// Complete YAML schema reference for Repository and RepositorySet resources. Use when writing or editing manifests for repo settings, labels, actions, branch protection, rulesets, secrets, variables, or repository defaults.
Complete YAML schema reference for File and FileSet resources. Use when writing manifests to manage files (CODEOWNERS, LICENSE, CI workflows, etc.) in one or more repositories, including templating, patches, reconcile modes, delivery method, and import-into behavior.
CI/CD integration patterns for gh-infra: auto-apply on merge, scheduled drift detection, self-managed vs central-management layouts, and authentication setup for GitHub Actions workflows.
Overview of gh-infra and command workflow (import, validate, plan, apply). Use when managing GitHub repository settings, labels, actions settings, rulesets, secrets, variables, or files declaratively via YAML manifests.
Use when pulling live GitHub state back into existing gh-infra manifests with `gh infra import --into`, especially for write/patch/skip decisions, shared file sources, template-backed files, and import safety rules.
Use when running demo recordings, diagnosing recording failures, or regenerating GIFs from existing MP4s. Covers the Docker + VHS + ffmpeg pipeline.
Use when creating new VHS demo tapes or editing existing ones. Covers tape syntax, setup scripts, mock-gh data layout, and the checklist for adding a new demo end-to-end.
| name | repository-manifest |
| description | Complete YAML schema reference for Repository and RepositorySet resources. Use when writing or editing manifests for repo settings, labels, actions, branch protection, rulesets, secrets, variables, or repository defaults. |
Use this skill when editing repository-side manifests. Keep the body small and load references only as needed.
spec fields are optional. Omitted fields are left unchanged on GitHub.Repository manages one repository.RepositorySet manages many repositories with shared defaults.rulesets over classic branch_protection.${ENV_*} indirection, never literal secrets.apiVersion: gh-infra/v1
kind: Repository
metadata:
owner: my-org
name: my-repo
reconcile: # optional; controls collection reconciliation
rulesets: additive # additive (default) | authoritative
labels: additive
spec:
# declare only managed fields
Read these references as needed:
Use RepositorySet when many repositories share defaults.
apiVersion: gh-infra/v1
kind: RepositorySet
metadata:
owner: my-org
defaults:
reconcile:
rulesets: authoritative
labels: additive
spec:
visibility: public
features:
wiki: false
merge_strategy:
allow_squash_merge: true
allow_rebase_merge: false
auto_delete_head_branches: true
rulesets:
- name: protect-main
target: branch
enforcement: active
conditions:
ref_name:
include: ["refs/heads/main"]
rules:
pull_request:
required_approving_review_count: 1
non_fast_forward: true
repositories:
- name: repo-a
spec:
description: "Service A"
topics: [go, api]
- name: repo-b
spec:
description: "Service B"
topics: [python, cli]
features:
wiki: true
Override behavior matters:
This means topics replace the default list, while labels and reconcile.labels are merged by key/collection.
Read references/repository-set.md for the exact merge rules.
actions.enabled is required when setting any other actions.* fieldactions.selected_actions is valid only with allowed_actions: selectedreconcile.labels: authoritative, reconcile.rulesets: authoritative, and reconcile.branch_protection: authoritative delete undeclared remote entries; review plan carefullyreconcile without a corresponding spec collection is no-op; a collection is managed only when it appears in speclabel_sync: mirror is deprecated; use reconcile.labels: authoritativegh infra import --into, use the dedicated import-into skillgh infra validate <path>
gh infra plan <path>