[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-73319":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":14,"stars30d":18,"stars90d":16,"forks30d":16,"starsTrendScore":19,"compositeScore":20,"rankGlobal":10,"rankLanguage":10,"license":21,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":24,"hasPages":22,"topics":25,"createdAt":10,"pushedAt":10,"updatedAt":35,"readmeContent":36,"aiSummary":37,"trendingCount":16,"starSnapshotCount":16,"syncStatus":38,"lastSyncTime":39,"discoverSource":40},73319,"wrkflw","bahdotsh\u002Fwrkflw","bahdotsh","Validate and Run GitHub Actions locally.","https:\u002F\u002Fgithub.com\u002Fbahdotsh\u002Fwrkflw",null,"Rust",3229,60,16,6,0,11,274,33,95.36,"MIT License",false,"main",true,[26,27,28,29,30,31,32,33,34],"ci","cli","devops","github","github-actions","hacktoberfest","ratatui","rust","tui","2026-06-12 04:01:09","# WRKFLW\n\n[![Crates.io](https:\u002F\u002Fimg.shields.io\u002Fcrates\u002Fv\u002Fwrkflw)](https:\u002F\u002Fcrates.io\u002Fcrates\u002Fwrkflw)\n[![License](https:\u002F\u002Fimg.shields.io\u002Fcrates\u002Fl\u002Fwrkflw)](LICENSE)\n[![Build Status](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Factions\u002Fworkflow\u002Fstatus\u002Fbahdotsh\u002Fwrkflw\u002Fci.yml?branch=main)](https:\u002F\u002Fgithub.com\u002Fbahdotsh\u002Fwrkflw\u002Factions\u002Fworkflows\u002Fci.yml)\n[![Downloads](https:\u002F\u002Fimg.shields.io\u002Fcrates\u002Fd\u002Fwrkflw)](https:\u002F\u002Fcrates.io\u002Fcrates\u002Fwrkflw)\n\nA command-line tool for validating and executing GitHub Actions workflows locally. Test your workflows on your machine before pushing to GitHub.\n\n![WRKFLW Demo](demo.gif)\n\n## Features\n\n- **TUI interface** — interactive terminal UI with Workflows, Execution, DAG, Logs, Trigger, Secrets, and Help tabs\n- **Workflow validation** — syntax checks, structural validation, and composite action input cross-checking with CI\u002FCD-friendly exit codes\n- **Local execution** — Docker, Podman, emulation, or sandboxed **secure emulation** (no containers)\n- **Diff-aware filtering** — skip workflows whose `on:` block doesn't match the simulated event and changed file set\n- **Watch mode** — rerun workflows automatically on file changes, with trigger-aware filtering\n- **Job selection** — run individual jobs with `--job` or via TUI job selection mode\n- **Job dependency resolution** — automatic ordering based on `needs` with parallel execution of independent jobs\n- **Expression evaluator** — evaluates `${{ ... }}` expressions including `toJSON`, `fromJSON`, `contains`, `startsWith`, etc.\n- **Action support** — Docker container actions, JavaScript actions, composite actions (with output propagation), and local actions\n- **Reusable workflows** — execute caller jobs via `jobs.\u003Cid>.uses` (local or `owner\u002Frepo\u002Fpath@ref`) with output propagation\n- **Artifacts, cache, and inter-job outputs** — `actions\u002Fupload-artifact`, `actions\u002Fdownload-artifact`, `actions\u002Fcache`, and `needs.\u003Cid>.outputs.*`\n- **GitHub context emulation** — environment variables, `GITHUB_OUTPUT`, `GITHUB_ENV`, `GITHUB_PATH`, `GITHUB_STEP_SUMMARY`\n- **Matrix builds** — full support for `include`, `exclude`, `max-parallel`, and `fail-fast`\n- **Secrets management** — multiple providers (env, file, Vault, AWS, Azure, GCP) with masking and AES-256-GCM encrypted storage\n- **Remote triggering** — trigger `workflow_dispatch` runs on GitHub or GitLab pipelines\n- **GitLab support** — validate and trigger GitLab CI pipelines\n\n## Not yet supported\n\n- GitHub encrypted secrets and fine-grained permissions\n- Event triggers other than `workflow_dispatch` for the remote `trigger` command\n- Private repos for remote `uses:` — reusable workflows clone over unauthenticated HTTPS\n- `concurrency:` groups and `cancel-in-progress` — parsed but not enforced\n- Service containers — `services:` is parsed but never started, in any runtime\n- Windows and macOS runners — `runs-on: windows-*` \u002F `macos-*` is silently mapped to a container image (macOS → a Linux image, Windows → a Windows container that won't run on Linux\u002FmacOS hosts). `${{ runner.os }}` reflects the host OS, not `runs-on`.