DEV.co
Open-Source DevOps · bahdotsh

wrkflw

WRKFLW is a command-line tool that lets you validate and run GitHub Actions workflows on your local machine before pushing to GitHub. It supports multiple execution modes (Docker, Podman, or no containers) and includes a terminal UI for interactive workflow management.

Source: GitHub — github.com/bahdotsh/wrkflw
3.3k
GitHub stars
59
Forks
Rust
Primary language
MIT
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositorybahdotsh/wrkflw
Ownerbahdotsh
Primary languageRust
LicenseMIT — OSI-approved
Stars3.3k
Forks59
Open issues7
Latest releasev0.8.0 (2026-04-21)
Last updated2026-07-03
Sourcehttps://github.com/bahdotsh/wrkflw

What wrkflw is

A Rust-based CLI that parses and executes GitHub Actions YAML, supporting job dependencies, matrix builds, composite actions, reusable workflows, expression evaluation, and multiple runtime backends. Includes workflow validation with CI/CD-friendly exit codes and trigger-aware filtering based on file diffs.

Quickstart

Get the wrkflw source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/bahdotsh/wrkflw.gitcd wrkflw# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Pre-commit workflow validation

Validate syntax and structure of GitHub Actions workflows locally before pushing, catching errors with exit codes suitable for CI pipelines.

Local workflow development and debugging

Iterate on complex workflows (matrix builds, composite actions, reusable workflows) without committing to GitHub, using Docker or emulation modes.

Watch-mode continuous testing during development

Automatically re-run affected workflows on file changes with trigger-aware filtering, simulating pull_request or push events with file diffs.

Implementation considerations

  • Requires Docker, Podman, or host OS to run workflows; emulation and secure-emulation modes exist but may not cover all shell/language scenarios.
  • Job dependencies are resolved correctly, but `concurrency:` groups are parsed but not enforced.
  • Expression evaluator supports common functions but functionality gaps may exist for edge cases.
  • Private repos in `uses:` statements require authentication workarounds outside the tool.
  • Watch mode requires git to detect changed files; you can also supply `--changed-files` explicitly.

When to avoid it — and what to weigh

  • You require Windows or macOS runner simulation — Tool silently maps Windows/macOS runners to container images; `${{ runner.os }}` reflects host OS, not the declared `runs-on`.
  • You need service container support — `services:` blocks are parsed but never started, so workflows depending on MySQL, Redis, or other services will fail.
  • You use private repos for remote reusable workflows — Remote `uses:` are cloned unauthenticated over HTTPS, so private repositories cannot be accessed.
  • You need GitHub encrypted secrets or fine-grained permissions — These are not yet supported; only basic secret management via env, file, or external vaults (AWS, Azure, GCP, Vault) is available.

License & commercial use

MIT License — permissive, OSI-approved. Allows commercial use, modification, and distribution with minimal restrictions (retain copyright notice).

MIT is a standard permissive license that explicitly permits commercial use. No proprietary extensions or restricted licenses detected. Suitable for commercial products and services. Confirm with legal if integrating into closed-source software, though MIT does not restrict that either.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationStrong
License clarityClear
Deployment complexityLow
DEV.co fitStrong
Assessment confidenceHigh
Security considerations

Secure-emulation mode sandboxes host processes with filesystem/network restrictions, avoiding full container overhead for untrusted workflows. Supports AES-256-GCM encryption for stored secrets. Masking of secrets in logs is mentioned. No details on vulnerability disclosure policy or security audit history; usual open-source practices apply. Users should review code before executing arbitrary workflows.

Alternatives to consider

act (nektos/act)

Docker-first local GitHub Actions runner; more mature and widely adopted. Lacks TUI, watch mode, and some advanced features like secure-emulation.

github-runner (official GitHub Actions Runner)

Official runner for self-hosted deployments. Not designed for local dev; focuses on on-premise CI infrastructure rather than laptop testing.

WorkflowCI (GitHub UI)

Native GitHub UI for workflow authoring and debugging. Requires pushing commits; no local-first iteration or watch mode.

Software development agency

Build on wrkflw with DEV.co software developers

Install WRKFLW via Homebrew or cargo and start validating your GitHub Actions in minutes. No pushing to GitHub required.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

wrkflw FAQ

Does WRKFLW require Docker?
No. Docker and Podman are optional. Use `--runtime emulation` or `--runtime secure-emulation` to run workflows without containers.
Can I use WRKFLW in a CI/CD pipeline (e.g., as a linter)?
Yes. Exit codes (0 = pass, 1 = fail, 2 = usage error) and `--no-exit-code` flag make it CI-friendly. Run `wrkflw validate` to lint workflows in your pipeline.
Does WRKFLW support GitHub encrypted secrets?
Not yet. Use environment variables, `.env` files, or external secret vaults (AWS, Azure, GCP, Vault) instead.
Can I run workflows from private GitHub repositories with `uses:`?
Not yet. Remote `uses:` are cloned unauthenticated. Local reusable workflows (`./.github/workflows/shared.yml`) work fine.

Software developers & web developers for hire

From first prototype to production, DEV.co delivers software development services around tools like wrkflw. Our software development agency staffs experienced software developers and web developers for custom software development, web development, integrations, and ongoing support across open-source devops and beyond.

Ready to test workflows locally?

Install WRKFLW via Homebrew or cargo and start validating your GitHub Actions in minutes. No pushing to GitHub required.