{"id":50914624,"url":"https://github.com/mogenius/github-actions","last_synced_at":"2026-06-16T14:00:28.439Z","repository":{"id":340798428,"uuid":"1167375343","full_name":"mogenius/github-actions","owner":"mogenius","description":null,"archived":false,"fork":false,"pushed_at":"2026-06-01T12:47:12.000Z","size":16,"stargazers_count":0,"open_issues_count":1,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-01T14:18:32.620Z","etag":null,"topics":["github-actions"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mogenius.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-26T08:21:41.000Z","updated_at":"2026-06-01T12:48:06.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/mogenius/github-actions","commit_stats":null,"previous_names":["mogenius/github-actions"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/mogenius/github-actions","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mogenius%2Fgithub-actions","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mogenius%2Fgithub-actions/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mogenius%2Fgithub-actions/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mogenius%2Fgithub-actions/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mogenius","download_url":"https://codeload.github.com/mogenius/github-actions/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mogenius%2Fgithub-actions/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34408788,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-16T02:00:06.860Z","response_time":126,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["github-actions"],"created_at":"2026-06-16T14:00:15.158Z","updated_at":"2026-06-16T14:00:28.431Z","avatar_url":"https://github.com/mogenius.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# mogenius/github-actions\n\nReusable GitHub Actions workflows for the mogenius platform.\n\nAlways pin calls to a full commit SHA to guarantee reproducibility:\n\n```yaml\nuses: mogenius/github-actions/.github/workflows/\u003cworkflow\u003e.yml@\u003csha\u003e # main\n```\n\n---\n\n## Workflows\n\n### `semantic-release.yml` — Prepare Version\n\nRuns [semantic-release](https://semantic-release.gitbook.io/) to determine the next version and outputs build metadata for downstream jobs. Supports GitHub App auth or a PAT.\n\n#### Secrets\n\n| Name | Description |\n|------|-------------|\n| `APP_ID` | GitHub App client ID (use with `APP_PRIVATE_KEY`) |\n| `APP_PRIVATE_KEY` | GitHub App private key |\n| `RELEASE_TOKEN` | PAT alternative to App auth |\n\nEither `RELEASE_TOKEN` or both App secrets must be set.\n\n#### Inputs\n\n| Name | Default | Description |\n|------|---------|-------------|\n| `version_override` | `''` | Pin an explicit version, bypassing semantic-release |\n| `default_version` | `'dev'` | Fallback version when no release is created |\n| `dry_run` | `false` | Run semantic-release without creating a tag or release |\n| `ref` | `''` | Git ref to checkout (defaults to the triggering ref) |\n| `runner` | `'self-hosted'` | Runner label for the prepare job |\n\n#### Outputs\n\n| Name | Description |\n|------|-------------|\n| `version` | Resolved version (`version_override` \u003e semver \u003e `default_version`) |\n| `semver` | Semver string without `v` prefix; empty if no release was created |\n| `is_release` | `'true'` when semantic-release published a new release |\n| `commit_hash` | Short commit hash |\n| `git_branch` | Branch name |\n| `build_timestamp` | ISO 8601 build timestamp |\n\n#### Example\n\n```yaml\nprepare:\n  uses: mogenius/github-actions/.github/workflows/semantic-release.yml@\u003csha\u003e # main\n  secrets:\n    APP_ID: ${{ secrets.RELEASE_APP_ID }}\n    APP_PRIVATE_KEY: ${{ secrets.RELEASE_APP_SECRET }}\n  with:\n    default_version: 'dev'\n```\n\n---\n\n### `build-multiarch.yml` — Build Multi-Arch Container\n\nBuilds a Docker image natively on amd64 and arm64 runners, cross-compiles armv7 on amd64 via QEMU, then assembles a combined multi-arch manifest.