Always use explicit configuration in CI/CD workflows rather than relying on defaults or convenience shortcuts. This includes pinning exact tool versions, specifying action parameters explicitly, and choosing reliable installation methods.
Always use explicit configuration in CI/CD workflows rather than relying on defaults or convenience shortcuts. This includes pinning exact tool versions, specifying action parameters explicitly, and choosing reliable installation methods.
Key practices:
version: v1.64.7 instead of version: v1.64)go install for Go tools instead of third-party GitHub actions that may become unmaintainedcache: false for setup-go)Example of explicit configuration:
- name: Install Go
uses: actions/setup-go@v4
with:
go-version: 1.21.0 # exact version
cache: false # explicit cache setting
- name: Install gotestsum
run: go install gotest.tools/gotestsum@v1.11.0 # exact version via go install
This approach ensures reproducible builds, reduces dependency on external maintainers, and makes workflow behavior predictable across different environments and over time.
Enter the URL of a public GitHub repository