\n\n## Installation\n\n```bash\ncargo install wrkflw\n```\n\nOr with Homebrew ([formula](https:\u002F\u002Fformulae.brew.sh\u002Fformula\u002Fwrkflw)):\n\n```bash\nbrew install wrkflw\n```\n\nOr build from source:\n\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002Fbahdotsh\u002Fwrkflw.git\ncd wrkflw\ncargo build --release\n```\n\n## Quick Start\n\n```bash\n# Launch the TUI (auto-detects .github\u002Fworkflows)\nwrkflw\n\n# Validate workflows\nwrkflw validate\n\n# Run a workflow\nwrkflw run .github\u002Fworkflows\u002Fci.yml\n\n# Rerun workflows automatically on file changes\nwrkflw watch\n\n# List detected workflows and pipelines\nwrkflw list\n```\n\n## Usage\n\n### Validation\n\n```bash\n# Validate all workflows in .github\u002Fworkflows\nwrkflw validate\n\n# Validate specific files or directories\nwrkflw validate path\u002Fto\u002Fworkflow.yml\nwrkflw validate path\u002Fto\u002Fworkflows\u002F\n\n# Validate multiple paths\nwrkflw validate flow-1.yml flow-2.yml path\u002Fto\u002Fworkflows\u002F\n\n# GitLab pipelines\nwrkflw validate .gitlab-ci.yml --gitlab\n\n# Verbose output\nwrkflw validate --verbose path\u002Fto\u002Fworkflow.yml\n```\n\n**Exit codes:** `0` = all valid, `1` = validation failures, `2` = usage error. Use `--no-exit-code` to disable.\n\n### Execution\n\n```bash\n# Run with Docker (default)\nwrkflw run .github\u002Fworkflows\u002Fci.yml\n\n# Run with Podman\nwrkflw run --runtime podman .github\u002Fworkflows\u002Fci.yml\n\n# Run in emulation mode (no containers)\nwrkflw run --runtime emulation .github\u002Fworkflows\u002Fci.yml\n\n# Run in sandboxed secure emulation\nwrkflw run --runtime secure-emulation .github\u002Fworkflows\u002Fci.yml\n\n# Run a specific job\nwrkflw run --job build .github\u002Fworkflows\u002Fci.yml\n\n# List jobs in a workflow\nwrkflw run --jobs .github\u002Fworkflows\u002Fci.yml\n\n# Preserve failed containers for debugging\nwrkflw run --preserve-containers-on-failure .github\u002Fworkflows\u002Fci.yml\n```\n\n### Trigger-aware execution\n\nSkip workflows whose `on:` block wouldn't fire for a given event\u002Fchange set. Strict mode is on by default: `wrkflw run --event …` without `--diff` or `--changed-files` is rejected up front rather than silently skipping every `paths:`-gated workflow.\n\n```bash\n# Auto-detect changed files from git (vs origin\u002FHEAD, main\u002Fmaster, or HEAD~1)\nwrkflw run --diff --event push .github\u002Fworkflows\u002Fci.yml\n\n# Pin the diff range\nwrkflw run --diff --diff-base main --diff-head HEAD --event push .github\u002Fworkflows\u002Fci.yml\n\n# Supply changed files explicitly (e.g. from a CI wrapper)\nwrkflw run --event push --changed-files src\u002Fmain.rs,Cargo.toml .github\u002Fworkflows\u002Fci.yml\n\n# Simulate a pull_request — `--base-branch` is required under strict mode\nwrkflw run --event pull_request --base-branch main --diff .github\u002Fworkflows\u002Fci.yml\n\n# Opt out of strict rejection (legacy warn-and-proceed)\nwrkflw run --event push --no-strict-filter .github\u002Fworkflows\u002Fci.yml\n```\n\nSee [BREAKING_CHANGES.md](BREAKING_CHANGES.md) for full migration notes.\n\n### Watch mode\n\n```bash\n# Watch .github\u002Fworkflows for changes and rerun affected workflows\nwrkflw watch\n\n# Watch a specific path, simulate pull_request, and cap concurrency\nwrkflw watch --event pull_request --base-branch main \\\n    --max-concurrency 2 --debounce 750 .github\u002Fworkflows\n\n# Ignore extra directories on top of the built-in list\nwrkflw watch --ignore-dir .terraform --ignore-dir coverage\n```\n\n### TUI\n\n```bash\n# Open TUI with default directory\nwrkflw tui\n\n# Open with specific runtime\nwrkflw tui --runtime podman\n```\n\n**Tabs:** Workflows · Execution · DAG · Logs · Trigger · Secrets · Help.\n\n**Controls:**\n\n| Key | Action |\n|-----|--------|\n| `Tab` \u002F `Shift+Tab` | Switch tabs |\n| `1`–`7` | Jump to tab by number |\n| `w` \u002F `x` \u002F `l` \u002F `h` | Jump to Workflows \u002F Execution \u002F Logs \u002F Help |\n| `↑`\u002F`↓` or `k`\u002F`j` | Navigate \u002F scroll |\n| `Space` | Toggle workflow selection |\n| `Enter` | Run \u002F view details |\n| `r` | Run selected workflows |\n| `a` \u002F `n` | Select all \u002F deselect all |\n| `Shift+R` | Reset workflow status |\n| `Shift+J` | View jobs in workflow |\n| `e` | Cycle runtime (Docker \u002F Podman \u002F Emulation \u002F Secure Emulation) |\n| `v` | Toggle Execution \u002F Validation mode |\n| `d` \u002F `D` | Toggle diff-aware filter \u002F cycle simulated event |\n| `t` | Trigger remote workflow |\n| `,` | Open Tweaks overlay |\n| `?