{"id":45764477,"url":"https://github.com/slice-soft/ss-pipeline","last_synced_at":"2026-04-17T02:04:36.145Z","repository":{"id":340660344,"uuid":"934529289","full_name":"slice-soft/ss-pipeline","owner":"slice-soft","description":"Reusable GitHub Actions workflows — CI Go/Node, Docker, CDN deploy, release-please","archived":false,"fork":false,"pushed_at":"2026-03-29T21:54:55.000Z","size":151,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-03T04:53:09.675Z","etag":null,"topics":["ci-cd","github-actions","reusable-workflows","slicesoft"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/slice-soft.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-02-18T01:40:35.000Z","updated_at":"2026-03-29T21:54:45.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/slice-soft/ss-pipeline","commit_stats":null,"previous_names":["slice-soft/ss-pipeline"],"tags_count":47,"template":false,"template_full_name":null,"purl":"pkg:github/slice-soft/ss-pipeline","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/slice-soft%2Fss-pipeline","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/slice-soft%2Fss-pipeline/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/slice-soft%2Fss-pipeline/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/slice-soft%2Fss-pipeline/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/slice-soft","download_url":"https://codeload.github.com/slice-soft/ss-pipeline/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/slice-soft%2Fss-pipeline/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31418288,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-04T20:09:54.854Z","status":"ssl_error","status_checked_at":"2026-04-04T20:09:44.350Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ci-cd","github-actions","reusable-workflows","slicesoft"],"created_at":"2026-02-26T00:11:55.224Z","updated_at":"2026-04-17T02:04:36.140Z","avatar_url":"https://github.com/slice-soft.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# ss-pipeline — Reusable GitHub Actions Workflows\n\nA collection of reusable GitHub Actions workflows for automating CI/CD, code analysis, Docker image builds, and release management across all SliceSoft repositories.\n\n---\n\n## Available Workflows\n\n### `ci-go.yml` — Go CI\n\nRuns tests, static analysis, and build for Go projects.\n\n**Inputs**\n- `go-version` (string, optional) — Go version to use. Default: `\"1.21\"`\n\n**Steps:** Go setup with cache → `go mod download` → `go vet` → `go test` with coverage → `go build`\n\n```yaml\njobs:\n  ci:\n    uses: slice-soft/ss-pipeline/.github/workflows/ci-go.yml@v0\n    with:\n      go-version: \"1.21\"\n```\n\n---\n\n### `ci-node.yml` — Node.js CI\n\nRuns tests, linting, and build for Node.js projects.\n\n**Inputs**\n- `node-version` (string, optional) — Node.js version to use. Default: `\"22\"`\n\n**Steps:** Node.js setup → smart `node_modules` cache → install → test → lint → build\n\n```yaml\njobs:\n  ci:\n    uses: slice-soft/ss-pipeline/.github/workflows/ci-node.yml@v0\n    with:\n      node-version: \"22\"\n```\n\n---\n\n### `build-node.yml` — Node.js Build + Artifact\n\nCheckout, `npm ci`, build, and upload artifact for downstream jobs.\n\n**Inputs**\n- `node-version` — Node.js version\n- `build-command` — Build command. Default: `npm run build`\n- `artifact-name` (required) — Name of the uploaded artifact\n- `artifact-path` — Path to upload. Default: `dist/`\n- `version` — Injected as `VERSION` env var\n- `retention-days` — Artifact retention days\n\n```yaml\njobs:\n  build:\n    uses: slice-soft/ss-pipeline/.github/workflows/build-node.yml@v0\n    with:\n      artifact-name: my-dist\n      version: ${{ needs.release.outputs.tag_name }}\n```\n\n---\n\n### `validate-pr.yml` — PR Label Validation\n\nValidates that PRs have a semver label before merging.