A comprehensive collection of reusable GitHub Actions workflows for DevOps automation, covering Docker operations, AWS deployments, security scanning, code quality checks, and more.
This repository provides production-ready, reusable GitHub Actions workflows that can be called from other repositories to standardize and simplify your CI/CD pipelines. These workflows are designed to be modular, secure, and easy to integrate into your existing projects.
- Docker Operations: Build, scan, push, and deploy Docker images
- AWS Integration: Deploy to AWS using Terraform, CodeBuild, CloudFormation, and more
- Security Scanning: Automated security checks for dependencies, containers, and infrastructure
- Code Quality: Linting and formatting for multiple languages and file types
- Automation: Dependabot auto-merge, PR management, and release automation
To use these reusable workflows, you'll need:
- GitHub repository with Actions enabled
- Appropriate secrets configured in your repository (e.g.,
AWS_ACCESS_KEY_ID,DOCKER_HUB_TOKEN) - Required permissions for the specific workflow you're using
To use a reusable workflow in your repository, create a workflow file (e.g., .github/workflows/my-workflow.yml) and reference the desired workflow:
name: My Workflow
on:
push:
branches: [main]
jobs:
docker-build-and-push:
uses: dceoy/gh-actions-for-devops/.github/workflows/docker-build-and-push.yml@main
with:
registry: docker.io
registry-user: myusername
image-name: my-app
context: .
secrets:
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}The workflows are organized by category for easier navigation. Each workflow is designed to be called from other repositories using the workflow_call trigger.
| Workflow File | Description |
|---|---|
| aws-cloudformation-lint.yml | Lint for AWS CloudFormation |
| aws-codebuild-run.yml | Build using an AWS CodeBuild project |
| aws-parameter-store-update.yml | Update AWS Parameter Store values |
| claude-code-bot.yml | Mention bot using Claude Code |
| claude-code-review.yml | Pull request review using Claude Code |
| dependabot-auto-merge.yml | Dependabot auto-merge |
| docker-build-and-push.yml | Docker image build and push |
| docker-build-with-multi-targets.yml | Docker image build and save for multiple build targets |
| docker-buildx-bake.yml | Docker image build from a bake definition file |
| docker-image-scan.yml | Security scan for Docker images |
| docker-lint-and-scan.yml | Lint and security scan for Dockerfile |
| docker-pull-from-aws.yml | Docker image pull from AWS |
| docker-save-and-terraform-deploy-to-aws.yml | Docker image save and resource deployment to AWS using Terraform |
| gcloud-infra-manager-deployments.yml | Deployment of Google Cloud resources using Infrastructure Manager |
| gemini-cli-review.yml | Pull request review using Gemini CLI |
| gemini-cli-to-slack.yml | Gemini CLI with Slack notification |
| github-actions-lint-and-scan.yml | Lint and security scan for GitHub Actions workflows |
| github-codeql-analysis.yml | GitHub CodeQL Analysis |
| github-major-version-tag.yml | Major version tag on GitHub |
| github-merged-branch-deletion.yml | Deletion of merged branches on GitHub |
| github-pr-branch-aggregation.yml | Aggregation of open pull request branches |
| github-release.yml | Release on GitHub |
| go-package-lint-and-scan.yml | Lint and security scan for Go |
| html-lint-and-scan.yml | Lint and scan for HTML/CSS |
| json-lint.yml | Lint for JSON |
| json-schema-validation.yml | Schema validation for JSON |
| markdown-format-and-pr.yml | Formatting for Markdown |
| microsoft-defender-for-devops.yml | Microsoft Defender for Devops |
| pr-agent.yml | PR-agent |
| python-package-format-and-pr.yml | Formatting for Python |
| python-package-lint-and-scan.yml | Lint and security scan for Python |
| python-package-mkdocs-gh-deploy.yml | Build and deployment of MkDocs documentation |
| python-package-release-on-pypi-and-github.yml | Python package release on PyPI and GitHub |
| python-package-test.yml | Test for Python Package |
| python-pyinstaller.yml | Build using PyInstaller |
| r-package-format-and-pr.yml | Formatting for R |
| r-package-lint.yml | Lint for R |
| shell-lint.yml | Lint for Shell |
| speckit-init.yml | Spec Kit initialization |
| terraform-deploy-to-aws.yml | Deployment of AWS resources using Terraform |
| terraform-format-and-pr.yml | Formatting for Terraform |
| terraform-lint-and-scan.yml | Lint and security scan for Terraform |
| terraform-lock-files-upgrade-and-pr-merge.yml | Upgrade of Terraform lock files and pull request merge |
| terraform-lock-files-upgrade.yml | Upgrade of Terraform lock files |
| terragrunt-aws-switch-resources.yml | Switcher to apply or destroy AWS resources using Terragrunt |
| toml-lint.yml | Lint for TOML |
| typescript-package-format-and-pr.yml | Formatting for TypeScript |
| typescript-package-lint-and-scan.yml | Lint and security scan for TypeScript |
| typescript-package-script.yml | Package script run for a TypeScript project |
| web-api-monitoring-with-slack.yml | Synthetic web API monitoring with Slack notification |
| yaml-lint.yml | Lint for YAML |
This project is licensed under the MIT License - see the LICENSE file for details.
Copyright (c) 2024 Daichi Narushima