General purpose reusable Github Action workflows
This project is part of our comprehensive "SweetOps" approach towards DevOps.
It's 100% Open Source and licensed under the APACHE2.
Introduction
Use provided GitHub Actions reusable workflows to implement consistent release workflow for Github Actions repositories across your organization. Avoid duplication and simplify maintain of the workflows.
Workflows
| Name | Description |
|---|---|
| CD - Deploy to EKS with ArgoCD and Helmfile | Deploy Docker image to EKS with ArgoCD and Helmfile |
| CD - Deploy to ECS with Spacelift | Deploy Docker image to ECS with Spacelift |
| CD - Deploy to EKS with Helmfile | Deploy Docker image to EKS with Helmfile |
| CD - Deploy to EKS Preview envs with Helmfile | Deploy Docker image to ECS Preview envs with Helmfile |
| CD - Deploy to ECS QA/Preview envs with Spacelift | Deploy Docker image to ECS QA/Preview envs with Spacelift |
| CD - Deploy to EKS Preview envs with Helmfile | Deploy Docker image to ECS Preview envs with Helmfile |
| CI - Codeowners | Validate CODEOWNERS and suggest changes |
| CI - Build Docker image | Build Docker image and push it to ECR |
| CI - Promote or build Docker image | Promote or build Docker image and push it to ECR |
| CI - Promote Docker image | Promote Docker image to specific version tag and push it to ECR |
| CI - Verify Docker image exists | Verify Docker image exists on ECR |
| CI - Readme | Validate README.yaml, README.md and suggest changes |
| CI - Terraform ChatOps | Trigger terraform tests using ChatOps |
| CI - Terraform | Lint, format and validate terraform code |
| CI - Check dist Directory | This workflow helps ensure that generated contents of the dist directory matches the output of the yarn build |
| Controller - Draft release | Create or update draft release |
| Controller - Reingtegrate hotfix branch | Create PR into target\_branch to reintegrate hotfix from current branch |
| Controller - Create Release branch | Create release/{version} branch for the release |
| Controller - Create hotfix release | Create next patch version release |
| Controller - Labels | Label a pull request with one or more labels |
| Controller - Monorepo Controller | Mocked monorepo controller that outputs list of applications, lists of apps with and without changes. |
| Controller - Release | Create a github release |
| Scheduled Context | Scheduled update of context.tf and related docs |
| Scheduled Readme | Scheduled update of readme.md |
CD - Deploy to EKS with ArgoCD and Helmfile
Deploy Docker image to EKS with ArgoCD and Helmfile
Usage
name: Deploy on: push: branches: [ main ] jobs: cd: uses: cloudposse/github-actions-workflows/.github/workflows/cd-argocd.yml@main with: image: registry.hub.docker.com/library/nginx tag: latest repository: ${{ github.event.repository.name }} environment: dev secrets: secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }} github-private-actions-pat: ${{ secrets.github-private-actions-pat }}
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| environment | Environment name deploy to | string | N/A | true |
| image | Docker Image to deploy | string | N/A | true |
| organization | Repository owner organization (ex. acme for repo acme/example) | string | N/A | true |
| repository | Repository name (ex. example for repo acme/example) | string | N/A | true |
| synchronously | Wait until ArgoCD successfully apply the changes | boolean | false | false |
| tag | Docker Image tag to deploy | string | N/A | true |
Secrets
| Name | Description | Required |
|---|---|---|
| github-private-actions-pat | Github PAT allow to pull private repos | true |
| secret-outputs-passphrase | Passphrase to encrypt/decrypt secret outputs with gpg. For more information read | true |
CD - Deploy to ECS with Spacelift
Deploy Docker image to ECS with Spacelift
Usage
name: Deploy on: push: branches: [ main ] jobs: cd: uses: cloudposse/github-actions-workflows/.github/workflows/cd-ecs.yml@main with: image: registry.hub.docker.com/library/nginx tag: latest repository: ${{ github.event.repository.name }} environment: dev spacelift-organization: ${{ inputs.spacelift-organization }} secrets: secret-outputs-passphrase: "${{ secrets.secret-outputs-passphrase }}" github-private-actions-pat: "${{ secrets.github-private-actions-pat }}" spacelift-api-key-id: "${{ secrets.spacelift-api-key-id }}" spacelift-api-key-secret: "${{ secrets.spacelift-api-key-secret }}"
