2.5 KiB
2.5 KiB
shared-actions
Shared composite actions for Forgejo CI/CD pipelines.
Actions
| Action | Description |
|---|---|
| aikido-full-scan | Run a full Aikido security scan (for nightly/scheduled runs) |
| aikido-pr-scan | Run Aikido security scan on a PR in gating mode (fails on new vulnerabilities) |
| aws-configure | Authenticate with AWS via OIDC |
| aws-lambda-update | Update Lambda function alias to a new version, optionally wait for provisioned concurrency |
| aws-s3-sync | Sync build artifacts to S3, clean up old versioned assets, optionally invalidate CloudFront |
| cloudfront-invalidate | Invalidate one or more CloudFront distributions |
| docker-build-push | Build Docker image and push to JFrog with semver tags (major, minor, patch) |
| helm-deploy | Deploy a service to Kubernetes via Helm over SSH |
| maven-build | Run Maven build — verify-only (PRs) or package+jib push (deploy) |
| playwright-e2e | Run Playwright E2E tests with optional sharding, upload results to S3 |
| pnpm-build | Set up pnpm, authenticate JFrog npm registry, install deps, run scripts |
| publish-npm-package | Build and publish npm package to JFrog Artifactory |
| publish-rust-crate | Build, test, and publish Rust crate to JFrog Cargo registry |
| rust-build | Run Rust CI — fmt, clippy, tests, optional cross-compilation |
| secrets-inject | Append a secrets file to a Java .properties file |
| terraform-apply | Full Terraform init + workspace + apply + output capture |
| terraform-module-publish | Zip a Terraform module and publish to JFrog Artifactory |
| terraform-validate | Validate Terraform code without backend (for PR checks) |
Usage
Reference actions from your project's workflow:
- uses: schmalz/shared-actions/.github/actions/<action-name>@v1
with:
# see each action's README for inputs
Each action has its own README with inputs, usage examples, and notes.