Every GitHub Actions context in one place
GitHub Actions exposes runtime data through contexts — structured objects you read inside ${{ }} expressions to make workflows dynamic. This reference lists each context with its most-used properties, their types, and where each context is available. Search by context name or property path.
The context system
An expression inside ${{ }} is evaluated by the Actions runner before the step runs. Contexts provide all the runtime data those expressions need:
| Context | What it covers |
|---|---|
github | Event type, repository, branch, SHA, actor, and run metadata |
env | Environment variables set in the workflow file |
vars | Repository/organisation variables (non-secret configuration) |
secrets | Encrypted secrets |
job | Current job’s status and container info |
steps | Outputs and status of previously completed steps |
runner | The runner’s OS, architecture, temp dir, and workspace |
matrix | Current matrix dimension values |
needs | Results and outputs of upstream jobs |
inputs | Workflow inputs (for manually triggered or reusable workflows) |
strategy | Matrix strategy metadata (job count, index, fail-fast setting) |
Availability matters as much as value
Some contexts are only populated in certain positions:
steps.<id>— only available after a step with thatidhas completed within the same jobneeds.<job>— only available when the current job declares that job in itsneeds:listsecrets— not automatically forwarded into composite actions; must be passed as explicit inputsinputs— only available inworkflow_callorworkflow_dispatchtriggered workflowsmatrix— only available inside jobs that define astrategy.matrix
Referencing an unavailable context evaluates to empty string or null, not an error — which can cause silent failures.
Commonly used properties
github.ref_name # branch or tag name (e.g. "main", "v1.2.3")
github.sha # full commit SHA
github.event_name # "push", "pull_request", "workflow_dispatch", etc.
github.actor # username who triggered the workflow
github.run_number # incrementing integer for this workflow's runs
runner.os # "Linux", "Windows", or "macOS"
job.status # "success", "failure", "cancelled"
steps.<id>.outputs.<name> # output written with echo "key=val" >> $GITHUB_OUTPUT
needs.<job>.result # "success", "failure", "skipped", "cancelled"
strategy.job-index # 0-based index of this matrix instance
Practical examples
Conditionally deploy only from the main branch:
- if: github.ref_name == 'main'
run: ./deploy.sh
Pass a value from one step to the next using GITHUB_OUTPUT:
- id: version
run: echo "tag=$(cat VERSION)" >> "$GITHUB_OUTPUT"
- run: echo "Deploying ${{ steps.version.outputs.tag }}"
Fan out across operating systems:
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
runs-on: ${{ matrix.os }}
steps:
- if: runner.os == 'Windows'
run: echo "Windows-specific step"
Gate a publish job on a successful test job:
publish:
needs: test
if: needs.test.result == 'success' && github.ref_name == 'main'
A caution: never print secrets.* values to logs intentionally. GitHub masks them, but transformations (base64, URL-encoding, substring) can produce output that bypasses masking.