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| app | Application name. Used with monorepo pattern when there are several applications in the repo | string | N/A | false |
| environment | Environment name deploy to | string | N/A | true |
| image | Docker Image to deploy | string | N/A | true |
| matrix-key | Matrix key - matrix output workaround. Read more | string | N/A | false |
| matrix-step-name | Matrix step name - matrix output workaround. Read more | string | N/A | false |
| repository | Repository name (ex. example for repo acme/example) | string | N/A | true |
| spacelift-organization | Spacelift organization name | string | N/A | true |
| tag | Docker Image tag to deploy | string | N/A | true |
Secrets
| Name | Description | Required |
|---|---|---|
| github-private-actions-pat | Github PAT allow to pull private repos | true |
| secret-outputs-passphrase | Passphrase to encrypt/decrypt secret outputs with gpg. For more information read | true |
| spacelift-api-key-id | Spacelift API Key ID | true |
| spacelift-api-key-secret | Spacelift API Key Secret | true |
CD - Deploy to EKS with Helmfile
Deploy Docker image to EKS with Helmfile
Usage
name: Deploy on: push: branches: [ main ] jobs: cd: uses: cloudposse/github-actions-workflows/.github/workflows/cd-helmfile.yml@main with: image: registry.hub.docker.com/library/nginx tag: latest repository: ${{ github.event.repository.name }} environment: dev secrets: secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }} github-private-actions-pat: ${{ secrets.github-private-actions-pat }}
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| environment | Environment name deploy to | string | N/A | true |
| image | Docker Image to deploy | string | N/A | true |
| repository | Repository name (ex. example for repo acme/example) | string | N/A | true |
| tag | Docker Image tag to deploy | string | N/A | true |
Secrets
| Name | Description | Required |
|---|---|---|
| github-private-actions-pat | Github PAT allow to pull private repos | true |
| secret-outputs-passphrase | Passphrase to encrypt/decrypt secret outputs with gpg. For more information read | true |
CD - Deploy to EKS Preview envs with Helmfile
Deploy Docker image to ECS Preview envs with Helmfile
Usage
name: Feature Branch on: pull_request: branches: [ 'master' ] types: [opened, synchronize, reopened, closed, labeled, unlabeled] jobs: cd: uses: cloudposse/github-actions-workflows/.github/workflows/cd-preview-helmfile.yml@main if: ${{ always() }} with: image: registry.hub.docker.com/library/nginx tag: latest repository: ${{ github.event.repository.name }} open: ${{ github.event.pull_request.state == 'open' }} labels: ${{ toJSON(github.event.pull_request.labels.*.name) }} ref: ${{ github.event.pull_request.head.ref }} exclusive: false env-label: | preview: deploy secrets: secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }} github-private-actions-pat: ${{ secrets.github-private-actions-pat }}
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| env-label | YAML formatted {environment}: {label} map | string | preview: deploy |
false |
| exclusive | Deactivate previous GitHub deployments | boolean | true | false |
| image | Docker Image to deploy | string | N/A | true |
| labels | Pull Request labels | string | {} | false |
| open | Pull Request open/close state. Set true if opened | boolean | N/A | true |
| organization | Repository owner organization (ex. acme for repo acme/example) | string | N/A | true |
| ref | The fully-formed ref of the branch or tag that triggered the workflow run | string | N/A | true |
| repository | Repository name (ex. example for repo acme/example) | string | N/A | true |
| synchronously | Wait until ArgoCD successfully apply the changes | boolean | false | false |
| tag | Docker Image tag to deploy | string | N/A | true |
Secrets
| Name | Description | Required |
|---|---|---|
| github-private-actions-pat | Github PAT allow to pull private repos | true |
| secret-outputs-passphrase | Passphrase to encrypt/decrypt secret outputs with gpg. For more information read | true |
