github-actions-workflows

General purpose reusable Github Action workflows

---

This project is part of our comprehensive "SweetOps" approach towards DevOps.

It's 100% Open Source and licensed under the APACHE2.

Introduction

Use provided GitHub Actions reusable workflows to implement consistent release workflow for Github Actions repositories across your organization. Avoid duplication and simplify maintain of the workflows.

Workflows

Name	Description
CD - Deploy to EKS with ArgoCD and Helmfile	Deploy Docker image to EKS with ArgoCD and Helmfile
CD - Deploy to ECS with Spacelift	Deploy Docker image to ECS with Spacelift
CD - Deploy to EKS with Helmfile	Deploy Docker image to EKS with Helmfile
CD - Deploy to EKS Preview envs with Helmfile	Deploy Docker image to ECS Preview envs with Helmfile
CD - Deploy to ECS QA/Preview envs with Spacelift	Deploy Docker image to ECS QA/Preview envs with Spacelift
CD - Deploy to EKS Preview envs with Helmfile	Deploy Docker image to ECS Preview envs with Helmfile
CI - Codeowners	Validate CODEOWNERS and suggest changes
CI - Build Docker image	Build Docker image and push it to ECR
CI - Promote or build Docker image	Promote or build Docker image and push it to ECR
CI - Promote Docker image	Promote Docker image to specific version tag and push it to ECR
CI - Verify Docker image exists	Verify Docker image exists on ECR
CI - Readme	Validate README.yaml, README.md and suggest changes
CI - Terraform ChatOps	Trigger terraform tests using ChatOps
CI - Terraform	Lint, format and validate terraform code
CI - Check dist Directory	This workflow helps ensure that generated contents of the dist directory matches the output of the yarn build
Controller - Draft release	Create or update draft release
Controller - Reingtegrate hotfix branch	Create PR into target\_branch to reintegrate hotfix from current branch
Controller - Create Release branch	Create release/{version} branch for the release
Controller - Create hotfix release	Create next patch version release
Controller - Labels	Label a pull request with one or more labels
Controller - Monorepo Controller	Mocked monorepo controller that outputs list of applications, lists of apps with and without changes.
Controller - Release	Create a github release
Scheduled Context	Scheduled update of context.tf and related docs
Scheduled Readme	Scheduled update of readme.md

CD - Deploy to EKS with ArgoCD and Helmfile

Deploy Docker image to EKS with ArgoCD and Helmfile

Usage

  name: Deploy
  on:
    push:
      branches: [ main ]

  jobs:
    cd:
      uses: cloudposse/github-actions-workflows/.github/workflows/cd-argocd.yml@main
      with:
        image: registry.hub.docker.com/library/nginx
        tag: latest
        repository: ${{ github.event.repository.name }}
        environment: dev
      secrets:
        secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
        github-private-actions-pat: ${{ secrets.github-private-actions-pat }}

Inputs

Name	Description	Type	Default	Required
environment	Environment name deploy to	string	N/A	true
image	Docker Image to deploy	string	N/A	true
organization	Repository owner organization (ex. acme for repo acme/example)	string	N/A	true
repository	Repository name (ex. example for repo acme/example)	string	N/A	true
synchronously	Wait until ArgoCD successfully apply the changes	boolean	false	false
tag	Docker Image tag to deploy	string	N/A	true

Secrets

Name	Description	Required
github-private-actions-pat	Github PAT allow to pull private repos	true
secret-outputs-passphrase	Passphrase to encrypt/decrypt secret outputs with gpg. For more information read	true