\n\n`COMMIT_HASH`, `GIT_BRANCH`, `BUILD_TIMESTAMP`, and `VERSION` are always injected as build args. Use `build_args` for args shared across all architectures and the per-arch variants for anything that differs (e.g. arch-specific base images).\n\n#### Inputs\n\n| Name | Required | Default | Description |\n|------|----------|---------|-------------|\n| `version` | yes | — | Image version tag |\n| `image` | yes | — | Full image path without tag (e.g. `ghcr.io/myorg/myimage`) |\n| `registry` | no | `ghcr.io` | Container registry hostname for `docker login` |\n| `dockerfile` | no | `./Dockerfile` | Path to Dockerfile |\n| `context` | no | `.` | Docker build context path |\n| `architectures` | no | `amd64,arm64,armv7` | Comma-separated architectures to build |\n| `build_args` | no | `''` | Build args injected into every arch build |\n| `build_args_amd64` | no | `''` | Extra build args for the amd64 job only |\n| `build_args_arm64` | no | `''` | Extra build args for the arm64 job only |\n| `build_args_armv7` | no | `''` | Extra build args for the armv7 job only |\n| `build_secrets` | no | `''` | Docker build secrets as literal `id=value` pairs — values cannot be secret references |\n| `build_secret_envs` | no | `''` | Mount env vars as docker build secrets (multiline `id=envname`). Use this for secrets — `GITHUB_TOKEN` is always available, others require `secrets: inherit` |\n| `push_latest` | no | `true` | Push a `:latest` tag alongside the version tag |\n| `runner_amd64` | no | `arc-runner-set-amd64` | Runner label for amd64 native builds |\n| `runner_arm64` | no | `arc-runner-set-arm64` | Runner label for arm64 native builds |\n| `runner_armv7` | no | `self-hosted` | Runner label for armv7 builds |\n\n#### Outputs\n\n| Name | Description |\n|------|-------------|\n| `digest_amd64` | Image digest for amd64 |\n| `digest_arm64` | Image digest for arm64 |\n| `digest_armv7` | Image digest for armv7 |\n\n#### Example\n\n```yaml\nbuild:\n  needs: [prepare]\n  uses: mogenius/github-actions/.github/workflows/build-multiarch.yml@\u003csha\u003e # main\n  secrets: inherit\n  with:\n    version: ${{ needs.prepare.outputs.version }}\n    image: ghcr.io/myorg/myimage\n    build_args: |\n      DEV_BUILD=yes\n    build_args_amd64: |\n      BASE_IMAGE=ghcr.io/myorg/base:latest-amd64\n    build_args_arm64: |\n      BASE_IMAGE=ghcr.io/myorg/base:latest-arm64\n    build_args_armv7: |\n      BASE_IMAGE=ghcr.io/myorg/base:latest-armv7\n    build_secret_envs: |\n      GITHUB_NPM_TOKEN=GITHUB_TOKEN\n      MY_SECRET=MY_SECRET\n```\n\n---\n\n### `gitops-deploy.yml` — GitOps Deploy\n\nUpdates an image tag in a GitOps repository (e.g. an ArgoCD application YAML) and commits the change. Matches the tag line using a [Renovate](https://docs.renovatebot.com/) `datasource=docker depName=` annotation comment. Supports GitHub App auth or a PAT.\n\n#### Secrets\n\n| Name | Description |\n|------|-------------|\n| `APP_ID` | GitHub App client ID (use with `APP_PRIVATE_KEY`) |\n| `APP_PRIVATE_KEY` | GitHub App private key |\n| `RELEASE_TOKEN` | PAT alternative to App auth |\n\nEither `RELEASE_TOKEN` or both App secrets must be set. The app or PAT must have write access to the gitops repository.