Shared Forgejo Actions
Michael.Seele@schmalz.de
b666024c65
Reviewed-on: #22 Reviewed-by: Markus.Opahle@schmalz.de <Markus.Opahle@schmalz.de> |
||
|---|---|---|
| .devcontainer | ||
| .forgejo/workflows | ||
| aikido-full-scan | ||
| aikido-pr-scan | ||
| aws-configure | ||
| cache | ||
| checkout | ||
| helm-deploy | ||
| inject-content | ||
| internal-aikido-full-scan | ||
| internal-aikido-pr-scan | ||
| pnpm-build | ||
| publish-static-contents | ||
| terraform-apply | ||
| terraform-validate | ||
| CODEOWNERS | ||
| README.md | ||
shared-actions
Shared actions for Forgejo CI/CD pipelines.
Actions
| Action | Description |
|---|---|
| aikido-full-scan | Aikido full scan |
| aikido-pr-scan | Aikido PR scan |
| aws-configure | Authenticate with AWS via OIDC |
| cache | Cache files between workflow runs |
| checkout | Action for checking out a repository |
| helm-deploy | Deploy a service to Kubernetes via Helm over SSH |
| inject-content | Inject content into a file by appending or overwriting |
| pnpm-build | Action for building and validating with PNPM |
| publish-static-contents | Syncs frontend assets to S3 and invalidates a CloudFront distribution |
| terraform-apply | Apply Terraform configuration files using the official Terraform CLI |
| terraform-validate | Validate Terraform configuration files using the official Terraform CLI |
Security
Where third-party Forgejo/GitHub Actions are used internally, they are pinned to exact commit hashes rather than mutable tags to prevent supply chain attacks.
Usage
Reference actions from your project's workflow:
- uses: https://schmalz-git.git.onstackit.cloud/schmalz/shared-actions/<action-name>@<action-name>-v1
with:
# see each action's README for inputs
Each action has its own README with inputs, usage examples, and notes.