CD - Deploy to ECS with Spacelift

Deploy Docker image to ECS with Spacelift

Usage

  name: Deploy
  on:
    push:
      branches: [ main ]

  jobs:
    cd:
      uses: cloudposse/github-actions-workflows/.github/workflows/cd-ecs.yml@main
      with:
        image: registry.hub.docker.com/library/nginx
        tag: latest
        repository: ${{ github.event.repository.name }}
        environment: dev
        spacelift-organization: ${{ inputs.spacelift-organization }}
      secrets:
        secret-outputs-passphrase: "${{ secrets.secret-outputs-passphrase }}"
        github-private-actions-pat: "${{ secrets.github-private-actions-pat }}"
        spacelift-api-key-id: "${{ secrets.spacelift-api-key-id }}"
        spacelift-api-key-secret: "${{ secrets.spacelift-api-key-secret }}"

Inputs

Name	Description	Type	Default	Required
app	Application name. Used with monorepo pattern when there are several applications in the repo	string	N/A	false
environment	Environment name deploy to	string	N/A	true
image	Docker Image to deploy	string	N/A	true
matrix-key	Matrix key - matrix output workaround. Read more	string	N/A	false
matrix-step-name	Matrix step name - matrix output workaround. Read more	string	N/A	false
repository	Repository name (ex. example for repo acme/example)	string	N/A	true
spacelift-organization	Spacelift organization name	string	N/A	true
tag	Docker Image tag to deploy	string	N/A	true

Secrets

Name	Description	Required
github-private-actions-pat	Github PAT allow to pull private repos	true
secret-outputs-passphrase	Passphrase to encrypt/decrypt secret outputs with gpg. For more information read	true
spacelift-api-key-id	Spacelift API Key ID	true
spacelift-api-key-secret	Spacelift API Key Secret	true

CD - Deploy to EKS with Helmfile

Deploy Docker image to EKS with Helmfile

Usage

  name: Deploy
  on:
    push:
      branches: [ main ]

  jobs:
    cd:
      uses: cloudposse/github-actions-workflows/.github/workflows/cd-helmfile.yml@main
      with:
        image: registry.hub.docker.com/library/nginx
        tag: latest
        repository: ${{ github.event.repository.name }}
        environment: dev
      secrets:
        secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
        github-private-actions-pat: ${{ secrets.github-private-actions-pat }}

Inputs

Name	Description	Type	Default	Required
environment	Environment name deploy to	string	N/A	true
image	Docker Image to deploy	string	N/A	true
repository	Repository name (ex. example for repo acme/example)	string	N/A	true
tag	Docker Image tag to deploy	string	N/A	true

Secrets

Name	Description	Required
github-private-actions-pat	Github PAT allow to pull private repos	true
secret-outputs-passphrase	Passphrase to encrypt/decrypt secret outputs with gpg. For more information read	true

CD - Deploy to EKS Preview envs with Helmfile

Deploy Docker image to ECS Preview envs with Helmfile

Usage

  name: Feature Branch
  on:
    pull_request:
      branches: [ 'master' ]
      types: [opened, synchronize, reopened, closed, labeled, unlabeled]

  jobs:
    cd:
      uses: cloudposse/github-actions-workflows/.github/workflows/cd-preview-helmfile.yml@main
      if: ${{ always() }}
      with:
        image: registry.hub.docker.com/library/nginx
        tag: latest
        repository: ${{ github.event.repository.name }}
        open: ${{ github.event.pull_request.state == 'open' }}
        labels: ${{ toJSON(github.event.pull_request.labels.*.name) }}
        ref: ${{ github.event.pull_request.head.ref }}
        exclusive: false
        env-label: |
          preview: deploy
      secrets:
        secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
        github-private-actions-pat: ${{ secrets.github-private-actions-pat }}

Inputs

Name	Description	Type	Default	Required
env-label	YAML formatted {environment}: {label} map	string	preview: deploy	false
exclusive	Deactivate previous GitHub deployments	boolean	true	false
image	Docker Image to deploy	string	N/A	true
labels	Pull Request labels	string	{}	false
open	Pull Request open/close state. Set true if opened	boolean	N/A	true
organization	Repository owner organization (ex. acme for repo acme/example)	string	N/A	true
ref	The fully-formed ref of the branch or tag that triggered the workflow run	string	N/A	true
repository	Repository name (ex. example for repo acme/example)	string	N/A	true
synchronously	Wait until ArgoCD successfully apply the changes	boolean	false	false
tag	Docker Image tag to deploy	string	N/A	true

