Reusable workflows for Github Actions
Below is a list of the available (and planned) workflows as I work through them.
The workflows themselves can be found under .github/workflows. They MUST live there otherwise they cannot be called by other projects which is a shame - things would be more organised if Github allowed them to live under any path :(.
Please refer to the Docs for each workflow's usage instructions.
| Workflow | Purpose | Summary of jobs |
|---|---|---|
| container | Build, push and test container images | Build & Push -> Hadolint & Dockle Lint & Trivy Image Scan |
| container-oidc | As above but using OIDC authentication | Build & Push -> Hadolint & Dockle Lint & Trivy Image Scan |
| DAST Testing | Coming Soon | Coming Soon |
| delete-cloud-function | Coming Soon | Coming Soon |
| delete-cloud-run | Removes Cloud Run deployment and Github Environment | Delete Cloud Run & Delete Github Environment |
| delete-cloud-scheduler | Coming Soon | Coming Soon |
| deploy-cloud-function | Coming Soon | Coming Soon |
| deploy-cloud-run | Deploy a Cloud Run service with optional deployment metrics | Deploy Start Metric -> Deploy Cloud Run -> Deploy End Metric |
| deploy-cloud-scheduler | Coming Soon | Coming Soon |
| go-tests | Test Go project for functionality & quality | Code Quality, gosec SAST and Unit Tests |
| java-tests | Test Java Maven project for functionality & quality | Code Quality, Polaris SAST and Unit Tests |
| node-tests | Test NodeJS project for functionality & quality | ESLint, njsscan(SAST) and Unit Tests |
| semantic-release | Create releases based on semantic commits | Semantic-release using this repository's config or your own |
| source-protection | Check commits for credentials and commit conventions | Gitleaks, STACS & CommitLint |
| terraform-apply | Coming Soon | Coming Soon |
| terraform-tests | Tests and plans an environment's terraform configuration | tfsec, tflint, terraform validate, & terraform plan |