\n\n**Required:** at least one of `patch`, `minor`, `major` must be present.\n\n```yaml\njobs:\n  validate:\n    uses: slice-soft/ss-pipeline/.github/workflows/validate-pr.yml@v0\n```\n\n---\n\n### `create-release.yml` — Automated Release\n\nGenerates a CHANGELOG from Conventional Commits, creates a version tag, and publishes a GitHub Release using `release-please`.\n\n```yaml\npermissions:\n  contents: write\n  pull-requests: write\n\njobs:\n  release:\n    uses: slice-soft/ss-pipeline/.github/workflows/create-release.yml@v0\n```\n\n`create-release.yml` now supports two modes:\n\n- `release_strategy: stable` keeps the current behavior and reads `release-please-config.json` plus `.release-please-manifest.json`.\n- `release_strategy: rc` expects the caller workflow to run on both `release` and `main`. It reads `release-please-config.rc.json` plus `.release-please-manifest.rc.json` on `release`, and falls back to the stable files on `main`.\n\nExample opt-in for RC repositories:\n\n```yaml\non:\n  push:\n    branches:\n      - main\n      - release\n\njobs:\n  release:\n    uses: slice-soft/ss-pipeline/.github/workflows/create-release.yml@v0\n    with:\n      release_strategy: rc\n    secrets: inherit\n```\n\n---\n\n### `promote-release.yml` — Promote RC to Stable\n\nOpens a PR from `release` to `main` using the latest `*-rc.N` tag merged in the release branch.\n\n```yaml\njobs:\n  promote:\n    uses: slice-soft/ss-pipeline/.github/workflows/promote-release.yml@v0\n    with:\n      confirm: true\n    secrets: inherit\n```\n\n---\n\n### `validate-release-source.yml` — Require `release -\u003e main`\n\nFails PR validation when a repository with RC flow receives a pull request into `main` from any branch other than `release`.\n\n```yaml\njobs:\n  release-source:\n    name: release-source\n    uses: slice-soft/ss-pipeline/.github/workflows/validate-release-source.yml@v0\n```\n\n---\n\n### `deploy-cdn-cloudflare.yml` — CDN Deploy to Cloudflare R2\n\nDownloads an artifact and syncs it to a Cloudflare R2 bucket. Supports versioned (`v{version}/`) and `latest/` paths.\n\n**Inputs**\n- `artifact-name` (required) — Artifact to download and deploy\n- `destination-prefix` — R2 path prefix (e.g. `design-system/`)\n- `version` — Version string (with or without `v`)\n- `upload-latest` — Also sync to `latest/`. Default: `true`\n\n**Secrets required:** `R2_ACCESS_KEY_ID`, `R2_SECRET_ACCESS_KEY`, `R2_ENDPOINT`, `R2_BUCKET`, `CDN_BASE_URL`\n\n```yaml\njobs:\n  deploy:\n    uses: slice-soft/ss-pipeline/.github/workflows/deploy-cdn-cloudflare.yml@v0\n    with:\n      artifact-name: cdn-dist\n      destination-prefix: design-system/\n      version: ${{ needs.release.outputs.tag_name }}\n    secrets: inherit\n```\n\n---\n\n### `analyze-code.yml` — Code Analysis\n\nUses GitHub Linguist to analyze the languages present in the repository and uploads a report artifact.\n\n**Inputs**\n- `workdir` (string, optional) — Working directory. Default: `\".\"`\n\n---\n\n### `build-docker.yml` — Docker Build \u0026 Push\n\nBuilds and publishes a Docker image to GitHub Container Registry.\n\n**Inputs**\n- `workdir` (required) — Working directory\n- `dockerfile` (required) — Dockerfile path\n- `image_name` (required) — Docker image name\n- `version` (required) — Version tag for the image\n\n**Secrets:** `SSH_PRIVATE_KEY` (required for private repo access during build)\n\n---\n\n### `tf-docs.yml` — Terraform Module Docs + PR\n\nGenerates Terraform module documentation with `terraform-docs`, injects the output between `\u003c!