Secrets

Name	Description	Required
github-private-actions-pat	Github PAT allow to pull private repos	true
secret-outputs-passphrase	Passphrase to encrypt/decrypt secret outputs with gpg. For more information read	true

CD - Deploy to ECS QA/Preview envs with Spacelift

Deploy Docker image to ECS QA/Preview envs with Spacelift

Usage

  name: Feature Branch
  on:
    pull_request:
      branches: [ 'master' ]
      types: [opened, synchronize, reopened, closed, labeled, unlabeled]

  jobs:
    cd:
      uses: cloudposse/github-actions-workflows/.github/workflows/cd-preview-ecs.yml@main
      if: ${{ always() }}
      with:
        image: registry.hub.docker.com/library/nginx
        tag: latest
        repository: ${{ github.event.repository.name }}
        spacelift-organization: ${{ inputs.spacelift-organization }}
        open: ${{ github.event.pull_request.state == 'open' }}
        labels: ${{ toJSON(github.event.pull_request.labels.*.name) }}
        ref: ${{ github.event.pull_request.head.ref }}
        exclusive: true
        env-label: |
          qa1: deploy/qa1
          qa2: deploy/qa2
          qa3: deploy/qa3
          qa4: deploy/qa4
      secrets:
        secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
        github-private-actions-pat: ${{ secrets.github-private-actions-pat }}
        spacelift-api-key-id: "${{ secrets.spacelift-api-key-id }}"
        spacelift-api-key-secret: "${{ secrets.spacelift-api-key-secret }}"  

Inputs

Name	Description	Type	Default	Required
app	Application name. Used with monorepo pattern when there are several applications in the repo	string	N/A	false
env-label	YAML formatted {environment}: {label} map	string	preview: deploy	false
exclusive	Deactivate previous GitHub deployments	boolean	true	false
image	Docker Image to deploy	string	N/A	true
labels	Pull Request labels	string	{}	false
matrix-key	Matrix key - matrix output workaround. Read more	string	N/A	false
matrix-step-name	Matrix step name - matrix output workaround. Read more	string	N/A	false
open	Pull Request open/close state. Set true if opened	boolean	N/A	true
ref	The fully-formed ref of the branch or tag that triggered the workflow run	string	N/A	true
repository	Repository name (ex. example for repo acme/example)	string	N/A	true
spacelift-organization	Spacelift organization name	string	N/A	true
tag	Docker Image tag to deploy	string	N/A	true

Secrets

Name	Description	Required
github-private-actions-pat	Github PAT allow to pull private repos	true
secret-outputs-passphrase	Passphrase to encrypt/decrypt secret outputs with gpg. For more information read	true
spacelift-api-key-id	Spacelift API Key ID	true
spacelift-api-key-secret	Spacelift API Key Secret	true

CD - Deploy to EKS Preview envs with Helmfile

Deploy Docker image to ECS Preview envs with Helmfile

Usage

  name: Feature Branch
  on:
    pull_request:
      branches: [ 'master' ]
      types: [opened, synchronize, reopened, closed, labeled, unlabeled]

  jobs:
    cd:
      uses: cloudposse/github-actions-workflows/.github/workflows/cd-preview-helmfile.yml@main
      if: ${{ always() }}
      with:
        image: registry.hub.docker.com/library/nginx
        tag: latest
        repository: ${{ github.event.repository.name }}
        open: ${{ github.event.pull_request.state == 'open' }}
        labels: ${{ toJSON(github.event.pull_request.labels.*.name) }}
        ref: ${{ github.event.pull_request.head.ref }}
        exclusive: false
        env-label: |
          preview: deploy
      secrets:
        secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
        github-private-actions-pat: ${{ secrets.github-private-actions-pat }}