CD - Deploy to ECS QA/Preview envs with Spacelift
Deploy Docker image to ECS QA/Preview envs with Spacelift
Usage
name: Feature Branch on: pull_request: branches: [ 'master' ] types: [opened, synchronize, reopened, closed, labeled, unlabeled] jobs: cd: uses: cloudposse/github-actions-workflows/.github/workflows/cd-preview-ecs.yml@main if: ${{ always() }} with: image: registry.hub.docker.com/library/nginx tag: latest repository: ${{ github.event.repository.name }} spacelift-organization: ${{ inputs.spacelift-organization }} open: ${{ github.event.pull_request.state == 'open' }} labels: ${{ toJSON(github.event.pull_request.labels.*.name) }} ref: ${{ github.event.pull_request.head.ref }} exclusive: true env-label: | qa1: deploy/qa1 qa2: deploy/qa2 qa3: deploy/qa3 qa4: deploy/qa4 secrets: secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }} github-private-actions-pat: ${{ secrets.github-private-actions-pat }} spacelift-api-key-id: "${{ secrets.spacelift-api-key-id }}" spacelift-api-key-secret: "${{ secrets.spacelift-api-key-secret }}"
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| app | Application name. Used with monorepo pattern when there are several applications in the repo | string | N/A | false |
| env-label | YAML formatted {environment}: {label} map | string | preview: deploy |
false |
| exclusive | Deactivate previous GitHub deployments | boolean | true | false |
| image | Docker Image to deploy | string | N/A | true |
| labels | Pull Request labels | string | {} | false |
| matrix-key | Matrix key - matrix output workaround. Read more | string | N/A | false |
| matrix-step-name | Matrix step name - matrix output workaround. Read more | string | N/A | false |
| open | Pull Request open/close state. Set true if opened | boolean | N/A | true |
| ref | The fully-formed ref of the branch or tag that triggered the workflow run | string | N/A | true |
| repository | Repository name (ex. example for repo acme/example) | string | N/A | true |
| spacelift-organization | Spacelift organization name | string | N/A | true |
| tag | Docker Image tag to deploy | string | N/A | true |
Secrets
| Name | Description | Required |
|---|---|---|
| github-private-actions-pat | Github PAT allow to pull private repos | true |
| secret-outputs-passphrase | Passphrase to encrypt/decrypt secret outputs with gpg. For more information read | true |
| spacelift-api-key-id | Spacelift API Key ID | true |
| spacelift-api-key-secret | Spacelift API Key Secret | true |
CD - Deploy to EKS Preview envs with Helmfile
Deploy Docker image to ECS Preview envs with Helmfile
Usage
name: Feature Branch on: pull_request: branches: [ 'master' ] types: [opened, synchronize, reopened, closed, labeled, unlabeled] jobs: cd: uses: cloudposse/github-actions-workflows/.github/workflows/cd-preview-helmfile.yml@main if: ${{ always() }} with: image: registry.hub.docker.com/library/nginx tag: latest repository: ${{ github.event.repository.name }} open: ${{ github.event.pull_request.state == 'open' }} labels: ${{ toJSON(github.event.pull_request.labels.*.name) }} ref: ${{ github.event.pull_request.head.ref }} exclusive: false env-label: | preview: deploy secrets: secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }} github-private-actions-pat: ${{ secrets.github-private-actions-pat }}
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| env-label | YAML formatted {environment}: {label} map | string | preview: deploy |
false |
| exclusive | Deactivate previous GitHub deployments | boolean | true | false |
| image | Docker Image to deploy | string | N/A | true |
| labels | Pull Request labels | string | {} | false |
| open | Pull Request open/close state. Set true if opened | boolean | N/A | true |
| ref | The fully-formed ref of the branch or tag that triggered the workflow run | string | N/A | true |
| repository | Repository name (ex. example for repo acme/example) | string | N/A | true |
| tag | Docker Image tag to deploy | string | N/A | true |
Secrets
| Name | Description | Required |
|---|---|---|
| github-private-actions-pat | Github PAT allow to pull private repos | true |
| secret-outputs-passphrase | Passphrase to encrypt/decrypt secret outputs with gpg. For more information read | true |
