shared-actions

Shared composite actions for Forgejo CI/CD pipelines.

Actions

Action	Description
aikido-full-scan	Run a full Aikido security scan (for nightly/scheduled runs)
aikido-pr-scan	Run Aikido security scan on a PR in gating mode (fails on new vulnerabilities)
aws-configure	Authenticate with AWS via OIDC
aws-lambda-update	Update Lambda function alias to a new version, optionally wait for provisioned concurrency
aws-s3-sync	Sync build artifacts to S3, clean up old versioned assets, optionally invalidate CloudFront
cloudfront-invalidate	Invalidate one or more CloudFront distributions
docker-build-push	Build Docker image and push to JFrog with semver tags (major, minor, patch)
helm-deploy	Deploy a service to Kubernetes via Helm over SSH
maven-build	Run Maven build — verify-only (PRs) or package+jib push (deploy)
playwright-e2e	Run Playwright E2E tests with optional sharding, upload results to S3
pnpm-build	Set up pnpm, authenticate JFrog npm registry, install deps, run scripts
publish-npm-package	Build and publish npm package to JFrog Artifactory
publish-rust-crate	Build, test, and publish Rust crate to JFrog Cargo registry
rust-build	Run Rust CI — fmt, clippy, tests, optional cross-compilation
secrets-inject	Append a secrets file to a Java .properties file
terraform-apply	Full Terraform init + workspace + apply + output capture
terraform-module-publish	Zip a Terraform module and publish to JFrog Artifactory
terraform-validate	Validate Terraform code without backend (for PR checks)

Usage

Reference actions from your project's workflow:

- uses: schmalz/shared-actions/.github/actions/<action-name>@v1
  with:
    # see each action's README for inputs

Each action has its own README with inputs, usage examples, and notes.