GitHub natively supports workflow automation through GitHub Actions. Yet, workflow maintenance is often considered a burden for software developers, who frequently face difficulties in writing, testing, debugging, and maintaining workflows. Little knowledge exists concerning the automation and reuse practices favoured by workflow practitioners. We therefore surveyed 419 practitioners to elucidate good and bad workflow development practices and to identify opportunities for supporting workflow maintenance. Specifically, we investigate the tasks that practitioners tend to automate using GitHub Actions, their preferred workflow creation mechanisms, and the non-functional characteristics they prioritise. We also examine the practices and challenges associated with GitHub's workflow reuse mechanisms. We observe a tendency to focus automation efforts on core CI/CD tasks, with less emphasis on crucial areas like security analysis and performance monitoring. Practitioners strongly rely on reusable Actions, but reusable workflows see less frequent adoption. Furthermore, we observed challenges with Action versioning and maintenance. Copy-pasting remains a common practice to have more control and avoid the complexity of depending on reusable components. These insights suggest the need for improved tooling, enhanced support for a wide range of automation tasks, and better mechanisms for discovering, managing, and trusting reusable workflow components.

翻译：GitHub原生支持通过GitHub Actions实现工作流自动化。然而，工作流维护通常被软件开发人员视为负担，他们在编写、测试、调试和维护工作流时经常面临困难。关于工作流从业者偏好的自动化与复用实践，目前知之甚少。为此，我们调查了419名从业者，以阐明良好与不良的工作流开发实践，并识别支持工作流维护的潜在机会。具体而言，我们研究了从业者倾向于使用GitHub Actions自动化的任务类型、他们偏好的工作流创建机制以及他们优先考虑的非功能性特征。我们还考察了与GitHub工作流复用机制相关的实践与挑战。我们观察到自动化工作倾向于集中在核心CI/CD任务上，而对安全分析和性能监控等关键领域的关注较少。从业者高度依赖可复用的Actions，但可复用工作流的采用频率较低。此外，我们观察到Action版本控制与维护方面存在挑战。复制粘贴仍然是常见做法，以获得更多控制权并避免依赖可复用组件带来的复杂性。这些发现表明，需要改进工具链、增强对广泛自动化任务的支持，并提供更好的可复用工作流组件的发现、管理与信任机制。