Workflow YAML syntax
Workflows live in .gluecron/workflows/*.yml at the repo root. Gluecron runs them on the same node that handles your pushes — no external scheduler required.
Minimal example
name: CI
on:
push:
branches: [main]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: bun install --frozen-lockfile
- run: bun testTriggers
The on: key controls when a workflow fires. Multiple triggers can be combined in a single file.
push
on:
push:
branches: [main, "release/**"]
# Optional — only run when these paths change:
paths:
- "src/**"
- "package.json"pull_request
on:
pull_request:
types: [opened, synchronize, reopened]
branches: [main]schedule (cron)
Drop a cron expression in the schedule array. The Gluecron autopilot ticker fires it from the same node — no external scheduler needed.
on:
schedule:
# Every day at 06:00 UTC
- cron: "0 6 * * *"
# Every Monday at 09:00 UTC
- cron: "0 9 * * 1"workflow_dispatch (manual)
on:
workflow_dispatch:
inputs:
environment:
description: "Target environment"
required: true
default: staging
type: choice
options: [staging, production]Jobs
Each job runs in a fresh container. Jobs within the same workflow run in parallel by default; use needs: to sequence them.
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: bun run build
deploy:
runs-on: ubuntu-latest
needs: build # waits for build to succeed
if: github.ref == 'refs/heads/main'
steps:
- run: echo "Deploying…"Steps
run — shell commands
steps:
- name: Install deps
run: bun install --frozen-lockfile
- name: Multi-line script
run: |
bun run lint
bun run typecheck
bun test --reporter=verboseuses — reusable actions
steps:
- uses: actions/checkout@v4 # check out the repo
- uses: oven-sh/setup-bun@v2 # install Bun
with:
bun-version: latest
- uses: actions/cache@v4 # cache restore/save
with:
path: ~/.bun/install/cache
key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lockb') }}Environment variables
Set env vars at the workflow, job, or step level. Step-level values override job-level which override workflow-level.
env:
NODE_ENV: test
LOG_LEVEL: debug
jobs:
test:
runs-on: ubuntu-latest
env:
DATABASE_URL: postgresql://localhost/testdb
steps:
- run: bun test
env:
VERBOSE: "1" # step-level overrideSecrets
Secrets are stored encrypted at the repo or org level and injected at runtime. They never appear in logs — values are masked automatically.
steps:
- name: Deploy
run: curl -X POST $DEPLOY_WEBHOOK
env:
DEPLOY_WEBHOOK: ${{ secrets.DEPLOY_WEBHOOK_URL }}Manage repo secrets at /:owner/:repo/settings/secrets. Org-level secrets live at /orgs/:slug/settings/secrets and are shared across all repos in the org.
Matrix builds
Run the same job across multiple configurations in parallel.
jobs:
test:
runs-on: ubuntu-latest
strategy:
matrix:
node: [18, 20, 22]
os: [ubuntu-latest, macos-latest]
fail-fast: false # don't cancel others on first failure
steps:
- uses: actions/checkout@v4
- run: node --version # uses matrix.node implicitly via setup-node
- run: bun testCache action
# Bun package cache — speeds up installs by ~80% on warm hits
- uses: actions/cache@v4
id: bun-cache
with:
path: ~/.bun/install/cache
key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lockb') }}
restore-keys: |
${{ runner.os }}-bun-
- run: bun install --frozen-lockfileExpressions
# Context access
${{ github.actor }} # username that triggered the run
${{ github.ref }} # refs/heads/main
${{ github.sha }} # full commit SHA
${{ runner.os }} # Linux | macOS | Windows
${{ job.status }} # success | failure | cancelled
# Functions
${{ hashFiles('**/bun.lockb') }}
${{ contains(github.ref, 'release') }}
${{ startsWith(github.ref, 'refs/tags/') }}Complete CI + deploy example
# .gluecron/workflows/ci.yml
name: CI / Deploy
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
ci:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/cache@v4
with:
path: ~/.bun/install/cache
key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lockb') }}
- uses: oven-sh/setup-bun@v2
with:
bun-version: latest
- run: bun install --frozen-lockfile
- run: bun run typecheck
- run: bun test
deploy:
runs-on: ubuntu-latest
needs: ci
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v4
- run: bun run build
- name: Deploy to Fly.io
run: flyctl deploy --remote-only
env:
FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}Edit this page