CI - Codeowners
Validate CODEOWNERS and suggest changes
Usage
name: Validate CODEOWNERS on: workflow_call: jobs: ci-codeowners: uses: cloudposse/github-actions-workflows/.github/workflows/ci-codeowners-full.yml@main with: is_fork: ${{ github.event.pull_request.head.repo.full_name != github.repository }}
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| is_fork | Run workflow in fork mode (decreased permissions and features) | boolean | N/A | true |
| runs-on | Overrides job runs-on setting (json-encoded list) | string | ["ubuntu-latest"] | false |
Secrets
| Name | Description | Required |
|---|---|---|
| github_access_token | GitHub API token | false |
CI - Build Docker image
Build Docker image and push it to ECR
Usage
name: Deploy on: push: branches: [ main ] jobs: ci: uses: cloudposse/github-actions-workflows/.github/workflows/ci-dockerized-app-build.yml@main with: organization: ${{ github.event.repository.owner.login }} repository: ${{ github.event.repository.name }} secrets: ecr-region: ${{ secrets.ecr-region }} ecr-iam-role: ${{ secrets.ecr-iam-role }} registry: ${{ secrets.registry }} secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| organization | Repository owner organization (ex. acme for repo acme/example) | string | N/A | true |
| repository | Repository name (ex. example for repo acme/example) | string | N/A | true |
Secrets
| Name | Description | Required |
|---|---|---|
| ecr-iam-role | IAM Role ARN provide ECR write/read access | true |
| ecr-region | ECR AWS region | true |
| registry | ECR Docker registry | true |
| secret-outputs-passphrase | Passphrase to encrypt/decrypt secret outputs with gpg. For more information read | true |
Outputs
| Name | Description |
|---|---|
| image | Docker Image |
| tag | Docker image tag |
CI - Promote or build Docker image
Promote or build Docker image and push it to ECR
Usage
name: Deploy on: push: branches: [ main ] jobs: ci: uses: cloudposse/github-actions-workflows/.github/workflows/ci-dockerized-app-promote-or-build.yml@main with: organization: ${{ github.event.repository.owner.login }} repository: ${{ github.event.repository.name }} force-build: false secrets: ecr-region: ${{ secrets.ecr-region }} ecr-iam-role: ${{ secrets.ecr-iam-role }} registry: ${{ secrets.registry }} secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| app | Application name. Used with monorepo pattern when there are several applications in the repo | string | N/A | true |
| force-build | Force build (skip promotion) | boolean | false | true |
| matrix-key | Matrix key - matrix output workaround. Read more | string | N/A | false |
| matrix-step-name | Matrix step name - matrix output workaround. Read more | string | N/A | false |
| organization | Repository owner organization (ex. acme for repo acme/example) | string | N/A | true |
| repository | Repository name (ex. example for repo acme/example) | string | N/A | true |
Secrets
| Name | Description | Required |
|---|---|---|
| ecr-iam-role | IAM Role ARN provide ECR write/read access | true |
| ecr-region | ECR AWS region | true |
| registry | ECR Docker registry | true |
| secret-outputs-passphrase | Passphrase to encrypt/decrypt secret outputs with gpg. For more information read | true |
Outputs
| Name | Description |
|---|---|
| image | Docker Image |
| tag | Docker image tag |
CI - Promote Docker image
Promote Docker image to specific version tag and push it to ECR
Usage
name: Release on: release: types: [published] jobs: ci: uses: cloudposse/github-actions-workflows/.github/workflows/ci-dockerized-app-promote.yml@main with: organization: ${{ github.event.repository.owner.login }} repository: ${{ github.event.repository.name }} version: ${{ github.event.release.tag_name }} secrets: ecr-region: ${{ secrets.ecr-region }} ecr-iam-role: ${{ secrets.ecr-iam-role }} registry: ${{ secrets.registry }} secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| app | Application name. Used with monorepo pattern when there are several applications in the repo | string | N/A | false |
| matrix-key | Matrix key - matrix output workaround. Read more | string | N/A | false |
| matrix-step-name | Matrix step name - matrix output workaround. Read more | string | N/A | false |
