{"id":49102300,"url":"https://github.com/rainforestapp/github-action","last_synced_at":"2026-04-21T00:01:31.124Z","repository":{"id":42990425,"uuid":"255660681","full_name":"rainforestapp/github-action","owner":"rainforestapp","description":"Easily trigger a Rainforest Run from your GitHub workflows ","archived":false,"fork":false,"pushed_at":"2025-01-30T22:04:07.000Z","size":136,"stargazers_count":8,"open_issues_count":3,"forks_count":5,"subscribers_count":9,"default_branch":"master","last_synced_at":"2026-03-15T17:03:52.068Z","etag":null,"topics":["actions","github-actions","rainforest","rainforest-qa"],"latest_commit_sha":null,"homepage":"https://www.rainforestqa.com/","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rainforestapp.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-04-14T16:19:03.000Z","updated_at":"2025-11-07T14:41:52.000Z","dependencies_parsed_at":"2023-11-16T01:30:44.841Z","dependency_job_id":"342c7e07-34a7-4c10-87a7-1e93514cf432","html_url":"https://github.com/rainforestapp/github-action","commit_stats":null,"previous_names":[],"tags_count":21,"template":false,"template_full_name":null,"purl":"pkg:github/rainforestapp/github-action","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rainforestapp%2Fgithub-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rainforestapp%2Fgithub-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rainforestapp%2Fgithub-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rainforestapp%2Fgithub-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rainforestapp","download_url":"https://codeload.github.com/rainforestapp/github-action/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rainforestapp%2Fgithub-action/sbom","scorecard":{"id":759492,"data":{"date":"2025-08-11","repo":{"name":"github.com/rainforestapp/github-action","commit":"d4b60a4d3011e7ee16e44ef79d04f5c88a1bd781"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.8,"checks":[{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/rainforest.yml:1","Warn: no topLevel permission defined: .github/workflows/release.yml:1","Warn: no topLevel permission defined: .github/workflows/test.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rainforest.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/rainforestapp/github-action/rainforest.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/rainforestapp/github-action/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/rainforestapp/github-action/test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/rainforestapp/github-action/test.yml/master?enable=pin","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Info: FSF or OSI recognized license: MIT License: LICENSE.md:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-22T22:53:48.254Z","repository_id":42990425,"created_at":"2025-08-22T22:53:48.254Z","updated_at":"2025-08-22T22:53:48.254Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32071013,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-20T21:26:33.338Z","status":"ssl_error","status_checked_at":"2026-04-20T21:26:22.081Z","response_time":94,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["actions","github-actions","rainforest","rainforest-qa"],"created_at":"2026-04-21T00:00:56.769Z","updated_at":"2026-04-21T00:01:31.116Z","avatar_url":"https://github.com/rainforestapp.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# \u003cimg src=\"./logo.svg\" height=\"32px\" /\u003e Rainforest QA GitHub Action ![](https://img.shields.io/github/v/release/rainforestapp/github-action.svg)\n\n**Marketplace homepage:** [`rainforestapp/github-action`](https://github.com/marketplace/actions/rainforest-qa-github-action)\n\n\u003e This is the Rainforest QA [GitHub Action](https://docs.github.com/en/actions), it allows you to easily kick off a Rainforest run from your GitHub workflows, to make sure that every release passes your Rainforest integration tests.\n\n## Sections\n* [Prerequisites](#prerequisites)\n* [Base Usage](#base-usage)\n* [Optional Parameters](#optional-parameters)\n* [Release Process](#github-action-release-process)\n\n## Prerequisites\n\n### A Rainforest QA account\n\nIf you don't already have one, you can talk to us about setting up an account [here](https://www.rainforestqa.com/talk-to-sales?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=ghaction).\n\n### A Rainforest QA API token\n\nYou can find yours on the [Integrations](https://app.rainforestqa.com/settings/integrations) setting page.\nDo not expose this token in your `.github/workflows/\u003cworkflow\u003e.yml` file. Instead, [use a GitHub encrypted secret](https://docs.github.com/en/actions/security-guides/encrypted-secrets). You may name this secret as you wish (as long as it's a name allowed by GitHub), e.g. `RAINFOREST_API_TOKEN`.\n\n### A run group with at least one test\n\nRun groups are a way to group tests that should be run together (for example, a smoke suite you might want to run on every deploy). For more information on run groups, see [this help article](https://help.rainforestqa.com/docs/organizing-tests-by-run-group).\n\nOnce you have a run group which contains at least one enabled test, you can run it in GitHub workflows using this Action. You will need its ID (visible at the end of the run group URL: `https://app.rainforestqa.com/run_groups/\u003cID\u003e`).\n\n## Base usage\nThis is a simple workflow file that will start a Rainforest run using run group #1234 every time a commit is pushed to the `main` branch. To use it, change the run group ID to the one you wish to run, ensure your Rainforest API token is properly configured in your GitHub secrets, and commit this file in your repo at `.github/workflows/rainforest.yml`.\n\n```yaml\non:\n  push:\n    branches:\n      - main\n\njobs:\n  rainforest:\n    runs-on: ubuntu-latest\n    name: Run Rainforest\n    steps:\n      - name: Rainforest\n        uses: rainforestapp/github-action@master\n        with:\n          token: ${{ secrets.RAINFOREST_API_TOKEN }}\n          run_group_id: 1234\n```\n\n## Optional Parameters\n\n### `description`\nAn arbitrary string to associate with the run.\n#### Default behavior\nThe default value :\n\u003e `\"${GITHUB_REPOSITORY} - ${GITHUB_REF_NAME} ${GITHUB_JOB} $(date -u +'%FT%TZ')\"`\n\nThis means that if no `description` parameter is passed in and your repository is named `my_org/my_repo`, the GitHub job is `#42` on the `my_feature_branch` branch, and the current time (in UTC) is noon on December 31st, 2021; then the created run's description will be:\n\u003e `my_org/my_repo - my_feature_branch 42 2021-12-31T12:00:00Z`\n\n### `environment_id`\nUse a specific environment for this run. _This parameter will be ignored if the `custom_url` parameter is also passed in._\n#### Default behavior\nIf no `environment_id` parameter is passed in, the created run will use the Run Group's default environment.\n\n### `custom_url`\nUse a specific URL (via a [temporary environment](https://github.com/rainforestapp/rainforest-cli#command-line-options)) for this run.\n#### Default behavior\nIf no `custom_url` parameter is passed in, the created run will use the Run Group's default environment.\n\n### `conflict`\nHow we should handle currently active runs.\n#### Allowed values\nValue | Behavior\n--- | ---\n`cancel` | Cancel all other runs in the same environment.\n`cancel-all` | Cancel all other runs, regardless of environment.\n#### Default behavior\nIf no `conflict` parameter is passed in, then no active runs will be canceled.\n\n### `execution_method`\nThe execution method to use for this run.\n#### Allowed values\nValue | Behavior | Requirements\n--- | --- | ---\n`automation` | Run against our automation agent. | - All tests in the run group are written with the Visual Editor.\u003cbr /\u003e- No tests use a Tester Instruction/Confirmation action.\n`crowd` | Run against our global crowd of testers.\n`automation_and_crowd` | Run against our automation agent where possible, fall back to the crowd of testers.\n`on_premise` | Run against your internal testers. | - On-premise is enabled for your account.\n#### Default behavior\nIf no `execution_parameter` parameter is passed in, the created run will run against the run group's default execution method.\n\n### `release`\nA string used to link a run to a release (for example, a `git` SHA or tag, a version number, a code name)\n#### Default behavior\nIf no `release` parameter is passed in, the SHA1 hash of the latest commit of the current workflow (obtained via the `GITHUB_SHA` environment variable) will be used.\n\n### `automation_max_retries`\nSet to a value larger than `0` to retry failed tests excuted by our automation agent in the same run up to that number of times.\n#### Default behavior\nIf no `automation_max_retries` parameter is passed in, the [default from your account or run group is used](https://help.rainforestqa.com/docs/test-retries).\n\n### `branch`\nUse a specific Rainforest branch for this run.\n#### Default behavior\nIf no `branch` parameter is passed in, the `main` branch will be used.\n\n### `background`\nSet to `true` to immediately complete the GitHub workflow job without waiting for the Rainforest run to complete\n### Default behavior\nBy default we wait for the run to complete in order to pass or fail the workflow job based on the run's result.\n\n### `dry_run`\nSet to `true` to run parameter validations without actually starting a run in Rainforest.\n#### Default behavior\nIf no `dry_run` parameter is passed in, the run will be started in Rainforest.\n\n## Rerunning failed tests\nIf your Rainforest run fails due to a [\"non-bug\"](https://rainforest.engineering/2021-01-20-shipping-faster-orb/) (your testing environment might have had a hiccup, or a test might have needed to be tweaked, etc), then rather than make code changes and then run your full testing suite once more, you'll instead want to rerun just the tests that failed. The Rainforest QA GitHub Action uses GitHub [caching](https://docs.github.com/en/actions/advanced-guides/caching-dependencies-to-speed-up-workflows) to know when a workflow is [being rerun](https://docs.github.com/en/actions/managing-workflow-runs/re-running-workflows-and-jobs). It will then automatically rerun only the tests which failed in the previous run.\n\n## Running multiple Rainforest runs from a single workflow using `workflow_call`\nThe Rainforest QA GitHub Action cannot detect on its own when it is being called multiple times in a single workflow through an intermediary reusable workflow. This means that the second invocation will attempt to rerun the run created by the first invocation, which will fail if that run has no failed tests to rerun. In order to avoid this situation, set the `cache_key` parameter to a distinct value in each invocation:\n\n```yml\n# reusable workflow\non:\n  workflow_call:\n    inputs:\n      cache_key:\n        type: string\n\njobs:\n  rainforest:\n    runs-on: ubuntu-latest\n    name: Run Rainforest\n    steps:\n      - name: Rainforest\n        uses: rainforestapp/github-action@master\n        with:\n          token: ${{ secrets.RAINFOREST_API_TOKEN }}\n          run_group_id: 1234\n          cache_key: ${{ inputs.cache_key }}\n```\n\n```yml\n# calling workflow\njobs:\n  first-invocation:\n    uses: ./.github/workflows/reusable.yml\n    with:\n      cache_key: first-invocation\n\n  second-invocation:\n    uses: ./.github/workflows/reusable.yml\n    with:\n      cache_key: second-invocation\n```\n\n## GitHub Action Release Process\nThis section describes the release process for the Action itself:\n1. Create a feature branch and do your work.\n1. Update the version in `action.yml`.\n1. Get review and merge to master.\n1. Create a [GitHub Release](https://github.com/rainforestapp/github-action/releases/new) with the proper `v`-prefixed version tag (i.e. `v0.0.1`). List **Bugfixes**, **Breaking changes**, and **New features** (if present), with links to the PRs. See [previous releases](https://github.com/rainforestapp/github-action/releases) for an idea of the format we're using.\n1. The `release.yml` workflow will then run to update the major release tag. E.g. if your release was for `v1.2.3`, then it will automatically update the `v1` tag.\n\nIf you want to run an integration test, create a new branch in a repo of your choice and add a new workflow to`.github/workflows/` with the action pointing to your commit.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frainforestapp%2Fgithub-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frainforestapp%2Fgithub-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frainforestapp%2Fgithub-action/lists"}