Hinweis
- The examples in this library are intended for inspiration—you are encouraged to adjust them to be more specific to your projects, languages, and team processes.
- For community-contributed examples of custom instructions for specific languages and scenarios, see the Awesome GitHub Copilot Customizations repository.
- You can apply custom instructions across different scopes, depending on the platform or IDE where you are creating them. For more information, see "Informationen zum Anpassen der Antworten von GitHub Copilot Chat."
Im folgenden Beispiel wird anhand des Felds applyTo eine pfadspezifische actions.instructions.md-Datei veranschaulicht, die ausschließlich für GitHub Actions-Workflowdateien in deinem Repository gilt. Weitere Informationen zu pfadspezifischen Anweisungen findest du unter Hinzufügen benutzerdefinierter Repositoryanweisungen für GitHub Copilot.
---
applyTo: ".github/workflows/**/*.yml"
---
When generating or improving GitHub Actions workflows:
## Security First
- Use GitHub secrets for sensitive data, never hardcode credentials
- Pin third-party actions to specific commits by using the SHA value (e.g., `- uses: owner/some-action@a824008085750b8e136effc585c3cd6082bd575f`)
- Configure minimal permissions for GITHUB_TOKEN required for the workflow
## Performance Essentials
- Cache dependencies with `actions/cache` or built-in cache options
- Add `timeout-minutes` to prevent hung workflows
- Use matrix strategies for multi-environment testing
## Best Practices
- Use descriptive names for workflows, jobs, and steps
- Include appropriate triggers: `push`, `pull_request`, `workflow_dispatch`
- Add `if: always()` for cleanup steps that must run regardless of failure
## Example Pattern
```yaml
name: CI
on: [push, pull_request]
jobs:
test:
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
cache: npm
- run: npm ci
- run: npm test
```
---
applyTo: ".github/workflows/**/*.yml"
---
When generating or improving GitHub Actions workflows:
## Security First
- Use GitHub secrets for sensitive data, never hardcode credentials
- Pin third-party actions to specific commits by using the SHA value (e.g., `- uses: owner/some-action@a824008085750b8e136effc585c3cd6082bd575f`)
- Configure minimal permissions for GITHUB_TOKEN required for the workflow
## Performance Essentials
- Cache dependencies with `actions/cache` or built-in cache options
- Add `timeout-minutes` to prevent hung workflows
- Use matrix strategies for multi-environment testing
## Best Practices
- Use descriptive names for workflows, jobs, and steps
- Include appropriate triggers: `push`, `pull_request`, `workflow_dispatch`
- Add `if: always()` for cleanup steps that must run regardless of failure
## Example Pattern
```yaml
name: CI
on: [push, pull_request]
jobs:
test:
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
cache: npm
- run: npm ci
- run: npm test
```
Further reading
- Informationen zum Anpassen der Antworten von GitHub Copilot Chat - Overview of response customization in GitHub Copilot
- Konfigurieren von benutzerdefinierten Anweisungen für GitHub Copilot - How to configure custom instructions
- Awesome GitHub Copilot Customizations - Repository of community-contributed custom instructions and other customizations for specific languages and scenarios