Inputs

Name	Description	Type	Default	Required
env-label	YAML formatted {environment}: {label} map	string	preview: deploy	false
exclusive	Deactivate previous GitHub deployments	boolean	true	false
image	Docker Image to deploy	string	N/A	true
labels	Pull Request labels	string	{}	false
open	Pull Request open/close state. Set true if opened	boolean	N/A	true
ref	The fully-formed ref of the branch or tag that triggered the workflow run	string	N/A	true
repository	Repository name (ex. example for repo acme/example)	string	N/A	true
tag	Docker Image tag to deploy	string	N/A	true

Secrets

Name	Description	Required
github-private-actions-pat	Github PAT allow to pull private repos	true
secret-outputs-passphrase	Passphrase to encrypt/decrypt secret outputs with gpg. For more information read	true

CI - Codeowners

Validate CODEOWNERS and suggest changes

Usage

  name: Validate CODEOWNERS
  on:
    workflow_call:
    
  jobs:
    ci-codeowners:
      uses: cloudposse/github-actions-workflows/.github/workflows/ci-codeowners-full.yml@main
      with:
        is_fork: ${{ github.event.pull_request.head.repo.full_name != github.repository }}

Inputs

Name	Description	Type	Default	Required
is_fork	Run workflow in fork mode (decreased permissions and features)	boolean	N/A	true
runs-on	Overrides job runs-on setting (json-encoded list)	string	["ubuntu-latest"]	false

Secrets

Name	Description	Required
github_access_token	GitHub API token	false

CI - Build Docker image

Build Docker image and push it to ECR

Usage

  name: Deploy
  on:
    push:
      branches: [ main ]

  jobs:
    ci:
      uses: cloudposse/github-actions-workflows/.github/workflows/ci-dockerized-app-build.yml@main
      with:
        organization: ${{ github.event.repository.owner.login }}
        repository: ${{ github.event.repository.name }}
      secrets:
        ecr-region: ${{ secrets.ecr-region }}
        ecr-iam-role: ${{ secrets.ecr-iam-role }}
        registry: ${{ secrets.registry }}
        secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}

Inputs

Name	Description	Type	Default	Required
organization	Repository owner organization (ex. acme for repo acme/example)	string	N/A	true
repository	Repository name (ex. example for repo acme/example)	string	N/A	true

Secrets

Name	Description	Required
ecr-iam-role	IAM Role ARN provide ECR write/read access	true
ecr-region	ECR AWS region	true
registry	ECR Docker registry	true
secret-outputs-passphrase	Passphrase to encrypt/decrypt secret outputs with gpg. For more information read	true

Outputs

Name	Description
image	Docker Image
tag	Docker image tag

CI - Promote or build Docker image

Promote or build Docker image and push it to ECR

Usage

  name: Deploy
  on:
    push:
      branches: [ main ]

  jobs:
    ci:
      uses: cloudposse/github-actions-workflows/.github/workflows/ci-dockerized-app-promote-or-build.yml@main
      with:
        organization: ${{ github.event.repository.owner.login }}
        repository: ${{ github.event.repository.name }}
        force-build: false
      secrets:
        ecr-region: ${{ secrets.ecr-region }}
        ecr-iam-role: ${{ secrets.ecr-iam-role }}
        registry: ${{ secrets.registry }}
        secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}

Inputs

Name	Description	Type	Default	Required
app	Application name. Used with monorepo pattern when there are several applications in the repo	string	N/A	true
force-build	Force build (skip promotion)	boolean	false	true
matrix-key	Matrix key - matrix output workaround. Read more	string	N/A	false
matrix-step-name	Matrix step name - matrix output workaround. Read more	string	N/A	false
organization	Repository owner organization (ex. acme for repo acme/example)	string	N/A	true
repository	Repository name (ex. example for repo acme/example)	string	N/A	true

