.shipfox/workflows/*.yml. The schema is strict — unknown keys are rejected everywhere. Use this reference when authoring or debugging workflow files.
Top-level fields
Human-readable workflow name. Must be at least one character.
Default runner label or list of labels for all jobs in this workflow. Individual jobs can override this value with their own
runner field.Environment variables applied to
run steps across the entire workflow. Keys must follow POSIX-style naming ([A-Za-z_][A-Za-z0-9_]*). Values may be a string, number, or boolean. Numbers and booleans are stringified before a run is saved. This field is applied to run steps only — it has no effect on agent steps.Named trigger entries that define when this workflow runs. Each key is a user-chosen trigger name; each value is a trigger object (see Trigger fields below). If present, at least one entry is required.
Named job entries that define the work to perform. Each key is a user-chosen job name; each value is a job object (see Job fields below). At least one entry is required.
Trigger fields
Where the event comes from. For an integration this is the connection slug (e.g.,
github_acme, sentry_acme) — not the bare provider name; a source that matches no connection slug is stored but never fires. For on-demand runs it is the literal string manual. See the Trigger Sources reference.The event name from the named source (e.g.,
push, issue.created, fire).A CEL expression that narrows which events fire this trigger (e.g.,
event.ref == "refs/heads/main"). The expression is parsed and stored but not yet evaluated — the trigger fires on every matching (source, event) pair regardless of filter content.Extra source-specific configuration. The shape is source-defined; Shipfox stores it verbatim and passes it to the integration.
Job fields
The ordered list of steps this job executes. At least one step is required. Each step is either a run step or an agent step — see Step fields below.
Name(s) of other jobs that must complete successfully before this job starts. Jobs without
needs run in parallel by default.Runner label(s) for this specific job. Overrides the workflow-level
runner if set.Environment variables scoped to this job’s run steps. Merged with workflow-level
env; job-level values take precedence over workflow-level values for the same key.Maximum duration allowed for this job before it is cancelled (e.g.,
"30m", "2h").A CEL expression that decides whether the job succeeded once all its executions settle, with
executions (a list of {index, status}) in scope. Defaults to all executions succeeding. See Expressions.Declares the job’s repository-checkout intent:
permissions.contents (read or write, default read) and persist-credentials (boolean, default true — keep the checkout credential available to later steps). Omit the block for a read-only checkout with persisted credentials.Turns the job into a listening job that reacts to events inside the run (🚧 coming soon — the field parses and validates, but listening jobs do not execute yet).
Optional display name for this job, shown in the dashboard run view.
Step fields
A step is either a run step or an agent step. The two kinds share one strict object so unknown keys are always rejected. See Constraints for which keys are mutually exclusive.Run step fields
The shell command to execute on the runner. Must be at least one character.
Displayed in the dashboard log. Display-only — to reference a step from
restart_from, give it a key:.Optional stable identifier for this step. Useful for referencing the step programmatically. Must be at least one character.
Step-level environment variables. Merged with job and workflow env; step-level values take the highest precedence.
Gate and retry configuration. See Gate fields below.
Agent step fields
The instruction given to the AI model. Must be at least one character. Required on any step that also sets
model, thinking, or provider.Model ID to use for this step (e.g.,
claude-opus-4-8, gpt-5.5-pro). Uses the workspace default if omitted.Reasoning depth for the model. Accepted values:
off, minimal, low, medium, high, xhigh. Default: high.Provider ID for the model (e.g.,
anthropic, openai, deepseek). Uses the workspace default if omitted. See the Provider IDs reference for all supported values.Optional step name, displayed in the dashboard log.
Optional stable identifier for this step. Must be at least one character.
Gate and retry configuration. See Gate fields below.
Gate fields
A gate block must contain at least one ofsuccess_if or on_failure.
A CEL expression evaluated after the step completes. The variable
exit_code (integer) is available. Example: exit_code == 0.The
key of an earlier step in the same job to restart from when this step fails. The referenced step must have a key: and appear before this step in the job’s step list (name: is display-only and cannot be referenced).A message to surface in the run log when the step fails.
Validation rules
Provider IDs
The following provider IDs are supported in theprovider field of an agent step:
anthropic, ant-ling, azure-openai-responses, openai, deepseek, nvidia, google, mistral, groq, cerebras, cloudflare-ai-gateway, cloudflare-workers-ai, xai, openrouter, vercel-ai-gateway, zai, zai-coding-cn, opencode, opencode-go, huggingface, fireworks, together, kimi-coding, minimax, minimax-cn, moonshotai, moonshotai-cn, xiaomi, xiaomi-token-plan-cn, xiaomi-token-plan-ams, xiaomi-token-plan-sgp
The following IDs are recognised but not currently supported: amazon-bedrock, google-vertex, openai-codex, github-copilot.