-- BEGIN_TF_DOCS --\u003e` and `\u003c!-- END_TF_DOCS --\u003e`, and opens a PR against `main` instead of pushing directly.\n\n**Inputs**\n- `module-paths` — Newline-separated list of module directories. Default: `.`\n- `output-file` — README file name inside each module. Default: `README.md`\n- `require-markers` — Fails if an existing README does not contain the TF docs markers. Default: `true`\n- `branch` — Optional PR branch name. If omitted, an ephemeral branch is generated.\n\n**Secret required:** `token` with `contents` and `pull-requests` write permissions on the target repo.\n\n```yaml\njobs:\n  docs:\n    uses: slice-soft/ss-pipeline/.github/workflows/tf-docs.yml@v0\n    with:\n      module-paths: |\n        .\n        modules/network\n    secrets:\n      token: ${{ secrets.GITHUB_TOKEN }}\n```\n\nExpected README placeholder in each module:\n\n```md\n\u003c!-- BEGIN_TF_DOCS --\u003e\n\u003c!-- END_TF_DOCS --\u003e\n```\n\nThis workflow runs step by step inside the reusable workflow, uses `terraform-docs/gh-actions@v1.4.1` in `inject` mode, and opens a PR only when documentation changes are detected.\n\n---\n\n## Requirements per workflow\n\n| Workflow | Requirement |\n|---|---|\n| `ci-go.yml` | `go.mod` present, standard Go tests |\n| `ci-node.yml` | `package.json` + `package-lock.json` |\n| `build-node.yml` | `package.json` + `package-lock.json` |\n| `create-release.yml` | Conventional Commits, write permissions |\n| `deploy-cdn-cloudflare.yml` | R2 secrets configured, artifact uploaded |\n| `build-docker.yml` | Dockerfile, GitHub Container Registry configured |\n| `tf-docs.yml` | Terraform module directories, `README.md` marker block for injection-only updates |\n\n---\n\n## Repository Permissions\n\nEnsure your repository has the correct settings under `Settings \u003e Actions \u003e General`:\n\n- Actions permissions: **Allow all actions and reusable workflows**\n- Workflow permissions: **Read and write permissions**\n\n---\n\n## Commit Conventions\n\nAll SliceSoft repos follow [Conventional Commits](https://www.conventionalcommits.org/):\n\n```\nfeat: new feature        → MINOR\nfix: bug fix             → PATCH\nfeat!: breaking change   → MAJOR\ndocs: documentation\nrefactor: refactoring\nchore: tooling / config\nci: CI/CD changes\n```\n\n## Semver PR Labels\n\nThe `validate-pr.yml` workflow requires one of:\n\n| Label | Meaning | Version impact |\n|---|---|---|\n| `patch` | Bug fix or small improvement | 1.0.**x** |\n| `minor` | New non-breaking feature | 1.**x**.0 |\n| `major` | Breaking change | **x**.0.0 |\n\n---\n\n## Contributing\n\nSee [CONTRIBUTING.md](./CONTRIBUTING.md) for repository-specific rules.\nThe base workflow, commit conventions, and community standards live in [ss-community](https://github.com/slice-soft/ss-community/blob/main/CONTRIBUTING.md).\n\n## Community\n\n| Document | |\n|---|---|\n| [CONTRIBUTING.md](https://github.com/slice-soft/ss-community/blob/main/CONTRIBUTING.md) | Workflow, commit conventions, and PR guidelines |\n| [GOVERNANCE.md](https://github.com/slice-soft/ss-community/blob/main/GOVERNANCE.md) | Decision-making, roles, and release process |\n| [CODE_OF_CONDUCT.md](https://github.com/slice-soft/ss-community/blob/main/CODE_OF_CONDUCT.md) | Community standards |\n| [SECURITY.md](https://github.com/slice-soft/ss-community/blob/main/SECURITY.md) | How to report vulnerabilities |\n\n---\n\nSliceSoft — Colombia 💙\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fslice-soft%2Fss-pipeline","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fslice-soft%2Fss-pipeline","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fslice-soft%2Fss-pipeline/lists"}