Secrets

Name	Description	Required
ecr-iam-role	IAM Role ARN provide ECR write/read access	true
ecr-region	ECR AWS region	true
registry	ECR Docker registry	true
secret-outputs-passphrase	Passphrase to encrypt/decrypt secret outputs with gpg. For more information read	true

Outputs

Name	Description
image	Docker Image
tag	Docker image tag

CI - Promote Docker image

Promote Docker image to specific version tag and push it to ECR

Usage

  name: Release
  on:
    release:
      types: [published]

  jobs:
    ci:
      uses: cloudposse/github-actions-workflows/.github/workflows/ci-dockerized-app-promote.yml@main
      with:
        organization: ${{ github.event.repository.owner.login }}
        repository: ${{ github.event.repository.name }}
        version: ${{ github.event.release.tag_name }}
      secrets:
        ecr-region: ${{ secrets.ecr-region }}
        ecr-iam-role: ${{ secrets.ecr-iam-role }}
        registry: ${{ secrets.registry }}
        secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}

Inputs

Name	Description	Type	Default	Required
app	Application name. Used with monorepo pattern when there are several applications in the repo	string	N/A	false
matrix-key	Matrix key - matrix output workaround. Read more	string	N/A	false
matrix-step-name	Matrix step name - matrix output workaround. Read more	string	N/A	false
organization	Repository owner organization (ex. acme for repo acme/example)	string	N/A	true
repository	Repository name (ex. example for repo acme/example)	string	N/A	true
version	New version tag	string	N/A	true

Secrets

Name	Description	Required
ecr-iam-role	IAM Role ARN provide ECR write/read access	true
ecr-region	ECR AWS region	true
registry	ECR Docker registry	true
secret-outputs-passphrase	Passphrase to encrypt/decrypt secret outputs with gpg. For more information read	true

Outputs

Name	Description
image	Docker Image
tag	Docker image tag

CI - Verify Docker image exists

Verify Docker image exists on ECR

Usage

  name: Release
  on:
    release:
      types: [published]

  jobs:
    ci:
      uses: cloudposse/github-actions-workflows/.github/workflows/ci-dockerized-app-verify.yml@main
      with:
        organization: ${{ github.event.repository.owner.login }}
        repository: ${{ github.event.repository.name }}
        version: ${{ github.event.release.tag_name }}
      secrets:
        ecr-region: ${{ secrets.ecr-region }}
        ecr-iam-role: ${{ secrets.ecr-iam-role }}
        registry: ${{ secrets.registry }}
        secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}

Inputs

Name	Description	Type	Default	Required
app	Application name. Used with monorepo pattern when there are several applications in the repo	string	N/A	true
organization	Repository owner organization (ex. acme for repo acme/example)	string	N/A	true
repository	Repository name (ex. example for repo acme/example)	string	N/A	true
version	Release version tag	string	N/A	true

Secrets

Name	Description	Required
ecr-iam-role	IAM Role ARN provide ECR write/read access	true
ecr-region	ECR AWS region	true
registry	ECR Docker registry	true
secret-outputs-passphrase	Passphrase to encrypt/decrypt secret outputs with gpg. For more information read	true

Outputs

Name	Description
image	Docker Image
tag	Docker image tag

CI - Readme

Validate README.yaml, README.md and suggest changes

Usage

  name: Validate Readme
  on:
    workflow_call:
  
  permissions:
    pull-requests: write
    id-token: write
    contents: read
    
  jobs:
    ci-readme:
      uses: cloudposse/github-actions-workflows/.github/workflows/ci-readme.yml@main
      with:
        suggestions: true
        filter-mode: diff_context

