cache
Composite wrapper around actions/cache pinned to a specific commit SHA to prevent supply chain attacks via tag or branch hijacking.
Inputs
| Input |
Required |
Default |
Description |
path |
Yes |
— |
List of files, directories, and wildcard patterns to cache and restore |
key |
Yes |
— |
An explicit key for saving and restoring the cache |
restore-keys |
No |
'' |
Ordered multiline string of prefix-matched keys used for restoring stale cache |
upload-chunk-size |
No |
'' |
Chunk size in bytes used to split large files during upload |
enableCrossOsArchive |
No |
false |
Allow caches saved on one OS to be restored on another |
fail-on-cache-miss |
No |
false |
Fail the workflow if no cache entry is found |
lookup-only |
No |
false |
Check if a cache entry exists without downloading it |
Outputs
| Output |
Description |
cache-hit |
true if an exact match was found for the primary key |
Usage
- name: Cache pnpm store
uses: https://schmalz-git.git.onstackit.cloud/schmalz/shared-actions/cache@cache-v1
with:
path: ~/.local/share/pnpm/store
key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-
- name: Cache node_modules
id: node-modules-cache
uses: https://schmalz-git.git.onstackit.cloud/schmalz/shared-actions/cache@cache-v1
with:
path: node_modules
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
- name: Install dependencies
if: steps.node-modules-cache.outputs.cache-hit != 'true'
run: npm ci
Notes
- Pinned to
actions/cache commit SHA 0057852b (v4.3.0) to prevent supply chain attacks via tag or branch hijacking.
- Upstream action: code.forgejo.org/actions/cache.
