GitHub Actions Cron API Endpoint Caller

Implement secure, scheduled API endpoint calls from GitHub Actions workflows with detailed logging, error handling, and performance metrics. Perfect for triggering cron jobs, processing queues, or executing scheduled tasks via HTTP APIs.

What This Skill Does

This skill helps you create robust GitHub Actions workflows that make authenticated POST requests to API endpoints on a schedule. It includes comprehensive error handling, response parsing, request metrics tracking, and secret validation.

Use Cases

Implementation Instructions

1. GitHub Actions Workflow Setup

Create `.github/workflows/cron-job.yml`:

```yaml

name: Process Scheduled Jobs

on:

schedule:

# Run every hour at minute 0

- cron: '0 * * * *'

workflow_dispatch: # Allow manual triggers

jobs:

process-jobs:

runs-on: ubuntu-latest

steps:

- name: Validate secrets

run: |

if [ -z "${{ secrets.CRON_SECRET }}" ]; then

echo "Error: CRON_SECRET secret is not set"

exit 1

fi

echo "Required secrets are set"

- name: Call API endpoint

run: |

# Set your API endpoint URL

API_URL="https://your-domain.com"

echo "Processing jobs at: $(date -u '+%Y-%m-%d %H:%M:%S UTC')"

echo "Making request to: ${API_URL}/api/jobs/process"

# Make authenticated POST request with metrics

response=$(curl -X POST "${API_URL}/api/jobs/process" \

-H "Authorization: Bearer ${{ secrets.CRON_SECRET }}" \

-H "Content-Type: application/json" \

-H "x-cron-trigger: 1" \

-w "\n%{http_code}\n%{url_effective}\n%{time_total}\n%{size_download}\n%{speed_download}" \

-L \

-s)

# Parse response components

body=$(echo "$response" | sed 'N;$!N;$!N;$!N;$d')

status_code=$(echo "$response" | tail -n5 | head -n1)

url_effective=$(echo "$response" | tail -n4 | head -n1)

time_total=$(echo "$response" | tail -n3 | head -n1)

size_download=$(echo "$response" | tail -n2 | head -n1)

speed_download=$(echo "$response" | tail -n1)

# Log metrics

echo "Response body: $body"

echo "Status code: $status_code"

echo "Final URL: $url_effective"

echo "Request time: ${time_total}s"

echo "Response size: ${size_download} bytes"

echo "Download speed: ${speed_download} bytes/sec"

# Check for errors

if [ "$status_code" -ge 400 ]; then

echo "Error: Request failed with status $status_code"

echo "Full response: $response"

exit 1

fi

echo "Job processing completed successfully"

```

2. Configure GitHub Secrets

Add these secrets to your repository (Settings → Secrets and variables → Actions):

3. API Endpoint Implementation

Create your API endpoint that handles the cron requests:

```typescript

// Example Next.js API route: /api/jobs/process/route.ts

export async function POST(request: Request) {

// Validate authentication

const authHeader = request.headers.get('authorization');

const token = authHeader?.replace('Bearer ', '');

if (token !== process.env.CRON_SECRET) {

return Response.json({ error: 'Unauthorized' }, { status: 401 });

}

// Verify cron trigger header

const isCronTrigger = request.headers.get('x-cron-trigger') === '1';

try {

// Execute your job logic here

const result = await processScheduledJobs();

return Response.json({

success: true,

processed: result.count,

timestamp: new Date().toISOString()

});

} catch (error) {

console.error('Job processing failed:', error);

return Response.json(

{ error: 'Processing failed' },

{ status: 500 }

);

}

}

```

4. Customize for Your Use Case

**Schedule Options:**

```yaml

Every 15 minutes

Every 6 hours

Daily at midnight UTC

Weekdays at 9 AM UTC

```

**Additional Headers:**

```bash

-H "X-Custom-Header: value" \

-H "User-Agent: GitHub-Actions-Cron/1.0"

```

**POST with JSON body:**

```bash

-d '{"action":"process","limit":100}' \

```

**Timeout configuration:**

```bash

--max-time 300 \ # 5 minute timeout

```

Key Features

1. **Secret Validation**: Checks required secrets before execution

2. **Comprehensive Logging**: Timestamps, URLs, status codes, and metrics

3. **Error Handling**: Exits with error code on HTTP 4xx/5xx responses

4. **Request Metrics**: Tracks response time, size, and download speed

5. **Follow Redirects**: `-L` flag handles URL redirects automatically

6. **Manual Trigger**: `workflow_dispatch` allows on-demand execution

7. **Bearer Authentication**: Standard token-based auth pattern

Testing

**Manual trigger via GitHub UI:**

1. Go to Actions tab in your repository

2. Select your workflow

3. Click "Run workflow" dropdown

4. Click "Run workflow" button

**Test locally with curl:**

```bash

curl -X POST "https://your-domain.com/api/jobs/process" \

-H "Authorization: Bearer your-secret-token" \

-H "Content-Type: application/json" \

-v

```

Troubleshooting

**Error: Exit code 35**

**Error: Unauthorized (401)**

**Error: Timeout**

Security Notes

Example Output

```

Processing jobs at: 2026-02-03 14:30:00 UTC

Making request to: https://your-domain.com/api/jobs/process

Response body: {"success":true,"processed":42}

Status code: 200

Final URL: https://your-domain.com/api/jobs/process

Request time: 1.234s

Response size: 45 bytes

Download speed: 36.5 bytes/sec

Job processing completed successfully

```