Inputs

Name	Description	Type	Default	Required
filter-mode	Reviewdog filter mode	string	N/A	true
runs-on	Overrides job runs-on setting (json-encoded list)	string	["ubuntu-latest"]	false
suggestions	Enable Reviewdog suggestions (pull request only)	boolean	N/A	true

CI - Terraform ChatOps

Trigger terraform tests using ChatOps

Usage

  name: Terraform ChatOps
  on:
    workflow_call:
  
  permissions:
    pull-requests: write
    id-token: write
    contents: read

  jobs:
    ci-terraform-chatops:
      uses: cloudposse/github-actions-workflows/.github/workflows/ci-terraform-chatops.yml@main
      secrets:
        github_access_token: ${{ secrets.REPO_ACCESS_TOKEN }}

Inputs

Name	Description	Type	Default	Required
runs-on	Overrides job runs-on setting (json-encoded list)	string	["ubuntu-latest"]	false

Secrets

Name	Description	Required
github_access_token	GitHub API token	true

CI - Terraform

Lint, format and validate terraform code

Usage

  name: Validate Terraform
  on:
    workflow_call:
  
  permissions:
    pull-requests: write
    id-token: write
    contents: read

  jobs:
    ci-terraform:
      uses: cloudposse/github-actions-workflows/.github/workflows/ci-terraform.yml@main
      with:
        suggestions: true
        filter-mode: diff_context

Inputs

Name	Description	Type	Default	Required
filter-mode	Reviewdog filter mode	string	N/A	true
runs-on	Overrides job runs-on setting (json-encoded list)	string	["ubuntu-latest"]	false
suggestions	Enable Reviewdog suggestions (pull request only)	boolean	N/A	true

CI - Check dist Directory

This workflow helps ensure that generated contents of the dist directory matches the output of the yarn build command. The dist directory has special meaning in GitHub Actions in that it that contains the runnable JS files.

In Cloud Posse's TypeScript actions, the dist directory is generated through a build process from the TypeScript source files by running the yarn build command.

Usage

  name: Build
  on:
    push:
      branches: [ main ]

  jobs:
    check-dist:
      uses: cloudposse/github-actions-workflows/.github/workflows/ci-typescript-app-check-dist.yml@main

Inputs

Name	Description	Type	Default	Required
commit-message	Optional input to set a commit message. If it's not set, it defaults to 'Update the contents of dist directory'	string	Update contents of the dist directory	false
dist-path	Optional input to set a path to the dist folder. If it's not set, it defaults to './dist'	string	./dist	false
node-caching	Optional input to set up caching for the setup-node action. The input syntax corresponds to the setup-node's one. Set to an empty string if caching isn't needed	string	yarn	false
node-version	Optional input to set the version of Node.js used to build a project. The input syntax corresponds to the setup-node's one	string	16.x	false

Controller - Draft release

Create or update draft release

Usage

  name: Draft release
  on:
    push:
      branches: [ main ]

  jobs:
    do:
      uses:  cloudposse/github-actions-workflows/.github/workflows/controller-draft-release.yml@main
      with:
        ref: ${{ github.sha }}
      secrets:
        github-private-actions-pat: ${{ secrets.github-private-actions-pat }}

Inputs

Name	Description	Type	Default	Required
ref	The release target, i.e. branch or commit it should point to	string	${{ github.sha }}	false

Secrets

Name	Description	Required
github-private-actions-pat	Github PAT allow to create release	true

Controller - Reingtegrate hotfix branch

Create PR into target_branch to reintegrate hotfix from current branch

Usage

  name: Release
  on:
    release:
      types: [published]

  jobs:
    do:
      uses: cloudposse/github-action-workflows/.github/workflows/controller-hotfix-reintegrate.yml@main
      with:
        ref: ${{ github.ref }}
        target_branch: main
      secrets:
        github-private-actions-pat: ${{ secrets.github-private-actions-pat }}

Inputs

Name	Description	Type	Default	Required
ref	The fully-formed ref of the branch or tag that triggered the workflow run	string	N/A	true
target_branch	Target branch to reintegrate hotfix	string	main	false

