{"id":45537063,"url":"https://github.com/jguida941/ci-cd-hub","last_synced_at":"2026-02-23T02:39:27.027Z","repository":{"id":329874470,"uuid":"1116451679","full_name":"jguida941/ci-cd-hub","owner":"jguida941","description":"Stop writing YAML. CLI wizard configures 40+ CI tools (security, quality, mutation) for Java/Python in minutes. Run centrally or dispatch to repos. 3-tier config merge, profile system, multi-repo registry, and AI-powered triage. One hub, many repos, zero boilerplate.","archived":false,"fork":false,"pushed_at":"2026-01-26T11:06:55.000Z","size":8829,"stargazers_count":2,"open_issues_count":2,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-01-26T19:52:19.885Z","etag":null,"topics":["automation","ci-cd","code-coverage","code-quality","devops","github-actions","github-actions-templates","java","maven","monorepo","multirepo","mutation-testing","orchestration","python","security-scanning","static-analysis"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jguida941.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":".github/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-12-14T22:01:03.000Z","updated_at":"2026-01-22T07:42:07.000Z","dependencies_parsed_at":null,"dependency_job_id":"3eb5bbbb-adae-4985-884b-b712affdfc5e","html_url":"https://github.com/jguida941/ci-cd-hub","commit_stats":null,"previous_names":["jguida941/ci-cd-hub"],"tags_count":20,"template":false,"template_full_name":null,"purl":"pkg:github/jguida941/ci-cd-hub","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jguida941%2Fci-cd-hub","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jguida941%2Fci-cd-hub/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jguida941%2Fci-cd-hub/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jguida941%2Fci-cd-hub/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jguida941","download_url":"https://codeload.github.com/jguida941/ci-cd-hub/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jguida941%2Fci-cd-hub/sbom","scorecard":{"id":1242460,"data":{"date":"2026-01-26T06:25:57Z","repo":{"name":"github.com/jguida941/ci-cd-hub","commit":"750983bd08ebddcb5667c344fc875bab332642c3"},"scorecard":{"version":"v5.1.1","commit":"cd152cb6742c5b8f2f3d2b5193b41d9c50905198"},"score":5.6,"checks":[{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: Dependabot: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#dependency-update-tool"}},{"name":"Maintained","score":0,"reason":"project was created in last 90 days. please review its contents carefully","details":["Warn: Repository was created in last 90 days."],"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#maintained"}},{"name":"CI-Tests","score":-1,"reason":"no pull request found","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#ci-tests"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#code-review"}},{"name":"Security-Policy","score":3,"reason":"security policy file detected","details":["Info: security policy file detected: .github/SECURITY.md:1","Warn: no linked content found","Warn: One or no descriptive hints of disclosure, vulnerability, and/or timelines in security policy","Info: Found text in security policy: .github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#security-policy"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#binary-artifacts"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":7,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/config-validate.yml:33","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-orchestrator.yml:91","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-orchestrator.yml:151","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-orchestrator.yml:204","Warn: jobLevel 'actions' permission set to 'write': .github/workflows/hub-orchestrator.yml:205","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-orchestrator.yml:312","Info: jobLevel 'actions' permission set to 'read': .github/workflows/hub-orchestrator.yml:313","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:151","Warn: jobLevel 'checks' permission set to 