https://github.com/sagargupta16/shared-workflows
Reusable GitHub Actions workflows for Node.js, Python, Terraform, Docker, GitHub Pages, and security scanning
https://github.com/sagargupta16/shared-workflows
ci-cd devops github-actions reusable-workflows
Last synced: about 4 hours ago
JSON representation
Reusable GitHub Actions workflows for Node.js, Python, Terraform, Docker, GitHub Pages, and security scanning
- Host: GitHub
- URL: https://github.com/sagargupta16/shared-workflows
- Owner: Sagargupta16
- Created: 2026-05-22T04:53:24.000Z (about 2 months ago)
- Default Branch: main
- Last Pushed: 2026-07-01T15:05:20.000Z (5 days ago)
- Last Synced: 2026-07-01T17:08:55.122Z (5 days ago)
- Topics: ci-cd, devops, github-actions, reusable-workflows
- Size: 12.7 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Sagargupta16/shared-workflows
Reusable GitHub Actions workflows for all my repos. Call them from any repo's CI with a thin `uses:` reference.
## Available workflows
| Workflow | Purpose | Inputs |
|----------|---------|--------|
| `node-ci.yml` | Install + lint + build + test (auto-detects pnpm/npm/yarn) | `node-version`, `run-tests`, `run-lint`, `working-directory` |
| `python-ci.yml` | uv sync + ruff check + ruff format + pytest | `python-version`, `working-directory`, `run-tests` |
| `deploy-gh-pages.yml` | Build + deploy to GitHub Pages | `node-version`, `build-command`, `output-dir`, `working-directory` |
| `docker-build-scan.yml` | Docker buildx + Trivy SARIF scan (no push) | `context`, `dockerfile`, `trivy-severity` |
| `security-scan.yml` | Dependency Review + Trivy filesystem scan | `fail-on-severity` |
| `terraform-ci.yml` | fmt + validate + Checkov SARIF | `working-directory`, `terraform-version` |
| `release.yml` | Tag-triggered build + GitHub Release with changelog | `node-version`, `build-command`, `artifact-path` |
## Usage
```yaml
# .github/workflows/ci.yml in any consumer repo
name: CI
on:
push:
branches: [main]
pull_request:
jobs:
build:
uses: Sagargupta16/shared-workflows/.github/workflows/node-ci.yml@v1
deploy:
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
needs: build
uses: Sagargupta16/shared-workflows/.github/workflows/deploy-gh-pages.yml@v1
with:
output-dir: dist
security:
uses: Sagargupta16/shared-workflows/.github/workflows/security-scan.yml@v1
permissions:
contents: read
security-events: write
```
## Design principles
- **Auto-detect** package manager from lockfile (no manual config)
- **Skip gracefully** if a script doesn't exist (no `lint` script? skip lint step)
- **Minimal inputs** with sensible defaults — most repos need zero config
- **Security by default** — Trivy + Dependency Review on every workflow