Shared reusable GitHub Actions workflows and organization-wide community health defaults for every IDev4life repository.
All usage examples below reference @main for readability, but for any
repository whose CI you care about, pin the workflow to a released tag of
IDev4life/.github (e.g. @v1.0.0). Using @main means every merge into this
repo can change CI behaviour in downstream repos immediately, including
potentially breaking ones.
# Recommended for production
uses: IDev4life/.github/.github/workflows/docker-build.yml@v1.0.0
# Convenient for experiments / internal repos only
uses: IDev4life/.github/.github/workflows/docker-build.yml@mainTags and CHANGELOG.md are produced automatically by
release-please driven by
Conventional Commits:
- Merging
feat:commits tomain→ minor bump (or patch while0.x). - Merging
fix:commits → patch bump. feat!:/BREAKING CHANGE:footer → major bump.- release-please opens a "chore: release X.Y.Z" PR that aggregates the pending changes. Merging that PR creates the git tag + GitHub Release.
- To cut the first
v1.0.0from0.0.0, includeRelease-As: 1.0.0in a commit footer (orBREAKING CHANGE:) before merging.
Tài liệu chi tiết cho từng workflow nằm trong thư mục docs/. Tóm tắt:
| Workflow | Mô tả | Tài liệu |
|---|---|---|
docker-build.yml |
Build & push Docker image (OCI labels, cache, provenance, SBOM) | docs/workflows/docker-build.md |
java-spring-ci.yml |
CI Java / Spring (Maven hoặc Gradle) + JUnit annotation + JaCoCo | docs/workflows/java-spring-ci.md |
node-ci.yml |
CI Node / TS (npm / pnpm / yarn) + JUnit annotation + Codecov | docs/workflows/node-ci.md |
validate.yml |
Validate plugin schema / SKILL.md / links / markdownlint |
docs/workflows/validate.md |
| Workflow | Mô tả | Tài liệu |
|---|---|---|
trivy-scan.yml |
Quét CVE container image, upload SARIF | docs/workflows/trivy-scan.md |
codeql.yml |
CodeQL analysis đa ngôn ngữ | docs/workflows/codeql.md |
| Workflow | Mô tả | Tài liệu |
|---|---|---|
notify-telegram.yml |
Reusable — báo kết quả CI/CD qua Telegram | docs/workflows/notify-telegram.md |
notify-pr.yml |
Standalone — báo PR open/merged/closed qua Telegram | docs/workflows/notify-pr.md |
| Workflow | Mô tả | Tài liệu |
|---|---|---|
stale.yml |
Bot đóng issue/PR không hoạt động | docs/workflows/stale.md |
Actions dependencies are auto-updated weekly via Dependabot. Version pins use exact versions (e.g. @v6.0.2) so Dependabot can track and bump them.
This repository doubles as the special .github repo
for the IDev4life organization. The following files apply as defaults to every
repo in the org that does not ship its own copy:
| File | Scope |
|---|---|
SECURITY.md |
How to report vulnerabilities |
CONTRIBUTING.md |
Default contributing guide |
.github/PULL_REQUEST_TEMPLATE.md |
Default PR template |
.github/ISSUE_TEMPLATE/ |
Default issue templates (bug / feature) |
.github/CODEOWNERS |
Owners of this repo (not inherited by org) |
profile/README.md |
Org profile landing page on github.com/IDev4life |