| organization | Repository owner organization (ex. acme for repo acme/example) | string | N/A | true |
| repository | Repository name (ex. example for repo acme/example) | string | N/A | true |
| version | New version tag | string | N/A | true |
Secrets
| Name | Description | Required |
|---|---|---|
| ecr-iam-role | IAM Role ARN provide ECR write/read access | true |
| ecr-region | ECR AWS region | true |
| registry | ECR Docker registry | true |
| secret-outputs-passphrase | Passphrase to encrypt/decrypt secret outputs with gpg. For more information read | true |
Outputs
| Name | Description |
|---|---|
| image | Docker Image |
| tag | Docker image tag |
CI - Verify Docker image exists
Verify Docker image exists on ECR
Usage
name: Release on: release: types: [published] jobs: ci: uses: cloudposse/github-actions-workflows/.github/workflows/ci-dockerized-app-verify.yml@main with: organization: ${{ github.event.repository.owner.login }} repository: ${{ github.event.repository.name }} version: ${{ github.event.release.tag_name }} secrets: ecr-region: ${{ secrets.ecr-region }} ecr-iam-role: ${{ secrets.ecr-iam-role }} registry: ${{ secrets.registry }} secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| app | Application name. Used with monorepo pattern when there are several applications in the repo | string | N/A | true |
| organization | Repository owner organization (ex. acme for repo acme/example) | string | N/A | true |
| repository | Repository name (ex. example for repo acme/example) | string | N/A | true |
| version | Release version tag | string | N/A | true |
Secrets
| Name | Description | Required |
|---|---|---|
| ecr-iam-role | IAM Role ARN provide ECR write/read access | true |
| ecr-region | ECR AWS region | true |
| registry | ECR Docker registry | true |
| secret-outputs-passphrase | Passphrase to encrypt/decrypt secret outputs with gpg. For more information read | true |
Outputs
| Name | Description |
|---|---|
| image | Docker Image |
| tag | Docker image tag |
CI - Readme
Validate README.yaml, README.md and suggest changes
Usage
name: Validate Readme on: workflow_call: permissions: pull-requests: write id-token: write contents: read jobs: ci-readme: uses: cloudposse/github-actions-workflows/.github/workflows/ci-readme.yml@main with: suggestions: true filter-mode: diff_context
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| filter-mode | Reviewdog filter mode | string | N/A | true |
| runs-on | Overrides job runs-on setting (json-encoded list) | string | ["ubuntu-latest"] | false |
| suggestions | Enable Reviewdog suggestions (pull request only) | boolean | N/A | true |
CI - Terraform ChatOps
Trigger terraform tests using ChatOps
Usage
name: Terraform ChatOps on: workflow_call: permissions: pull-requests: write id-token: write contents: read jobs: ci-terraform-chatops: uses: cloudposse/github-actions-workflows/.github/workflows/ci-terraform-chatops.yml@main secrets: github_access_token: ${{ secrets.REPO_ACCESS_TOKEN }}
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| runs-on | Overrides job runs-on setting (json-encoded list) | string | ["ubuntu-latest"] | false |
Secrets
| Name | Description | Required |
|---|---|---|
| github_access_token | GitHub API token | true |
CI - Terraform
Lint, format and validate terraform code
Usage
name: Validate Terraform on: workflow_call: permissions: pull-requests: write id-token: write contents: read jobs: ci-terraform: uses: cloudposse/github-actions-workflows/.github/workflows/ci-terraform.yml@main with: suggestions: true filter-mode: diff_context
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| filter-mode | Reviewdog filter mode | string | N/A | true |
| runs-on | Overrides job runs-on setting (json-encoded list) | string | ["ubuntu-latest"] | false |
| suggestions | Enable Reviewdog suggestions (pull request only) | boolean | N/A | true |
CI - Check dist Directory
This workflow helps ensure that generated contents of the dist directory matches the output of the yarn build
command. The dist directory has special meaning in GitHub Actions in that it that contains the runnable JS files.
In Cloud Posse's TypeScript actions, the dist directory is generated through a build process from the TypeScript
source files by running the yarn build command.
Usage
name: Build on: push: branches: [ main ] jobs: check-dist: uses: cloudposse/github-actions-workflows/.github/workflows/ci-typescript-app-check-dist.yml@main
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| commit-message | Optional input to set a commit message. If it's not set, it defaults to 'Update the contents of dist directory' | string | Update contents of the dist directory | false |
| dist-path | Optional input to set a path to the dist folder. If it's not set, it defaults to './dist' | string | ./dist | false |
| node-caching | Optional input to set up caching for the setup-node action. The input syntax corresponds to the setup-node's one. Set to an empty string if caching isn't needed | string | yarn | false |
| node-version | Optional input to set the version of Node.js used to build a project. The input syntax corresponds to the setup-node's one | string | 16.x | false |
Controller - Draft release
Create or update draft release
Usage
name: Draft release on: push: branches: [ main ] jobs: do: uses: cloudposse/github-actions-workflows/.github/workflows/controller-draft-release.yml@main with: ref: ${{ github.sha }} secrets: github-private-actions-pat: ${{ secrets.github-private-actions-pat }}
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| ref | The release target, i.e. branch or commit it should point to | string | ${{ github.sha }} | false |
Secrets
| Name | Description | Required |
|---|---|---|
| github-private-actions-pat | Github PAT allow to create release | true |
Controller - Reingtegrate hotfix branch
Create PR into target_branch to reintegrate hotfix from current branch
Usage
name: Release on: release: types: [published] jobs: do: uses: cloudposse/github-action-workflows/.github/workflows/controller-hotfix-reintegrate.yml@main with: ref: ${{ github.ref }} target_branch: main secrets: github-private-actions-pat: ${{ secrets.github-private-actions-pat }}
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| ref | The fully-formed ref of the branch or tag that triggered the workflow run | string | N/A | true |
| target_branch | Target branch to reintegrate hotfix | string | main | false |
Secrets
| Name | Description | Required |
|---|---|---|
| github-private-actions-pat | Github PAT allow to create a pull request | true |
Controller - Create Release branch
Create release/{version} branch for the release
Usage
name: Main branch on: release: types: [published] jobs: do: uses: cloudposse/github-action-workflows/.github/workflows/controller-hotfix-release-branch.yml@main with: version: ${{ github.event.release.tag_name }}
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| version | Release version | string | N/A | true |
Controller - Create hotfix release
Create next patch version release
Usage
on: push: branches: [ 'release/**' ] jobs: do: uses: cloudposse/github-action-workflows/.github/workflows/controller-hotfix-release.yml@main with: ref: ${{ github.ref }}
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| ref | The fully-formed ref of the branch or tag that triggered the workflow run | string | N/A | true |
Outputs
| Name | Description |
|---|---|
| version | Release version |
Controller - Labels
Label a pull request with one or more labels
Usage
name: Label pull request on: workflow_call: jobs: label: uses: cloudposse/github-actions-workflows/.github/workflows/controller-labels.yml@main with: labels: ['ready-for-review']
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| labels | The labels' name to be added. Must be separated with line breaks if there are multiple labels. | string | N/A | true |
| runs-on | Overrides job runs-on setting (json-encoded list) | string | ["ubuntu-latest"] | false |
Controller - Monorepo Controller
Mocked monorepo controller that outputs list of applications, lists of apps with and without changes.
Usage
name: Monorepo on: push: branches: [ main ] jobs: do: uses: cloudposse/github-actions-workflows/.github/workflows/controller-monorepo.yml@main with: dir: ./apps
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| dir | Directory with applications | string | N/A | true |
Outputs
| Name | Description |
|---|---|
| apps | Applications |
| changes | Changed applications |
| no-changes | Unchanged applications |
Controller - Release
Create a github release
Usage
name: Draft release on: workflow_call: jobs: release: uses: cloudposse/github-actions-workflows/.github/workflows/controller-release.yml@main
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| config-name | Name of the release drafter config file | string | auto-release.yml | false |
| ref | The release target, i.e. branch or commit it should point to | string | ${{ github.sha }} | false |
| runs-on | Overrides job runs-on setting (json-encoded list) | string | ["ubuntu-latest"] | false |
Scheduled Context
Scheduled update of context.tf and related docs
Usage
name: scheduled-context on: workflow_call: permissions: pull-requests: write id-token: write contents: read jobs: scheduled-context: uses: cloudposse/github-actions-workflows/.github/workflows/scheduled-context.yml@main
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| base-branch | Repo default branch | string | main | false |
| runs-on | Overrides job runs-on setting (json-encoded list) | string | ["ubuntu-latest"] | false |
Secrets
| Name | Description | Required |
|---|---|---|
| github_access_token | GitHub API token | true |
Scheduled Readme
Scheduled update of readme.md
Usage
name: scheduled-readme on: workflow_call: permissions: pull-requests: write id-token: write contents: read jobs: scheduled-readme: uses: cloudposse/github-actions-workflows/.github/workflows/scheduled-readme.yml@main
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| base-branch | Repo default branch | string | main | false |
| runs-on | Overrides job runs-on setting (json-encoded list) | string | ["ubuntu-latest"] | false |
Secrets
| Name | Description | Required |
|---|---|---|
| github_access_token | GitHub API token | true |
Share the Love
Like this project? Please give it a ★ on our GitHub! (it helps us a lot)
Are you using this project or any of our other projects? Consider leaving a testimonial. =)
Related Projects
Check out these related projects.
