Reusable GitHub Actions workflow examples for cloud native DevOps
UNLICENSE License
These workflow examples comprise three parts:
.github/workflows/reusable-*.yaml
- Designed to be reusable as a "called" workflow, and has a workflow_call
event in it. They would exist in a central repository and called by other repositories. The central repository needs to be public
, internal
, or private
and enabled for GitHub Actions sharing in repository Settings.templates/call-*.yaml
- these are the "calling" templates that you would copy to all your code and IaC repositories. Each of their jobs has the special uses: <github-path>
to point to the reusable workflow..github/workflows/call-local*.yaml
- For testing. Calls a local workflow in the same directory. ProTip: Make tests for your reusable workflows! Either in the same repository as this one shows, or from a separate repository full of tests. You'll thank me later.⚠️ DO NOT call this workflow directly, rather, use it as a template repository and fork it for your own reusable workflow. I might change this workflow at anytime, based on new GHA features or learnings, and your calling workflow might break. ⚠️
.github/dependabot.yml
will make PRs for version updates to your Actions and Dockerfiles..github/linters/
stores linter configs used by Super-Linter. ProTip: symlink these to the preferred location to use the same linters locally.templates/call-super-linter.yaml
is a workflow that calls Super-Linter, which I'm storing the full reusable workflow in bretfisher/super-linter-workflow.templates/call-docker-build.yaml
is a workflow that calls a Docker build (awesomesauce!), which I'm storing the full reusable workflow in bretfisher/docker-build-workflow.templates/call-docker-build-promotion.yaml
is an advanced workflow that calls a build workflow on PR, and then on merge it will call that workflow with different values and also creates a GitOps-style PR to deploy the new image to a Kubernetes cluster.templates/call-snyk-scan-image.yaml
is a workflow that calls a Snyk scan in this repository.templates/call-trivy-scan-image.yaml
is a workflow that calls a reusable Trivy scan in this repository.