Secrets

Name	Description	Required
github-private-actions-pat	Github PAT allow to create a pull request	true

Controller - Create Release branch

Create release/{version} branch for the release

Usage

  name: Main branch
  on:
    release:
      types: [published]

  jobs:
    do:
      uses: cloudposse/github-action-workflows/.github/workflows/controller-hotfix-release-branch.yml@main
      with:
        version: ${{ github.event.release.tag_name }}

Inputs

Name	Description	Type	Default	Required
version	Release version	string	N/A	true

Controller - Create hotfix release

Create next patch version release

Usage

  on:
    push:
      branches: [ 'release/**' ]

  jobs:
    do:
      uses: cloudposse/github-action-workflows/.github/workflows/controller-hotfix-release.yml@main
      with:
        ref: ${{ github.ref }}

Inputs

Name	Description	Type	Default	Required
ref	The fully-formed ref of the branch or tag that triggered the workflow run	string	N/A	true

Outputs

Name	Description
version	Release version

Controller - Labels

Label a pull request with one or more labels

Usage

  name: Label pull request
  on:
    workflow_call:

  jobs:
    label:
      uses:  cloudposse/github-actions-workflows/.github/workflows/controller-labels.yml@main
      with:
        labels: ['ready-for-review']

Inputs

Name	Description	Type	Default	Required
labels	The labels' name to be added. Must be separated with line breaks if there are multiple labels.	string	N/A	true
runs-on	Overrides job runs-on setting (json-encoded list)	string	["ubuntu-latest"]	false

Controller - Monorepo Controller

Mocked monorepo controller that outputs list of applications, lists of apps with and without changes.

Usage

  name: Monorepo
  on:
    push:
      branches: [ main ]

  jobs:
    do:
      uses:  cloudposse/github-actions-workflows/.github/workflows/controller-monorepo.yml@main
      with:
        dir: ./apps

Inputs

Name	Description	Type	Default	Required
dir	Directory with applications	string	N/A	true

Outputs

Name	Description
apps	Applications
changes	Changed applications
no-changes	Unchanged applications

Controller - Release

Create a github release

Usage

  name: Draft release
  on:
    workflow_call:

  jobs:
    release:
      uses:  cloudposse/github-actions-workflows/.github/workflows/controller-release.yml@main

Inputs

Name	Description	Type	Default	Required
config-name	Name of the release drafter config file	string	auto-release.yml	false
ref	The release target, i.e. branch or commit it should point to	string	${{ github.sha }}	false
runs-on	Overrides job runs-on setting (json-encoded list)	string	["ubuntu-latest"]	false

Scheduled Context

Scheduled update of context.tf and related docs

Usage

  name: scheduled-context
  on:
    workflow_call:
  
  permissions:
    pull-requests: write
    id-token: write
    contents: read
    
  jobs:
    scheduled-context:
      uses: cloudposse/github-actions-workflows/.github/workflows/scheduled-context.yml@main

Inputs

Name	Description	Type	Default	Required
base-branch	Repo default branch	string	main	false
runs-on	Overrides job runs-on setting (json-encoded list)	string	["ubuntu-latest"]	false

Secrets

Name	Description	Required
github_access_token	GitHub API token	true

Scheduled Readme

Scheduled update of readme.md

Usage

  name: scheduled-readme
  on:
    workflow_call:
  
  permissions:
    pull-requests: write
    id-token: write
    contents: read
    
  jobs:
    scheduled-readme:
      uses: cloudposse/github-actions-workflows/.github/workflows/scheduled-readme.yml@main

Inputs

Name	Description	Type	Default	Required
base-branch	Repo default branch	string	main	false
runs-on	Overrides job runs-on setting (json-encoded list)	string	["ubuntu-latest"]	false

Secrets

Name	Description	Required
github_access_token	GitHub API token	true

Share the Love

Like this project? Please give it a ★ on our GitHub! (it helps us a lot)

Are you using this project or any of our other projects? Consider leaving a testimonial. =)

Related Projects

Check out these related projects.

