `inputs:` `config:` `required: true`	• Makes workflow reusable so other workflows can call it • supports inputs, secrets, and outputs for modular pipeline design.

Table 1: Workflow Triggers

Event	Example	Description
push	`on:` `push:` `branches: [main]`	• Triggers on commits pushed to specified branches or tags • most common trigger for CI pipelines.
pull_request	`on:` `pull_request:` `types: [opened, synchronize]`	• Runs on PR events like open, sync, or close • uses the merge commit with base branch permissions from forks.
workflow_dispatch	`on:` `workflow_dispatch:` `inputs:` `environment:` `required: true`	Allows manual triggering via UI or API with optional custom input parameters (up to 25 inputs).
schedule	`on:` `schedule:` `- cron: '30 5 * * 1'` `timezone: 'America/New_York'`	• Runs workflow at specific times using POSIX cron syntax • supports IANA timezone field (defaults to UTC) • useful for nightly builds or regular maintenance.
workflow_call	`on:` `workflow_call:` `inputs:` `config:` `required: true`	• Makes workflow reusable so other workflows can call it • supports inputs, secrets, and outputs for modular pipeline design.