Shared Forgejo Actions

Find a file

Michael Seele 4b76b06148 All checks were successful validate-shared-actions / validate-shared-actions (pull_request) Successful in 40s Details Aikido Security PR Check / Aikido Security Scan (pull_request) Successful in 50s Details feat: add output export for Terraform apply action		2026-05-05 09:22:49 +00:00
.devcontainer	chore: remove unused extensions	2026-05-04 07:13:53 +00:00
.forgejo/workflows	Merge pull request 'feat: add tag-release workflow for manual major release tagging' (#13) from feature/tag-release into main	2026-05-04 08:21:02 +00:00
aikido-full-scan	fix: reference internal actions as full qualified shared actions	2026-05-04 12:56:45 +00:00
aikido-pr-scan	fix: reference internal actions as full qualified shared actions	2026-05-04 12:56:45 +00:00
aws-configure	feat: add aws-access-key-id and aws-secret-access-key inputs to aws-configure action	2026-05-04 09:04:49 +00:00
checkout	fix: downgrade checkout	2026-05-04 14:27:04 +00:00
internal-aikido-full-scan	fix: reference internal actions as full qualified shared actions	2026-05-04 12:56:45 +00:00
internal-aikido-pr-scan	fix: reference internal actions as full qualified shared actions	2026-05-04 12:56:45 +00:00
pnpm-build	feat: add pnpm-build action	2026-04-30 14:02:09 +02:00
publish-static-contents	feat: add publish-static-contents action	2026-04-30 14:02:09 +02:00
terraform-apply	feat: add output export for Terraform apply action	2026-05-05 09:22:49 +00:00
terraform-validate	feat: add terraform-validate action	2026-04-30 14:30:34 +02:00
CODEOWNERS	ci: add codeowners	2026-04-24 16:05:57 +02:00
README.md	feat: add terraform-apply action	2026-05-04 07:52:38 +00:00

README.md

shared-actions

Shared actions for Forgejo CI/CD pipelines.

Actions

Action	Description
aikido-full-scan	Aikido full scan
aikido-pr-scan	Aikido PR scan
aws-configure	Authenticate with AWS via OIDC
checkout	Action for checking out a repository
pnpm-build	Action for building and validating with PNPM
publish-static-contents	Syncs frontend assets to S3 and invalidates a CloudFront distribution
terraform-apply	Apply Terraform configuration files using the official Terraform CLI
terraform-validate	Validate Terraform configuration files using the official Terraform CLI

Security

Where third-party Forgejo/GitHub Actions are used internally, they are pinned to exact commit hashes rather than mutable tags to prevent supply chain attacks.

Usage

Reference actions from your project's workflow:

- uses: https://schmalz-git.git.onstackit.cloud/schmalz/shared-actions/<action-name>@<action-name>-v1
  with:
    # see each action's README for inputs

Each action has its own README with inputs, usage examples, and notes.