'write': .github/workflows/hub-production-ci.yml:152","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:366","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:436","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:632","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:679","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:724","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/hub-production-ci.yml:1016","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:87","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:200","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:258","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:333","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:402","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:516","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:839","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:911","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:585","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:950","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:979","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:291","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:803","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:878","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:1084","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-run-all.yml:164","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-run-all.yml:210","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-run-all.yml:346","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-run-all.yml:101","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-security.yml:53","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-security.yml:96","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-security.yml:292","Info: jobLevel 'contents' permission set to 'read': .github/workflows/hub-security.yml:383","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/publish-pypi.yml:105","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release.yml:31","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:72","Info: topLevel 'contents' permission set to 'read': .github/workflows/ai-ci-loop.yml:19","Info: topLevel 'contents' permission set to 'read': .github/workflows/config-validate.yml:11","Info: topLevel 'contents' permission set to 'read': .github/workflows/hub-ci.yml:60","Warn: topLevel 'security-events' permission set to 'write': .github/workflows/hub-ci.yml:61","Info: topLevel 'contents' permission set to 'read': .github/workflows/hub-orchestrator.yml:76","Info: topLevel 'contents' permission set to 'read': .github/workflows/hub-production-ci.yml:80","Info: topLevel 'contents' permission set to 'read': .github/workflows/hub-run-all.yml:88","Info: topLevel 'contents' permission set to 'read': .github/workflows/hub-security.yml:43","Info: topLevel 'contents' permission set to 'read': .github/workflows/java-ci.yml:43","Warn: topLevel 'security-events' permission set to 'write': .github/workflows/java-ci.yml:44","Info: topLevel 'contents' permission set to 'read': .github/workflows/kyverno-ci.yml:21","Info: topLevel 'contents' permission set to 'read': .github/workflows/kyverno-validate.yml:15","Info: topLevel 'contents' permission set to 'read': .github/workflows/publish-pypi.yml:30","Info: topLevel 'contents' permission set to 'read': .github/workflows/python-ci.yml:43","Warn: topLevel 'security-events' permission set to 'write': .github/workflows/python-ci.yml:44","Info: topLevel 'contents' permission set to 'read': .github/workflows/release.yml:24","Info: topLevel 'contents' permission set to 'read': .github/workflows/smoke-test.yml:19","Info: topLevel 'contents' permission set to 'read': .github/workflows/sync-templates.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/template-guard.yml:14"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#token-permissions"}},{"name":"SAST","score":10,"reason":"SAST tool detected: CodeQL","details":["Info: SAST configuration detected: CodeQL","Info: SAST configuration detected: CodeQL","Info: SAST configuration detected: CodeQL","Info: SAST configuration detected: CodeQL","Info: SAST configuration detected: CodeQL","Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":4,"reason":"dependency not pinned by hash detected -- score normalized to 4","details":["Warn: pipCommand not pinned by hash: .github/workflows/ai-ci-loop.yml:37","Warn: pipCommand not pinned by hash: .github/workflows/ai-ci-loop.yml:40","Warn: pipCommand not pinned by hash: .github/workflows/config-validate.yml:47","Warn: pipCommand not pinned by hash: .github/workflows/hub-ci.yml:144","Warn: pipCommand not pinned by hash: .github/workflows/hub-ci.yml:150","Warn: pipCommand not pinned by hash: .github/workflows/hub-orchestrator.yml:182","Warn: pipCommand not pinned by hash: .github/workflows/hub-orchestrator.yml:236","Warn: pipCommand not pinned by hash: .github/workflows/hub-orchestrator.yml:341","Warn: pipCommand not pinned by hash: .github/workflows/hub-orchestrator.yml:122","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:278","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:356","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:389","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:392","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:541","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:544","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:547","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:655","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:658","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:661","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:826","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:829","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:1045","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:1106","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:1109","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:134","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:137","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:174","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:177","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:223","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:227","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:227","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:702","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:705","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:754","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:862","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:865","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:934","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:937","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:316","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:319","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:465","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:468","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:472","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:611","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:614","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:420","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:423","Warn: pipCommand not pinned by hash: .github/workflows/hub-production-ci.yml:901","Warn: pipCommand not pinned by hash: .github/workflows/hub-run-all.yml:133","Warn: pipCommand not pinned by hash: .github/workflows/hub-run-all.yml:193","Warn: pipCommand not pinned by hash: .github/workflows/hub-run-all.yml:259","Warn: pipCommand not pinned by hash: .github/workflows/hub-run-all.yml:372","Warn: pipCommand not pinned by hash: .github/workflows/hub-security.yml:79","Warn: pipCommand not pinned by hash: .github/workflows/hub-security.yml:123","Warn: pipCommand not pinned by hash: .github/workflows/hub-security.yml:214","Warn: pipCommand not pinned by hash: .github/workflows/hub-security.yml:328","Warn: pipCommand not pinned by hash: .github/workflows/hub-security.yml:405","Warn: pipCommand not pinned by hash: .github/workflows/java-ci.yml:278","Warn: downloadThenRun not pinned by hash: .github/workflows/java-ci.yml:284","Warn: pipCommand not pinned by hash: .github/workflows/kyverno-ci.yml:96","Warn: pipCommand not pinned by hash: .github/workflows/kyverno-validate.yml:58","Warn: pipCommand not pinned by hash: .github/workflows/publish-pypi.yml:49","Warn: pipCommand not pinned by hash: .github/workflows/python-ci.yml:263","Warn: downloadThenRun not pinned by hash: .github/workflows/python-ci.yml:269","Warn: pipCommand not pinned by hash: .github/workflows/release.yml:44","Warn: pipCommand not pinned by hash: .github/workflows/release.yml:47","Warn: pipCommand not pinned by hash: .github/workflows/release.yml:86","Warn: pipCommand not pinned by hash: .github/workflows/release.yml:89","Warn: pipCommand not pinned by hash: .github/workflows/smoke-test.yml:79","Warn: pipCommand not pinned by hash: .github/workflows/smoke-test.yml:121","Warn: pipCommand not pinned by hash: .github/workflows/smoke-test.yml:298","Warn: pipCommand not pinned by hash: .github/workflows/sync-templates.yml:29","Warn: pipCommand not pinned by hash: .github/workflows/template-guard.yml:33","Warn: pipCommand not pinned by hash: .github/workflows/template-guard.yml:54","Info: 149 out of 149 GitHub-owned GitHubAction dependencies pinned","Info:  49 out of  49 third-party GitHubAction dependencies pinned","Info:   0 out of  72 pipCommand dependencies pinned","Info:   0 out of   2 