References
For additional context, refer to some of these links.
- github-actions-workflows - Reusable workflows for different types of projects
- github-action-docker-build-push - Simple docker build action
Help
Got a question? We got answers.
File a GitHub issue, send us an email or join our Slack Community.
DevOps Accelerator for Startups
We are a DevOps Accelerator. We'll help you build your cloud infrastructure from the ground up so you can own it. Then we'll show you how to operate it and stick around for as long as you need us.
Work directly with our team of DevOps experts via email, slack, and video conferencing.
We deliver 10x the value for a fraction of the cost of a full-time engineer. Our track record is not even funny. If you want things done right and you need it done FAST, then we're your best bet.
- Reference Architecture. You'll get everything you need from the ground up built using 100% infrastructure as code.
- Release Engineering. You'll have end-to-end CI/CD with unlimited staging environments.
- Site Reliability Engineering. You'll have total visibility into your apps and microservices.
- Security Baseline. You'll have built-in governance with accountability and audit logs for all changes.
- GitOps. You'll be able to operate your infrastructure via Pull Requests.
- Training. You'll receive hands-on training so your team can operate what we build.
- Questions. You'll have a direct line of communication between our teams via a Shared Slack channel.
- Troubleshooting. You'll get help to triage when things aren't working.
- Code Reviews. You'll receive constructive feedback on Pull Requests.
- Bug Fixes. We'll rapidly work with you to fix any bugs in our projects.
Slack Community
Join our Open Source Community on Slack. It's FREE for everyone! Our "SweetOps" community is where you get to talk with others who share a similar vision for how to rollout and manage infrastructure. This is the best place to talk shop, ask questions, solicit feedback, and work together as a community to build totally sweet infrastructure.
Discourse Forums
Participate in our Discourse Forums. Here you'll find answers to commonly asked questions. Most questions will be related to the enormous number of projects we support on our GitHub. Come here to collaborate on answers, find solutions, and get ideas about the products and services we value. It only takes a minute to get started! Just sign in with SSO using your GitHub account.
Newsletter
Sign up for our newsletter that covers everything on our technology radar. Receive updates on what we're up to on GitHub as well as awesome new projects we discover.
Office Hours
Join us every Wednesday via Zoom for our weekly "Lunch & Learn" sessions. It's FREE for everyone!
Contributing
Bug Reports & Feature Requests
Please use the issue tracker to report any bugs or file feature requests.
Developing
If you are interested in being a contributor and want to get involved in developing this project or help out with our other projects, we would love to hear from you! Shoot us an email.
In general, PRs are welcome. We follow the typical "fork-and-pull" Git workflow.
- Fork the repo on GitHub
- Clone the project to your own machine
- Commit changes to your own branch
- Push your work back up to your fork
- Submit a Pull Request so that we can review your changes
NOTE: Be sure to merge the latest changes from "upstream" before making a pull request!
Copyright
Copyright © 2017-2023 Cloud Posse, LLC
License
See LICENSE for full details.
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
https://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
Trademarks
All other trademarks referenced herein are the property of their respective owners.
About
This project is maintained and funded by Cloud Posse, LLC. Like it? Please let us know by leaving a testimonial!
We're a DevOps Professional Services company based in Los Angeles, CA. We ❤️ Open Source Software.
We offer paid support on all of our projects.
Check out our other projects, follow us on twitter, apply for a job, or hire us to help with your cloud strategy and implementation.
Contributors
 Igor Rodionov |
|---|