Skip to content
/ actions-toolkit Public

Reusable Actions and Workflows for my personal projects

License

MIT license
2 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ckotzbauer/actions-toolkit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1,444 Commits

.github

.github

 
 

__tests__

__tests__

 
 

docker

docker

 
 

grype

grype

 
 

push-release

push-release

 
 

sbom

sbom

 
 

setup-dotnet

setup-dotnet

 
 

setup-go

setup-go

 
 

setup-nodejs

setup-nodejs

 
 

setup-python

setup-python

 
 

setup-syft

setup-syft

 
 

slsa-provenance

slsa-provenance

 
 

CHANGELOG.md

CHANGELOG.md

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

renovate.json

renovate.json

 
 

Repository files navigation

Actions-Toolkit

Reusable Actions and Workflows for my personal projects.

All actions and reusable workflows are designed with transparency and security in mind and can be combined as needed. There are actions for different software ecosystems and languages.

Versioning

The same immutable git-tag is used for all actions and workflows when they are released. There are no floating-tags for this repository available. The versions are semver based. Third-party actions used internally are referenced with git-sha to prevent unexpected updates and ensure the build-system is reproducible.

Workflows

Name Description
Build and test Builds and tests a project with different technologies and tools.
Create default labels Creates a specified set of labels from a config-file.
Label issues Labels issues and PRs by comment-commands.
Lint Lints and checks a project with different technologies and tools.
Release OCI Releases a OCI-Image project with optional Signing (Cosign), SBOM, SLSA provenance generation, Changelog and a GitHub release.
Release GoReleaser Releases a GoReleaser project with a OCI-Image, optional signing (Cosign), SBOM, SLSA provenance generation, Changelog and a GitHub release.
Release Node.js Releases a Node.js project with an optional OCI-Image, NPM-Package, OCI-Signing (Cosign), SBOM, SLSA provenance generation, Changelog and a GitHub release.
Scan Snyk Scans a project with Snyk.
Size Label Assignes Size-Labels to PRs.
Stale Closes stale issues and PRs.
SLSA-Provenance Generates a provenance-file from artifacts (SLSA Level 1). It can be optionally signed and attested with Cosign (SLSA Level 2).

Actions

Name Description
Docker Creates a OCI-Image with multi-arch support. It can be signed with Cosign optionally.
Grype Scans a target for vulnerabilities with grype.
Push-Release Commits and pushes possible changes and creates a GitHub-Release.
SBOM Creates SBOMs from OCI-Images. They can be optionally signed and attested with Cosign.
Setup-Syft Installs the syft binary.

Contributing

Please refer to the Contribution guildelines.

Code of conduct

Please refer to the Conduct guildelines.

Security

Please refer to the Security process.

About

Reusable Actions and Workflows for my personal projects

Topics

workflow actions github-actions

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Security policy

Security policy
Activity

Stars

2 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases 81

0.44.0 Latest
Apr 26, 2024
+ 80 releases

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •