cache/examples.md

# Examples

- [Google Cloud Storage Cache](#google-cloud-storage-cache)
  - [Basic Example](#basic-example)
  - [Separate Restore/Save Actions](#separate-restoresave-actions)
  - [Advanced GCS Cache Examples](#advanced-gcs-cache-examples)
    - [Cross-Repository Caching](#cross-repository-caching)
    - [Using Workload Identity Federation](#using-workload-identity-federation-recommended-for-production)
- [Language-Specific Caching Examples](#language-specific-caching-examples)

## Google Cloud Storage Cache

Using Google Cloud Storage (GCS) as a cache backend provides several advantages:

- **Larger storage**: Store caches beyond GitHub's 10GB repository limit
- **Cross-repository access**: Share caches between different repositories
- **Custom retention**: Control cache lifecycle with GCS retention policies  
- **Fallback mechanism**: Automatically falls back to GitHub cache if GCS is unavailable

The following examples show how to configure GCS caching in your workflows.

### Basic Example

```yaml
name: Build with GCS Cache

on: push

jobs:
  build:
    runs-on: ubuntu-latest
    
    permissions:
      contents: 'read'
      id-token: 'write' # Required for GCP workload identity federation

    steps:
    - uses: actions/checkout@v4

    # Set up Google Cloud authentication
    - id: auth
      uses: google-github-actions/auth@v2
      with:
        # Using Service Account Key JSON
        credentials_json: ${{ secrets.GCP_CREDENTIALS }}
        
        # Alternatively, use Workload Identity Federation (more secure)
        # workload_identity_provider: ${{ secrets.WIF_PROVIDER }}
        # service_account: ${{ secrets.WIF_SERVICE_ACCOUNT }}

    - name: Cache Dependencies
      id: cache-deps
      uses: danySam/gcs-cache@v1
      with:
        path: |
          ~/.npm
          node_modules
        key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
        restore-keys: |
          ${{ runner.os }}-node-
        gcs-bucket: my-github-cache-bucket

    - name: Install Dependencies
      if: steps.cache-deps.outputs.cache-hit != 'true'
      run: npm ci

    - name: Build
      run: npm run build
```

### Separate Restore/Save Actions

For more flexible control, you can use the `restore` and `save` actions separately:

```yaml
name: Build with GCS Cache (Separate Restore/Save)

on: push

jobs:
  build:
    runs-on: ubuntu-latest
    
    permissions:
      contents: 'read'
      id-token: 'write' # Required for GCP workload identity federation

    steps:
    - uses: actions/checkout@v4

    # Set up Google Cloud authentication
    - id: auth
      uses: google-github-actions/auth@v2
      with:
        credentials_json: ${{ secrets.GCP_CREDENTIALS }}
        # Or use workload identity federation

    - name: Restore Dependencies from Cache
      id: cache-deps-restore
      uses: danySam/gcs-cache/restore@v1
      with:
        path: |
          ~/.npm
          node_modules
        key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
        restore-keys: |
          ${{ runner.os }}-node-
        gcs-bucket: my-github-cache-bucket

    - name: Install Dependencies
      if: steps.cache-deps-restore.outputs.cache-hit != 'true'
      run: npm ci

    - name: Build
      run: npm run build

    - name: Save Dependencies to Cache
      id: cache-deps-save
      uses: danySam/gcs-cache/save@v1
      with:
        path: |
          ~/.npm
          node_modules
        key: ${{ steps.cache-deps-restore.outputs.cache-primary-key }}
        gcs-bucket: my-github-cache-bucket
```

### Advanced GCS Cache Examples

#### Cross-Repository Caching

Share caches across multiple repositories using the same GCS bucket:

```yaml
name: Build with Shared GCS Cache

on: push

jobs:
  build:
    runs-on: ubuntu-latest
    
    permissions:
      contents: 'read'
      id-token: 'write' 

    steps:
    - uses: actions/checkout@v4

    # Set up Google Cloud authentication
    - uses: google-github-actions/auth@v2
      with:
        credentials_json: ${{ secrets.GCP_CREDENTIALS }}

    - name: Shared Cross-Repo Cache
      id: shared-cache
      uses: danySam/gcs-cache@v1
      with:
        path: |
          ~/.gradle/caches
          ~/.gradle/wrapper
        key: shared-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
        restore-keys: |
          shared-gradle-
        gcs-bucket: shared-company-cache-bucket
        gcs-path-prefix: gradle-cache  # Optional: organize caches in the bucket

    # Rest of your workflow
```

#### Using Workload Identity Federation (Recommended for Production)

For production environments, Google recommends [Workload Identity Federation](https://cloud.google.com/iam/docs/workload-identity-federation) over service account keys for more secure authentication. This approach eliminates the need to manage long-lived service account keys:

```yaml
name: Build with GCS Cache using Workload Identity

on: push

jobs:
  build:
    runs-on: ubuntu-latest
    
    permissions:
      contents: 'read'
      id-token: 'write' # Required for Workload Identity Federation

    steps:
    - uses: actions/checkout@v4

    # Set up Google Cloud authentication with Workload Identity Federation
    - id: auth
      uses: google-github-actions/auth@v2
      with:
        # The workload identity provider resource name
        workload_identity_provider: projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider
        # The service account email address
        service_account: my-service-account@my-project.iam.gserviceaccount.com
        # Optional: Create credentials file for Google Cloud SDK
        create_credentials_file: true
        # Optional: Cleanup credentials after job completion
        cleanup_credentials: true

    - name: Cache Dependencies
      id: cache-deps
      uses: danySam/gcs-cache@v1
      with:
        path: path/to/dependencies
        key: ${{ runner.os }}-${{ hashFiles('**/lockfiles') }}
        gcs-bucket: my-github-cache-bucket
```

For detailed setup instructions, see the [Google GitHub Actions Auth documentation](https://github.com/google-github-actions/auth). The basic steps include:

1. Create a Workload Identity Pool and Provider in Google Cloud
2. Configure IAM permissions for your service account 
3. Store configuration values in GitHub Secrets
4. Add the auth action to your workflow with proper permissions

Using Workload Identity Federation provides enhanced security since:
- No long-lived credentials need to be stored as GitHub Secrets
- Access is temporary and scoped to just the running workflow
- All access is fully auditable in Google Cloud logs

## Language-Specific Caching Examples

- [Bun](#bun)
- [C# - NuGet](#c---nuget)
- [Clojure - Lein Deps](#clojure---lein-deps)
- [D - DUB](#d---dub)
  - [POSIX](#posix)
  - [Windows](#windows)
Move examples to their own page (#13) 2019-10-31 11:36:50 -04:00			`# Examples`

Update examples.md 2025-04-11 13:10:01 +05:30			`- [Google Cloud Storage Cache](#google-cloud-storage-cache)`
			`- [Basic Example](#basic-example)`
			`- [Separate Restore/Save Actions](#separate-restoresave-actions)`
			`- [Advanced GCS Cache Examples](#advanced-gcs-cache-examples)`
			`- [Cross-Repository Caching](#cross-repository-caching)`
			`- [Using Workload Identity Federation](#using-workload-identity-federation-recommended-for-production)`
			`- [Language-Specific Caching Examples](#language-specific-caching-examples)`
Add Bun example (#1456) * Add Bun example * Fix Bun Windows example 2024-10-08 21:53:09 +02:00
Update examples.md 2025-04-11 13:10:01 +05:30			`## Google Cloud Storage Cache`
Add Bun example (#1456) * Add Bun example * Fix Bun Windows example 2024-10-08 21:53:09 +02:00
Update examples.md 2025-04-11 13:10:01 +05:30			`Using Google Cloud Storage (GCS) as a cache backend provides several advantages:`
Add Bun example (#1456) * Add Bun example * Fix Bun Windows example 2024-10-08 21:53:09 +02:00
Update examples.md 2025-04-11 13:10:01 +05:30			`- Larger storage: Store caches beyond GitHub's 10GB repository limit`
			`- Cross-repository access: Share caches between different repositories`
			`- Custom retention: Control cache lifecycle with GCS retention policies`
			`- Fallback mechanism: Automatically falls back to GitHub cache if GCS is unavailable`
Add Bun example (#1456) * Add Bun example * Fix Bun Windows example 2024-10-08 21:53:09 +02:00
Update examples.md 2025-04-11 13:10:01 +05:30			`The following examples show how to configure GCS caching in your workflows.`
Golang example tweak - add `go-build` path - rebuild page TOC (#577) 2021-06-01 23:39:29 +10:00
Update examples.md 2025-04-11 13:10:01 +05:30			`### Basic Example`
Move examples to their own page (#13) 2019-10-31 11:36:50 -04:00
Revert original C# Example * Treat "Use Personal Cache Folder" way as another C# example * Describe the situation in which another example should be used 2019-12-13 10:03:43 +09:00			```yaml
Update examples.md 2025-04-11 13:10:01 +05:30			`name: Build with GCS Cache`
feat: 🎸 add example for clojure lein project deps In Clojure, Lein tool is used to generate template for various projects. Lein project metadata (including project dependencies) are stored in prject.clj (in root directory) file. Lein downloads dependencies in classpath (~/.m2/repository). So here I am caching ~/.m2/repository path for reusing cache in subsequent builds. 2022-06-26 00:39:24 +05:30
Update examples.md 2025-04-11 13:10:01 +05:30			`on: push`
feat: 🎸 add example for clojure lein project deps In Clojure, Lein tool is used to generate template for various projects. Lein project metadata (including project dependencies) are stored in prject.clj (in root directory) file. Lein downloads dependencies in classpath (~/.m2/repository). So here I am caching ~/.m2/repository path for reusing cache in subsequent builds. 2022-06-26 00:39:24 +05:30
Update examples.md 2025-04-11 13:10:01 +05:30			`jobs:`
			`build:`
			`runs-on: ubuntu-latest`

			`permissions:`
			`contents: 'read'`
			`id-token: 'write' # Required for GCP workload identity federation`
Golang example tweak - add `go-build` path - rebuild page TOC (#577) 2021-06-01 23:39:29 +10:00
Update examples.md 2025-04-11 13:10:01 +05:30			`steps:`
			`- uses: actions/checkout@v4`
Move examples to their own page (#13) 2019-10-31 11:36:50 -04:00
Update examples.md 2025-04-11 13:10:01 +05:30			`# Set up Google Cloud authentication`
			`- id: auth`
			`uses: google-github-actions/auth@v2`
			`with:`
			`# Using Service Account Key JSON`
			`credentials_json: ${{ secrets.GCP_CREDENTIALS }}`

			`# Alternatively, use Workload Identity Federation (more secure)`
			`# workload_identity_provider: ${{ secrets.WIF_PROVIDER }}`
			`# service_account: ${{ secrets.WIF_SERVICE_ACCOUNT }}`

			`- name: Cache Dependencies`
			`id: cache-deps`
			`uses: danySam/gcs-cache@v1`
			`with:`
			`path: \|`
			`~/.npm`
			`node_modules`
			`key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}`
			`restore-keys: \|`
			`${{ runner.os }}-node-`
			`gcs-bucket: my-github-cache-bucket`
Add Haskell - Cabal example (#148) * Add Haskell - Cabal example * Add link in main readme.md 2020-01-10 23:07:52 +01:00
Update examples.md 2025-04-11 13:10:01 +05:30			`- name: Install Dependencies`
			`if: steps.cache-deps.outputs.cache-hit != 'true'`
			`run: npm ci`
Add Haskell - Cabal example (#148) * Add Haskell - Cabal example * Add link in main readme.md 2020-01-10 23:07:52 +01:00
Update examples.md 2025-04-11 13:10:01 +05:30			`- name: Build`
			`run: npm run build`
Fix syntax 2021-12-30 11:54:15 +01:00			```
Add Haskell - Cabal example (#148) * Add Haskell - Cabal example * Add link in main readme.md 2020-01-10 23:07:52 +01:00
Update examples.md 2025-04-11 13:10:01 +05:30			`### Separate Restore/Save Actions`
Add example for Haskell Stack 2022-02-22 10:21:09 -08:00
Update examples.md 2025-04-11 13:10:01 +05:30			For more flexible control, you can use the `restore` and `save` actions separately:
Adapt existing Haskell Stack example for Windows The default `STACK_ROOT` is `~/.stack` only on Unix-like operating systems. On Windows, the default is `%APPDATA%/stack` (usually `%HOME%\AppData\Roaming\stack`). On Unix-like OSs, Stack stores GHC and other tools in a `programs` directory in the `STACK_ROOT`. On Windows, Stack stores those tools and MSYS2 in `%LOCALAPPDATA%\Programs\stack` (usually `%HOME%\AppData\Local\Programs\stack`). 2022-06-12 16:45:20 +01:00
Add example for Haskell Stack 2022-02-22 10:21:09 -08:00			```yaml
Update examples.md 2025-04-11 13:10:01 +05:30			`name: Build with GCS Cache (Separate Restore/Save)`
Adapt existing Haskell Stack example for Windows The default `STACK_ROOT` is `~/.stack` only on Unix-like operating systems. On Windows, the default is `%APPDATA%/stack` (usually `%HOME%\AppData\Roaming\stack`). On Unix-like OSs, Stack stores GHC and other tools in a `programs` directory in the `STACK_ROOT`. On Windows, Stack stores those tools and MSYS2 in `%LOCALAPPDATA%\Programs\stack` (usually `%HOME%\AppData\Local\Programs\stack`). 2022-06-12 16:45:20 +01:00
Update examples.md 2025-04-11 13:10:01 +05:30			`on: push`
Move examples to their own page (#13) 2019-10-31 11:36:50 -04:00
Update examples.md 2025-04-11 13:10:01 +05:30			`jobs:`
			`build:`
			`runs-on: ubuntu-latest`

			`permissions:`
			`contents: 'read'`
			`id-token: 'write' # Required for GCP workload identity federation`
Move examples to their own page (#13) 2019-10-31 11:36:50 -04:00
Update examples.md 2025-04-11 13:10:01 +05:30			`steps:`
			`- uses: actions/checkout@v4`
Move examples to their own page (#13) 2019-10-31 11:36:50 -04:00
Update examples.md 2025-04-11 13:10:01 +05:30			`# Set up Google Cloud authentication`
			`- id: auth`
			`uses: google-github-actions/auth@v2`
			`with:`
			`credentials_json: ${{ secrets.GCP_CREDENTIALS }}`
			`# Or use workload identity federation`
Move examples to their own page (#13) 2019-10-31 11:36:50 -04:00
Update examples.md 2025-04-11 13:10:01 +05:30			`- name: Restore Dependencies from Cache`
			`id: cache-deps-restore`
			`uses: danySam/gcs-cache/restore@v1`
			`with:`
			`path: \|`
			`~/.npm`
			`node_modules`
			`key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}`
			`restore-keys: \|`
			`${{ runner.os }}-node-`
			`gcs-bucket: my-github-cache-bucket`
Remove recommendation to cache node_modules (#69) * Update npm caching examples * Fix output name * Remove extra details tag 2019-11-07 21:04:46 -05:00
Update examples.md 2025-04-11 13:10:01 +05:30			`- name: Install Dependencies`
			`if: steps.cache-deps-restore.outputs.cache-hit != 'true'`
			`run: npm ci`
Add note about using setup-node before cache (#351) 2020-06-15 15:55:57 -04:00
Update examples.md 2025-04-11 13:10:01 +05:30			`- name: Build`
			`run: npm run build`
Remove recommendation to cache node_modules (#69) * Update npm caching examples * Fix output name * Remove extra details tag 2019-11-07 21:04:46 -05:00
Update examples.md 2025-04-11 13:10:01 +05:30			`- name: Save Dependencies to Cache`
			`id: cache-deps-save`
			`uses: danySam/gcs-cache/save@v1`
			`with:`
			`path: \|`
			`~/.npm`
			`node_modules`
			`key: ${{ steps.cache-deps-restore.outputs.cache-primary-key }}`
			`gcs-bucket: my-github-cache-bucket`
Updated node example (#1008) * Updated node example * Update examples.md 2022-12-07 14:55:01 +05:30			```

Update examples.md 2025-04-11 13:10:01 +05:30			`### Advanced GCS Cache Examples`
Move examples to their own page (#13) 2019-10-31 11:36:50 -04:00
Update examples.md 2025-04-11 13:10:01 +05:30			`#### Cross-Repository Caching`
Fix Lerna Example (#242) * Fix lerna example * Fix yaml spacing 2020-04-02 10:35:07 -04:00
Update examples.md 2025-04-11 13:10:01 +05:30			`Share caches across multiple repositories using the same GCS bucket:`
Move examples to their own page (#13) 2019-10-31 11:36:50 -04:00
			```yaml
Update examples.md 2025-04-11 13:10:01 +05:30			`name: Build with Shared GCS Cache`
add Yarn 2 cache example 2020-07-02 09:43:52 -04:00
Update examples.md 2025-04-11 13:10:01 +05:30			`on: push`
Golang example tweak - add `go-build` path - rebuild page TOC (#577) 2021-06-01 23:39:29 +10:00
Update examples.md 2025-04-11 13:10:01 +05:30			`jobs:`
			`build:`
			`runs-on: ubuntu-latest`

			`permissions:`
			`contents: 'read'`
			`id-token: 'write'`
add Yarn 2 cache example 2020-07-02 09:43:52 -04:00
Update examples.md 2025-04-11 13:10:01 +05:30			`steps:`
			`- uses: actions/checkout@v4`
Move examples to their own page (#13) 2019-10-31 11:36:50 -04:00
Update examples.md 2025-04-11 13:10:01 +05:30			`# Set up Google Cloud authentication`
			`- uses: google-github-actions/auth@v2`
			`with:`
			`credentials_json: ${{ secrets.GCP_CREDENTIALS }}`
Golang example tweak - add `go-build` path - rebuild page TOC (#577) 2021-06-01 23:39:29 +10:00
Update examples.md 2025-04-11 13:10:01 +05:30			`- name: Shared Cross-Repo Cache`
			`id: shared-cache`
			`uses: danySam/gcs-cache@v1`
Adding examples for OCaml/esy (#199) * Adding examples for esy as a workflow for OCaml files * track v1 instead of v1.1.2 Co-Authored-By: Josh Gross <joshmgross@github.com> * add link in the readme for ocaml-esy * ocaml -> ocaml/reason * link in readme says ocaml/reason Co-authored-by: Josh Gross <joshmgross@github.com> 2020-02-26 22:43:11 +00:00			`with:`
Update examples.md 2025-04-11 13:10:01 +05:30			`path: \|`
			`~/.gradle/caches`
			`~/.gradle/wrapper`
			`key: shared-gradle-${{ hashFiles('*/.gradle', '*/gradle-wrapper.properties') }}`
Adding examples for OCaml/esy (#199) * Adding examples for esy as a workflow for OCaml files * track v1 instead of v1.1.2 Co-Authored-By: Josh Gross <joshmgross@github.com> * add link in the readme for ocaml-esy * ocaml -> ocaml/reason * link in readme says ocaml/reason Co-authored-by: Josh Gross <joshmgross@github.com> 2020-02-26 22:43:11 +00:00			`restore-keys: \|`
Update examples.md 2025-04-11 13:10:01 +05:30			`shared-gradle-`
			`gcs-bucket: shared-company-cache-bucket`
			`gcs-path-prefix: gradle-cache # Optional: organize caches in the bucket`
Add pip examples (#86) 2019-11-13 10:55:05 -05:00
Update examples.md 2025-04-11 13:10:01 +05:30			`# Rest of your workflow`
Add pip examples (#86) 2019-11-13 10:55:05 -05:00			```

Update examples.md 2025-04-11 13:10:01 +05:30			`#### Using Workload Identity Federation (Recommended for Production)`
Add pip examples (#86) 2019-11-13 10:55:05 -05:00
Update examples.md 2025-04-11 13:10:01 +05:30			`For production environments, Google recommends [Workload Identity Federation](https://cloud.google.com/iam/docs/workload-identity-federation) over service account keys for more secure authentication. This approach eliminates the need to manage long-lived service account keys:`
Add pip examples (#86) 2019-11-13 10:55:05 -05:00
			```yaml
Update examples.md 2025-04-11 13:10:01 +05:30			`name: Build with GCS Cache using Workload Identity`
Add pip examples (#86) 2019-11-13 10:55:05 -05:00
Update examples.md 2025-04-11 13:10:01 +05:30			`on: push`
Added a cache example when using matrix 2021-01-12 13:29:18 -05:00
			`jobs:`
			`build:`
Update examples.md 2025-04-11 13:10:01 +05:30			`runs-on: ubuntu-latest`

			`permissions:`
			`contents: 'read'`
			`id-token: 'write' # Required for Workload Identity Federation`
Add renv examples (#151) * Add renv examples * Add link in main readme.md 2020-01-22 09:22:40 +09:00
Update examples.md 2025-04-11 13:10:01 +05:30			`steps:`
			`- uses: actions/checkout@v4`
Update examples.md 2020-07-19 19:52:18 +09:00
Update examples.md 2025-04-11 13:10:01 +05:30			`# Set up Google Cloud authentication with Workload Identity Federation`
			`- id: auth`
			`uses: google-github-actions/auth@v2`
			`with:`
			`# The workload identity provider resource name`
			`workload_identity_provider: projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider`
			`# The service account email address`
			`service_account: my-service-account@my-project.iam.gserviceaccount.com`
			`# Optional: Create credentials file for Google Cloud SDK`
			`create_credentials_file: true`
			`# Optional: Cleanup credentials after job completion`
			`cleanup_credentials: true`

			`- name: Cache Dependencies`
			`id: cache-deps`
			`uses: danySam/gcs-cache@v1`
			`with:`
			`path: path/to/dependencies`
			`key: ${{ runner.os }}-${{ hashFiles('**/lockfiles') }}`
			`gcs-bucket: my-github-cache-bucket`
Update examples.md 2020-07-19 19:52:18 +09:00			```
Add example for Bazel 2021-04-29 19:58:13 +02:00
Update examples.md 2025-04-11 13:10:01 +05:30			`For detailed setup instructions, see the [Google GitHub Actions Auth documentation](https://github.com/google-github-actions/auth). The basic steps include:`
Add example for Bazel 2021-04-29 19:58:13 +02:00
Update examples.md 2025-04-11 13:10:01 +05:30			`1. Create a Workload Identity Pool and Provider in Google Cloud`
			`2. Configure IAM permissions for your service account`
			`3. Store configuration values in GitHub Secrets`
			`4. Add the auth action to your workflow with proper permissions`
Create separate Linux/macOS examples for Bazel 2023-03-13 10:52:18 +01:00
Update examples.md 2025-04-11 13:10:01 +05:30			`Using Workload Identity Federation provides enhanced security since:`
			`- No long-lived credentials need to be stored as GitHub Secrets`
			`- Access is temporary and scoped to just the running workflow`
			`- All access is fully auditable in Google Cloud logs`
Create separate Linux/macOS examples for Bazel 2023-03-13 10:52:18 +01:00
Update examples.md 2025-04-11 13:10:01 +05:30			`## Language-Specific Caching Examples`
Create separate Linux/macOS examples for Bazel 2023-03-13 10:52:18 +01:00
Update examples.md 2025-04-11 13:10:01 +05:30			`- [Bun](#bun)`
			`- [C# - NuGet](#c---nuget)`
			`- [Clojure - Lein Deps](#clojure---lein-deps)`
			`- [D - DUB](#d---dub)`
			`- [POSIX](#posix)`
			`- [Windows](#windows)`