` | Toggle help overlay |\n| `q` \u002F `Esc` | Quit \u002F back |\n\nLogs tab adds `s` (search), `f` (filter), `c` (clear), `n` (next match). Trigger tab adds `p` (github↔gitlab), `b` (edit branch), `+` (add input), `c` (copy curl preview).\n\n### Remote Triggering\n\nTrigger `workflow_dispatch` events on GitHub or GitLab.\n\n```bash\n# GitHub (requires GITHUB_TOKEN env var)\nwrkflw trigger workflow-name --branch main --input key=value\n\n# GitLab (requires GITLAB_TOKEN env var)\nwrkflw trigger-gitlab --branch main --variable key=value\n```\n\n## Runtime Modes\n\n| Mode | Description | Best for |\n|------|-------------|----------|\n| **Docker** (default) | Full container isolation, closest to GitHub runners | Production, CI\u002FCD |\n| **Podman** | Rootless containers, no daemon required | Security-conscious environments |\n| **Emulation** | Runs directly on host, no containers needed | Quick local testing |\n| **Secure Emulation** | Sandboxed host processes with filesystem\u002Fnetwork restrictions | Running untrusted workflows without a container runtime |\n\n## Reusable Workflows\n\n```yaml\njobs:\n  call-local:\n    uses: .\u002F.github\u002Fworkflows\u002Fshared.yml\n\n  call-remote:\n    uses: my-org\u002Fmy-repo\u002F.github\u002Fworkflows\u002Fshared.yml@v1\n    with:\n      foo: bar\n    secrets:\n      token: ${{ secrets.MY_TOKEN }}\n```\n\n- Local refs resolve relative to the working directory\n- Remote refs are shallow-cloned at the specified `@ref`\n- `with:` entries become `INPUT_\u003CKEY>` env vars; `secrets:` become `SECRET_\u003CKEY>`\n- Outputs from called jobs are merged back into `needs.\u003Cid>.outputs.*`\n\n**Limitations:** private repos for remote `uses:` are not yet supported (the clone is unauthenticated); declared `on.workflow_call.outputs` is approximated by flattening all called-job outputs (the explicit mapping is not yet parsed).\n\n## Secrets Management\n\nWRKFLW supports GitHub Actions-compatible `${{ secrets.* }}` syntax with multiple providers:\n\n```bash\n# Environment variables (simplest)\nexport GITHUB_TOKEN=\"ghp_...\"\nwrkflw run .github\u002Fworkflows\u002Fci.yml\n\n# File-based secrets (JSON, YAML, or .env format)\n# Configure in ~\u002F.wrkflw\u002Fsecrets.yml\n```\n\nSupported providers: environment variables, file-based, HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, Google Cloud Secret Manager. See the [secrets demo](examples\u002Fsecrets-demo\u002F) for detailed examples.\n\n## Project Structure\n\nWRKFLW is organized as a Cargo workspace with focused crates:\n\n| Crate | Purpose |\n|-------|---------|\n| `wrkflw` | CLI binary and library entry point |\n| `wrkflw-executor` | Workflow execution engine, expression evaluator, artifact\u002Fcache stores |\n| `wrkflw-parser` | Workflow file parsing and schema validation |\n| `wrkflw-evaluator` | Structural evaluation of workflow files |\n| `wrkflw-validators` | Validation rules for jobs, steps, triggers |\n| `wrkflw-runtime` | Container and emulation runtime abstractions |\n| `wrkflw-trigger-filter` | `on:` block parsing and change-set matching |\n| `wrkflw-watcher` | File watcher with trigger-aware re-execution |\n| `wrkflw-ui` | Terminal user interface |\n| `wrkflw-models` | Shared data structures |\n| `wrkflw-matrix` | Matrix expansion utilities |\n| `wrkflw-secrets` | Secrets management with multiple providers |\n| `wrkflw-github` | GitHub API integration |\n| `wrkflw-gitlab` | GitLab API integration |\n| `wrkflw-logging` | In-memory logging for TUI\u002FCLI |\n| `wrkflw-utils` | Shared helpers |\n\n## License\n\nMIT License - see [LICENSE](LICENSE) for details.\n","WRKFLW 是一个用于本地验证和执行 GitHub Actions 工作流的命令行工具。其核心功能包括基于 TUI 的交互界面、工作流验证、本地执行（支持 Docker、Podman 或安全模拟）、差异感知过滤、监视模式等，旨在帮助开发者在将工作流推送到 GitHub 之前进行充分测试。此外，它还提供了丰富的 CI\u002FCD 特性如表达式求值器、作业依赖解析、矩阵构建及秘密管理等。WRKFLW 适用于需要频繁调试 GitHub Actions 脚本或希望在本地环境中预览自动化流程效果的开发人员与 DevOps 团队。",2,"2026-06-11 03:44:59","high_star"]