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#pinned-dependencies"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#license"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#cii-best-practices"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#signed-releases"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":9,"reason":"1 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#vulnerabilities"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/publish-pypi.yml:63"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#packaging"}},{"name":"Contributors","score":0,"reason":"project has 0 contributing companies or organizations -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#contributors"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#branch-protection"}}]},"last_synced_at":"2026-01-26T20:37:52.317Z","repository_id":329874470,"created_at":"2026-01-26T20:37:52.317Z","updated_at":"2026-01-26T20:37:52.317Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29735759,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-23T02:24:00.660Z","status":"ssl_error","status_checked_at":"2026-02-23T02:22:56.087Z","response_time":90,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","ci-cd","code-coverage","code-quality","devops","github-actions","github-actions-templates","java","maven","monorepo","multirepo","mutation-testing","orchestration","python","security-scanning","static-analysis"],"created_at":"2026-02-23T02:39:26.240Z","updated_at":"2026-02-23T02:39:27.014Z","avatar_url":"https://github.com/jguida941.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CI/CD Hub\n\n[![GitHub Actions](https://img.shields.io/badge/github%20actions-%232671E5.svg?style=for-the-badge\u0026logo=githubactions\u0026logoColor=white)](https://github.com/jguida941/ci-cd-hub/actions/workflows/hub-production-ci.yml)\n[![Python](https://img.shields.io/badge/python-3670A0?style=for-the-badge\u0026logo=python\u0026logoColor=ffdd54)](https://github.com/jguida941/ci-cd-hub)\n[![Java](https://img.shields.io/badge/java-%23ED8B00.svg?style=for-the-badge\u0026logo=openjdk\u0026logoColor=white)](https://github.com/jguida941/ci-cd-hub)\n[![codecov](https://img.shields.io/codecov/c/github/jguida941/ci-cd-hub?style=for-the-badge\u0026logo=codecov\u0026logoColor=white)](https://codecov.io/gh/jguida941/ci-cd-hub)\n[![mutmut](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/jguida941/ci-cd-hub/main/badges/mutmut.json\u0026style=for-the-badge)](https://github.com/jguida941/ci-cd-hub/actions/workflows/hub-production-ci.yml)\n[![ruff](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/jguida941/ci-cd-hub/main/badges/ruff.json\u0026style=for-the-badge)](https://github.com/jguida941/ci-cd-hub/actions/workflows/hub-production-ci.yml)\n[![bandit](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/jguida941/ci-cd-hub/main/badges/bandit.json\u0026style=for-the-badge)](https://github.com/jguida941/ci-cd-hub/actions/workflows/hub-production-ci.yml)\n[![pip-audit](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/jguida941/ci-cd-hub/main/badges/pip-audit.json\u0026style=for-the-badge)](https://github.com/jguida941/ci-cd-hub/actions/workflows/hub-production-ci.yml)\n[![zizmor](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/jguida941/ci-cd-hub/main/badges/zizmor.json\u0026style=for-the-badge)](https://github.com/jguida941/ci-cd-hub/actions/workflows/hub-production-ci.yml)\n[![License: Elastic 2.0](https://img.shields.io/badge/license-Elastic%202.0-blue?style=for-the-badge)](LICENSE)\n\nCentralized CI/CD for Java and Python repos with config-driven toggles, reusable workflows, and a single hub that runs pipelines across many repositories.\n\n\u003e [!NOTE]\n\u003e **Refactor In Progress** - We're aligning CLI/registry integration and doc automation.\n\u003e Some commands may be incomplete. See [STATUS.md](docs/development/status/STATUS.md) for current state.\n\n---\n\n## Why CI/CD Hub?\n\n| Problem | Solution |\n|---------|----------|\n| Hours writing YAML per repo | One CLI generates config + workflows in minutes |\n| Copy-paste configs that drift | 3-tier merge (defaults → hub → repo) keeps everything in sync |\n| Manually configuring 10+ tools | Schema-validated config with profiles that auto-configure tools |\n| Debugging cryptic CI failures | Triage bundles with prioritized, actionable reports |\n\n---\n\n## Who It's For\n\n| Audience | Use Case |\n|----------|----------|\n| Hub/Org Admins | Centralized standards across many repos |\n| Teams | Consistent CI gates across Python and Java |\n| Maintainers | Minimal YAML, reproducible workflows |\n\n## Core Concepts\n\n- Hub repo: hosts defaults, templates, workflows, and repo configs.