- How to run a
dry-runfor a Jenkins job. - Where to find logs and the generated workflow file.
- How to supply credentials and control conversion behavior.
- Key flags and options to customize the dry-run output.
1. Run the dry-run command
Use thegh plugin for the GitHub Actions Importer to perform a dry run. Replace --source-url with the URL of the Jenkins job you want to convert and set --output-dir to the directory where the converted files should be written.
2. Inspect the logfile
A detailed logfile is produced in the output directory. The log shows the importer requesting the job’sconfig.xml, locating transformers for Jenkins features, and writing the workflow YAML. This helps you identify any gaps in the conversion or steps that may need manual adjustment.
Example excerpt from the logfile:
3. Open the generated workflow YAML
The dry-run writes the converted workflow YAML under the specified output directory. Review the file to validate the conversion, adjust environment mappings, secrets, or steps as needed. Example converted workflow (trimmed and corrected for clarity):- Jenkins environment variables are mapped into
env:(secrets preserved assecrets.*where possible). - Shell steps are converted into
runsteps using a singlebashscript block. - Sensitive values are preserved as secret references when they could be detected.
Use
dry-run when you want a local, inspectable conversion of a Jenkins job before migrating it into a repository. It helps validate transformation choices (actions, transformers, secrets) without modifying your repos.4. Why use dry-run instead of audit?
Bothaudit and dry-run can help with migration analysis, but dry-run is designed for safe, iterative conversions:
- Writes the converted workflow to disk for local inspection and testing.
- Produces detailed logs that indicate transformer choices and potential issues.
- Accepts overrides (credentials, allowed actions, custom transformers, features) on a per-run basis so you can simulate different migration settings.
5. Common options for dry-run
Run--help to see the full list of options:
| Flag | Purpose | Example |
|---|---|---|
-s, --source-url <source-url> | The URL of the Jenkins job to migrate (REQUIRED). | --source-url "http://jenkins.example.com/job/MyJob/" |
-o, --output-dir <output-dir> | Destination for the generated files (REQUIRED). | --output-dir tmp/dry-run |
-u, --jenkins-instance-url <jenkins-instance-url> | Jenkins instance base URL. | --jenkins-instance-url "http://jenkins.example.com" |
-n, --jenkins-username <jenkins-username> | Username for the Jenkins instance. | --jenkins-username siddharth |
-t, --jenkins-access-token <jenkins-access-token> | Access token for Jenkins. | --jenkins-access-token xxxxxxxxx |
--github-access-token <github-access-token> | Access token for GitHub (used for telemetry or repo access if provided). | --github-access-token ghp_XXXX |
--allowed-actions <allowed-actions> | Comma-separated list to restrict mapped GitHub Actions. | --allowed-actions actions/checkout@v4,actions/setup-node@v3 |
--custom-transformers <custom-transformers> | Paths to custom transformer files for special Jenkins steps. | --custom-transformers ./my_transformers.rb |
--enable-features / --disable-features | Toggle specific GHES/feature flags used during transformation. | --enable-features someFeature |
`--yaml-verbosity <info|minimal|quiet>` | Control the verbosity of YAML output. | --yaml-verbosity info |
--no-telemetry | Disable telemetry during the dry-run. | --no-telemetry |
--no-ssl-verify | Disable SSL certificate verification for HTTP requests. | --no-ssl-verify |
--credentials-file, --source-file-path, and --github-instance-url. Use --help for complete details.
6. Supplying credentials and overrides
You can provide Jenkins and GitHub credentials either through environment variables or by passing the corresponding CLI flags. Example environment variables (replace placeholders with real tokens/URLs):7. Allowed actions, transformers, and features
--allowed-actions: Restrict which GitHub Actions the importer may map Jenkins steps to. Useful to enforce an approved action list.--allow-verified-actionsand--allow-github-created-actions: Enforce stricter policies for action selection during conversion.--custom-transformers: Provide custom conversion logic for Jenkins plugins or steps not covered by built-in transformers.--enable-features/--disable-features: Toggle features that influence how the importer maps Jenkins behavior to GitHub Actions capabilities.
8. Summary and next steps
gh actions-importer dry-run jenkinsconverts a Jenkins job into a GitHub Actions YAML file and writes it to disk without creating PRs.- Inspect the logfile and generated YAML to validate the conversion and identify any manual adjustments required.
- Use CLI flags or environment variables to control credentials, allowed actions, transformers, and features.
- After validating the dry-run output, proceed with a final migrate step or manually commit the generated workflow to your repo.