gh.
Prerequisites
- A Jenkins account or organization containing the pipelines you plan to migrate.
- Permission to create a Jenkins personal API token (a Jenkins user or admin with token creation rights).
- A GitHub account with permission to create a personal access token (classic) for the destination GitHub user or organization.
- An environment capable of running Linux-based containers (Docker) and with the GitHub CLI installed.
| Credential | Purpose | Recommended scopes / notes |
|---|---|---|
| GitHub personal access token (classic) | Push workflows, create repos if needed | repo scope; add org-level scopes if migrating into an organization |
| Jenkins personal API token | Read jobs and pipelines | Token must belong to a user with read access to relevant jobs |
| Jenkins username | Used with Jenkins API token | Ensure it corresponds to the token owner |
- The GitHub Actions Importer is distributed as an extension for the GitHub CLI. Extensions add custom
ghcommands that guide planning, testing, and migrating Jenkins jobs into GitHub Actions workflows.
- Install the extension with
gh:
- Confirm the extension is installed and view available commands:
- Configure the extension to store the credentials and endpoints it needs to access GitHub and Jenkins:
-
The command is interactive. Select the CI provider(s) to configure (choose Jenkins) and provide the following:
- GitHub personal access token (classic) — required to push workflows or create repositories.
- Base URL of the GitHub instance — use
https://github.comfor GitHub.com or your Enterprise URL for GitHub Enterprise Server. - Jenkins personal API token — the token generated for the Jenkins user.
- Jenkins username — the account that owns the Jenkins API token.
- Base URL of the Jenkins instance — e.g.,
https://jenkins-url.com.
- When complete, these settings are stored in your local
ghconfiguration so subsequentgh actions-importercommands can authenticate to the configured Jenkins and GitHub instances.
Ensure your GitHub personal access token has the necessary scopes (for example,
repo and any required organization permissions). For Jenkins, use an API token tied to a user with sufficient access to read the jobs and pipelines you plan to migrate.Do not expose personal access tokens or Jenkins API tokens in logs, screenshots, or shared files. Treat these tokens like passwords and rotate them immediately if they are accidentally exposed.
- After configuration, start with:
| Command | Purpose |
|---|---|
gh actions-importer configure | Store credentials/endpoints for Jenkins and GitHub |
gh actions-importer plan | Analyze Jenkins jobs and produce a migration plan |
gh actions-importer migrate | Execute a migration (dry-run or actual) |
gh actions-importer update | Update the extension to the latest version |
gh actions-importer version | Show the extension version |
- Run
gh actions-importer planto analyze your Jenkins instance and generate a migration plan. - Audit your Jenkins jobs and configurations before migrating—review job triggers, secrets, and any environment-specific steps.
- Test migrations using the extension’s dry-run/migrate options before applying changes to production repositories.