References

For additional context, refer to some of these links.

• github-actions-workflows - Reusable workflows for different types of projects
• github-action-docker-build-push - Simple docker build action

Help

Got a question? We got answers.

File a GitHub issue, send us an email or join our Slack Community.

DevOps Accelerator for Startups

We are a DevOps Accelerator. We'll help you build your cloud infrastructure from the ground up so you can own it. Then we'll show you how to operate it and stick around for as long as you need us.

Work directly with our team of DevOps experts via email, slack, and video conferencing.

We deliver 10x the value for a fraction of the cost of a full-time engineer. Our track record is not even funny. If you want things done right and you need it done FAST, then we're your best bet.

• Reference Architecture. You'll get everything you need from the ground up built using 100% infrastructure as code.
• Release Engineering. You'll have end-to-end CI/CD with unlimited staging environments.
• Site Reliability Engineering. You'll have total visibility into your apps and microservices.
• Security Baseline. You'll have built-in governance with accountability and audit logs for all changes.
• GitOps. You'll be able to operate your infrastructure via Pull Requests.
• Training. You'll receive hands-on training so your team can operate what we build.
• Questions. You'll have a direct line of communication between our teams via a Shared Slack channel.
• Troubleshooting. You'll get help to triage when things aren't working.
• Code Reviews. You'll receive constructive feedback on Pull Requests.
• Bug Fixes. We'll rapidly work with you to fix any bugs in our projects.

Slack Community

Join our Open Source Community on Slack. It's FREE for everyone! Our "SweetOps" community is where you get to talk with others who share a similar vision for how to rollout and manage infrastructure. This is the best place to talk shop, ask questions, solicit feedback, and work together as a community to build totally sweet infrastructure.

Discourse Forums

Participate in our Discourse Forums. Here you'll find answers to commonly asked questions. Most questions will be related to the enormous number of projects we support on our GitHub. Come here to collaborate on answers, find solutions, and get ideas about the products and services we value. It only takes a minute to get started! Just sign in with SSO using your GitHub account.

Newsletter

Sign up for our newsletter that covers everything on our technology radar. Receive updates on what we're up to on GitHub as well as awesome new projects we discover.

Office Hours

Join us every Wednesday via Zoom for our weekly "Lunch & Learn" sessions. It's FREE for everyone!

Contributing

Bug Reports & Feature Requests

Please use the issue tracker to report any bugs or file feature requests.

Developing

If you are interested in being a contributor and want to get involved in developing this project or help out with our other projects, we would love to hear from you! Shoot us an email.

In general, PRs are welcome. We follow the typical "fork-and-pull" Git workflow.

1. Fork the repo on GitHub
2. Clone the project to your own machine
3. Commit changes to your own branch
4. Push your work back up to your fork
5. Submit a Pull Request so that we can review your changes

NOTE: Be sure to merge the latest changes from "upstream" before making a pull request!

Copyright

Copyright © 2017-2023 Cloud Posse, LLC

License

See LICENSE for full details.

Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements.  See the NOTICE file
distributed with this work for additional information
regarding copyright ownership.  The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License.  You may obtain a copy of the License at

  https://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied.  See the License for the
specific language governing permissions and limitations
under the License.

Trademarks

All other trademarks referenced herein are the property of their respective owners.

About

This project is maintained and funded by Cloud Posse, LLC. Like it? Please let us know by leaving a testimonial!

We're a DevOps Professional Services company based in Los Angeles, CA. We ❤️ Open Source Software.

We offer paid support on all of our projects.

Check out our other projects, follow us on twitter, apply for a job, or hire us to help with your cloud strategy and implementation.

Contributors

Igor Rodionov