\n\n#### Inputs\n\n| Name | Required | Default | Description |\n|------|----------|---------|-------------|\n| `version` | yes | — | Version tag to deploy |\n| `repository` | yes | — | GitOps repository to update (e.g. `org/repo`) |\n| `file` | yes | — | Path to the application YAML file within the repository |\n| `package` | yes | — | Full image name matching the `depName=` annotation (e.g. `ghcr.io/myorg/myimage`) |\n| `ref` | no | `'main'` | Branch to checkout and push to |\n| `runner` | no | `'self-hosted'` | Runner label for the deploy job |\n\n#### Example\n\n```yaml\ndeploy:\n  if: needs.prepare.outputs.is_release == 'true'\n  needs: [prepare, build]\n  uses: mogenius/github-actions/.github/workflows/gitops-deploy.yml@\u003csha\u003e # main\n  secrets:\n    APP_ID: ${{ secrets.GITOPS_APP_ID }}\n    APP_PRIVATE_KEY: ${{ secrets.GITOPS_APP_PRIVATE_KEY }}\n  with:\n    version: ${{ needs.prepare.outputs.version }}\n    repository: myorg/my-argocd-applications\n    file: dev/my-service/application.yaml\n    package: ghcr.io/myorg/my-service\n```\n\n---\n\n### `automerge-approved.yml` — Automerge\n\nScans all open PRs in the repository and merges those carrying a configurable label (default: `automerge-approved`). Only PRs in a `CLEAN` merge state (all checks passed, no conflicts) are merged; others are reported as skipped. Supports GitHub App auth, a PAT, or the default `GITHUB_TOKEN`.\n\n#### Secrets\n\n| Name | Description |\n|------|-------------|\n| `APP_ID` | GitHub App client ID (use with `APP_PRIVATE_KEY`) |\n| `APP_PRIVATE_KEY` | GitHub App private key |\n| `RELEASE_TOKEN` | PAT alternative to App auth |\n\nAll secrets are optional. When none are provided the job uses the default `GITHUB_TOKEN`.\n\n#### Inputs\n\n| Name | Required | Default | Description |\n|------|----------|---------|-------------|\n| `label` | no | `'automerge-approved'` | Label that marks PRs eligible for merging |\n| `merge_method` | no | `'squash'` | Merge method: `merge`, `squash`, or `rebase` |\n| `delete_branch` | no | `true` | Delete the head branch after a successful merge |\n| `runner` | no | `'self-hosted'` | Runner label |\n\n#### Example\n\n```yaml\nautomerge:\n  uses: mogenius/github-actions/.github/workflows/automerge-approved.yml@\u003csha\u003e # main\n  secrets:\n    APP_ID: ${{ secrets.RELEASE_APP_ID }}\n    APP_PRIVATE_KEY: ${{ secrets.RELEASE_APP_SECRET }}\n  with:\n    merge_method: squash\n```\n\n---\n\n### `go-build.yml` — Go Build\n\nCompiles all packages in a Go module with `go build ./...`.\n\n#### Inputs\n\n| Name | Required | Default | Description |\n|------|----------|---------|-------------|\n| `path` | no | `'.'` | Working directory (path to module root) |\n| `go_version` | no | `'stable'` | Go version to use |\n| `output` | no | `''` | Output binary path passed to `-o` (omit to skip) |\n| `ldflags` | no | `''` | Linker flags passed to `-ldflags` |\n| `runner` | no | `'self-hosted'` | Runner label |\n\n#### Example\n\n```yaml\nbuild:\n  uses: mogenius/github-actions/.github/workflows/go-build.yml@\u003csha\u003e # main\n  with:\n    go_version: '1.24.x'\n    ldflags: '-X main.version=${{ needs.prepare.outputs.version }}'\n```\n\n---\n\n### `go-test.yml` — Go Test\n\nRuns `go test ./...` with optional race detector and test filtering.\n\n#### Inputs\n\n| Name | Required | Default | Description |\n|------|----------|---------|-------------|\n| `path` | no | `'.'` | Working directory (path to module root) |\n| `go_version` | no | `'stable'` | Go version to use |\n| `race` | no | `false` | Enable race detector (`-race`) |\n| `run` | no | `''` | Test filter passed to `-run` |\n| `args` | no | `''` | Extra arguments passed to `go test` |\n| `runner` | no | `'self-hosted'` | Runner label |\n\n#### Example\n\n```yaml\ntest:\n  uses: mogenius/github-actions/.github/workflows/go-test.yml@\u003csha\u003e # main\n  with:\n    go_version: '1.24.x'\n    race: true\n```\n\n---\n\n### `golangci-lint.yml` — golangci-lint\n\nRuns [golangci-lint](https://golangci-lint.run/) via the official action. Respects a `.golangci.yml` config in the repository if present.