\n- Target repo: owns `.ci-hub.yml` for per-repo overrides.\n- Merge order: defaults → hub config → repo config (repo wins).\n\n## CLI Flow (Short)\n\n```bash\n# Guided onboarding (interactive)\npython -m cihub setup\n\n# Or generate config + workflow directly\npython -m cihub init --repo . --apply\n\n# Run CI locally (uses .ci-hub.yml)\npython -m cihub ci\n```\n\n## Execution Modes\n\n- Central mode: the hub clones repos and runs pipelines directly from a single workflow.\n- Distributed mode: the hub dispatches workflows to each repo via caller templates and reusable workflows.\n\n---\n\n## Pre-Push Validation\n\nRun local checks before pushing:\n\n```bash\ncihub check              # Fast: lint, format, type, test (~30s)\ncihub check --audit      # + links, adr, configs (~45s)\ncihub check --security   # + bandit, pip-audit, trivy, gitleaks (~2min)\ncihub check --full       # + templates, matrix, license, zizmor (~3min)\ncihub check --all        # Everything including mutation (~15min)\n```\n\nOther validation commands:\n\n```bash\ncihub validate --repo .          # Validate .ci-hub.yml against schema\ncihub run ruff --repo .          # Run one tool, emit JSON\ncihub verify --remote            # Verify workflow contracts (requires gh auth)\ncihub docs generate              # Regenerate CLI/config reference docs\ncihub docs check                 # Verify docs are up to date\n```\n\n---\n\n## Toolchains\n\n### Python\n\n| Category | Tools |\n|----------|-------|\n| Testing | pytest, Hypothesis |\n| Linting | Ruff, Black, isort |\n| Types | mypy |\n| Security | Bandit, pip-audit, Semgrep, Trivy |\n| Mutation | mutmut |\n| Container | Docker, SBOM |\n\n### Java\n\n| Category | Tools |\n|----------|-------|\n| Testing | jqwik |\n| Coverage | JaCoCo |\n| Quality | Checkstyle, SpotBugs, PMD |\n| Security | OWASP Dependency-Check, Semgrep, Trivy |\n| Mutation | PITest |\n| Container | Docker, SBOM |\n\n### Shared (Both Languages)\n\nSemgrep, Trivy, CodeQL, SBOM, Docker\n\n## Quick Start\n\n### Central mode\n```bash\n# Run all repos\ngh workflow run hub-run-all.yml -R jguida941/ci-cd-hub\n\n# Run by group\ngh workflow run hub-run-all.yml -R jguida941/ci-cd-hub -f run_group=fixtures\n```\n\n### Distributed mode\n1) Create a PAT with `repo` + `workflow` scopes.\n2) Set `HUB_DISPATCH_TOKEN` via CLI:\n ```bash\n python -m cihub setup-secrets --all\n ```\n3) In each target repo:\n ```bash\n python -m cihub init --repo . --apply\n ```\n4) Set `dispatch_enabled: true` in `config/repos/\u003crepo\u003e.yaml`.\n\n## Prerequisites\n\n- Python 3.10+ (3.12 used in CI)\n- GitHub Actions for workflow execution\n- GitHub CLI (`gh`) recommended for dispatching workflows\n\n## Debugging \u0026 Triage\n\nAnalyze CI failures:\n\n```bash\ncihub triage --latest        # Triage most recent failed run\ncihub triage --run \u003cid\u003e      # Triage specific run by ID\n```\n\nEnvironment flags for debugging:\n\n| Flag | Effect |\n|------|--------|\n| `CIHUB_DEBUG=True` | Show tracebacks |\n| `CIHUB_VERBOSE=True` | Show tool logs |\n| `CIHUB_DEBUG_CONTEXT=True` | Show decision/context blocks |\n| `CIHUB_EMIT_TRIAGE=True` | Write triage bundle to `.cihub/` |\n\nTriage outputs: `.cihub/triage.json`, `priority.json`, `triage.md`\n\n## Installation (local development)\n\n```bash\npython3 -m venv .venv\nsource .venv/bin/activate\npip install -r requirements/requirements-dev.txt\n```\n\n## Documentation\n\n| Doc | Description |\n|-----|-------------|\n| [Docs Index](docs/README.md) | Full map of guides, references, and development docs |\n| [Getting Started](docs/guides/GETTING_STARTED.md) | Primary entry point for new users |\n| [CLI Reference](docs/reference/CLI.md) | Generated from `cihub docs generate` |\n| [Config Reference](docs/reference/CONFIG.md) | Generated from schema |\n| [Tools Reference](docs/reference/TOOLS.md) | Tool registry and options |\n| [Troubleshooting](docs/guides/TROUBLESHOOTING.md) | Common issues and fixes |\n| [Development Guide](docs/development/DEVELOPMENT.md) | Maintainer workflow |\n| [Current Status](docs/development/status/STATUS.md) | Refactor progress |\n\n## Contributing\n\nSee [CONTRIBUTING.md](.github/CONTRIBUTING.md).\n\n## Security\n\nSee [SECURITY.md](.github/SECURITY.md).\n\n## License\n\nElastic License 2.0. See [LICENSE](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjguida941%2Fci-cd-hub","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjguida941%2Fci-cd-hub","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjguida941%2Fci-cd-hub/lists"}