\n\n#### Inputs\n\n| Name | Required | Default | Description |\n|------|----------|---------|-------------|\n| `path` | no | `'.'` | Working directory (path to module root) |\n| `go_version` | no | `'stable'` | Go version to use |\n| `golangci_lint_version` | no | `'v1.64.8'` | golangci-lint version (Renovate-tracked) |\n| `args` | no | `''` | Extra arguments passed to `golangci-lint run` |\n| `runner` | no | `'self-hosted'` | Runner label |\n\n#### Example\n\n```yaml\nlint:\n  uses: mogenius/github-actions/.github/workflows/golangci-lint.yml@\u003csha\u003e # main\n  with:\n    go_version: '1.24.x'\n    args: '--timeout 5m'\n```\n\n---\n\n### `helm-lint.yml` — Helm Lint\n\nRuns `helm lint` against a chart directory.\n\n#### Inputs\n\n| Name | Required | Default | Description |\n|------|----------|---------|-------------|\n| `path` | yes | — | Path to the Helm chart directory |\n| `runner` | no | `'self-hosted'` | Runner label |\n\n#### Example\n\n```yaml\nlint:\n  uses: mogenius/github-actions/.github/workflows/helm-lint.yml@\u003csha\u003e # main\n  with:\n    path: ./charts/my-service\n```\n\n---\n\n### `helm-template.yml` — Helm Template\n\nRenders a chart with `helm template` to validate manifests without a cluster. Supports inline values and `--set` overrides.\n\n#### Inputs\n\n| Name | Required | Default | Description |\n|------|----------|---------|-------------|\n| `path` | yes | — | Path to the Helm chart directory |\n| `values` | no | `''` | Inline values YAML passed via `-f` (written to a temp file) |\n| `set` | no | `''` | Additional `--set` overrides, one `key=value` per line |\n| `release_name` | no | `'release'` | Helm release name used during templating |\n| `namespace` | no | `'default'` | Kubernetes namespace used during templating |\n| `update_dependencies` | no | `false` | Run `helm dependency update` before templating |\n| `runner` | no | `'self-hosted'` | Runner label |\n\n#### Example\n\n```yaml\ntemplate:\n  uses: mogenius/github-actions/.github/workflows/helm-template.yml@\u003csha\u003e # main\n  with:\n    path: ./charts/my-service\n    values: |\n      replicaCount: 2\n      image:\n        tag: latest\n    set: |\n      ingress.enabled=true\n```\n\n---\n\n### `helm-unittest.yml` — Helm Unit Tests\n\nRuns [helm-unittest](https://github.com/helm-unittest/helm-unittest) against a chart directory.\n\n#### Inputs\n\n| Name | Required | Default | Description |\n|------|----------|---------|-------------|\n| `path` | yes | — | Path to the Helm chart directory |\n| `test_files` | no | `'unittests/**/*.yaml'` | Glob pattern for test files relative to the chart directory |\n| `strict` | no | `true` | Run helm-unittest with `--strict` flag |\n| `helm_unittest_version` | no | `'v1.1.0'` | Version of the helm-unittest plugin to install |\n| `update_dependencies` | no | `false` | Run `helm dependency update` before running tests |\n| `runner` | no | `'self-hosted'` | Runner label |\n\n#### Example\n\n```yaml\nunittest:\n  uses: mogenius/github-actions/.github/workflows/helm-unittest.yml@\u003csha\u003e # main\n  with:\n    path: ./charts/my-service\n    test_files: 'tests/**/*.yaml'\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmogenius%2Fgithub-actions","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmogenius%2Fgithub-actions","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmogenius%2Fgithub-actions/lists"}