This repository provides reusable GitHub Actions and reusable workflows for common CI, release, package publication, deployment, monorepo, and verification tasks.
| Document | Purpose |
|---|---|
docs/reusable-component-map.md |
Component map from deduped workflow analysis to reusable action/workflow surfaces. |
docs/missing-reusable-workflow-families.md |
Expanded gap analysis for reusable workflow families not covered by the initial catalog. |
docs/actions/setup-node-project.md |
Setup Node, install dependencies, and optionally run build/test commands. |
docs/actions/node-lint-typecheck.md |
Set up Node and run lint, typecheck, test, and build checks. |
docs/actions/js-framework-ci.md |
Run Vite, Svelte, Vue, React, or generic frontend CI checks. |
docs/actions/playwright-ci.md |
Run Playwright e2e tests and upload reports, traces, screenshots, and videos. |
docs/actions/build-and-commit-dist.md |
Build frontend dist output and commit changed generated files. |
docs/actions/python-uv.md |
Set up Python with uv, install dependencies, compute optional monorepo PYTHONPATH, and run validation. |
docs/actions/tox-ci.md |
Set up Python, install tox, and run tox environments. |
docs/actions/python-package-ci.md |
Run Python package compile, test, docs, build, and artifact checks across package cells. |
docs/actions/python-package-build.md |
Build Python package distributions with uv build and upload artifacts. |
docs/actions/rust-cargo-ci.md |
Set up Rust and run Cargo fmt, clippy, test, build, and docs checks. |
docs/actions/os-matrix-cell.md |
Run one Node, Python, Rust, or generic validation cell on the current runner OS. |
docs/actions/cross-platform-command.md |
Run default commands with Linux, macOS, and Windows overrides. |
docs/actions/platform-artifact-build.md |
Build Linux, Windows, or Darwin artifacts and upload outputs. |
docs/actions/android-artifact-build.md |
Build Android APK/AAB artifacts and upload outputs. |
docs/actions/electron-artifact-build.md |
Build Electron desktop installers and upload outputs. |
docs/actions/tauri-artifact-build.md |
Build Tauri desktop bundles and upload outputs. |
docs/actions/deb-package-build.md |
Build Debian packages and upload .deb outputs. |
docs/actions/snap-build.md |
Build Snap packages and upload .snap outputs. |
docs/actions/apt-publish.md |
Publish Debian packages to an APT repository using caller-owned tooling. |
docs/actions/rpm-publish.md |
Publish RPM packages to a YUM/DNF repository using caller-owned tooling. |
docs/actions/snap-publish.md |
Publish Snap packages to Snapcraft. |
docs/actions/brew-publish.md |
Update Homebrew formulae or casks in a tap repository. |
docs/actions/linux-package-publish.md |
Route package publication across APT, RPM, Snapcraft, and Homebrew lanes. |
docs/actions/terraform-plan.md |
Run Terraform init, validate, plan, and upload the plan artifact. |
docs/actions/terraform-apply.md |
Run Terraform apply with optional plan artifact download. |
docs/actions/proxmox-command.md |
Run Proxmox plan/apply commands through caller-owned tooling. |
docs/actions/docs-build.md |
Build documentation and upload generated site artifacts. |
docs/actions/pages-deploy.md |
Upload and deploy GitHub Pages artifacts. |
docs/actions/static-app-build.md |
Build static apps and upload generated output. |
docs/actions/static-app-deploy.md |
Deploy static apps with caller-owned provider commands. |
docs/actions/cloudflare-pages-deploy.md |
Deploy static apps to Cloudflare Pages. |
docs/actions/netlify-deploy.md |
Deploy static apps to Netlify. |
docs/actions/vercel-deploy.md |
Deploy static apps to Vercel. |
docs/actions/monorepo-discover.md |
Discover monorepo package cells and generate matrix JSON. |
docs/actions/uv-monorepo-ci.md |
Run uv-based monorepo package CI cells. |
docs/actions/pnpm-monorepo-ci.md |
Run pnpm-based monorepo package CI cells. |
docs/actions/monorepo-release-train.md |
Execute ordered commands across package cells. |
docs/actions/monorepo-artifact-join.md |
Join matrix artifacts and verify aggregate output. |
docs/actions/changed-files.md |
Detect changed files and derive changed package cells. |
docs/actions/git-commit-generated.md |
Commit generated outputs without assuming a specific artifact path. |
docs/actions/create-pr.md |
Create or update a pull request for generated changes. |
docs/actions/sync-docs.md |
Sync generated docs and open a pull request. |
docs/actions/workflow-dispatch-batches.md |
Dispatch child workflows from JSON batch definitions. |
docs/actions/ssot-validate.md |
Validate SSOT registries and upload validation reports. |
docs/actions/ssot-sync-statuses.md |
Synchronize SSOT implementation status from evidence or repo truth. |
docs/actions/ssot-boundary-gate.md |
Gate work on SSOT boundary scope and frozen readiness. |
docs/actions/ssot-evidence-lane.md |
Run SSOT evidence lanes and upload evidence artifacts. |
docs/actions/ssot-certification-profile.md |
Run SSOT certification profile checks. |
docs/actions/ssot-release-certify.md |
Certify, promote, or publish SSOT release entities. |
docs/actions/docker-compose-service.md |
Restart, rebuild, or collect logs for one Docker Compose service. |
docs/actions/pypi-publish.md |
Publish Python distributions to PyPI or TestPyPI. |
docs/actions/npm-publish.md |
Publish Node packages to npmjs or another npm-compatible registry. |
docs/actions/crates-publish.md |
Publish Rust crates with cargo publish. |
docs/actions/github-release.md |
Create or update GitHub Releases and upload files. |
docs/actions/release-assets.md |
Download artifacts, normalize release assets, and generate checksums. |
docs/actions/version-bump.md |
Bump versions in package manifests, TOML files, and release metadata. |
docs/actions/release-prepare.md |
Compute release tag/name and generate release notes from changelog content. |
docs/actions/changesets-release.md |
Create Changesets version PRs or publish Changesets-managed packages. |
docs/actions/license-scan.md |
Scan package manifests for license declarations and license file coverage. |
docs/actions/package-metadata.md |
Validate package manifest names, versions, descriptions, licenses, readmes, and URLs. |
docs/actions/notice-readme-check.md |
Verify README, NOTICE, LICENSE, and package-name consistency. |
docs/actions/toml-validate.md |
Validate TOML syntax and required package metadata sections. |
docs/actions/codeql.md |
Run CodeQL init, optional autobuild, and analyze. |
docs/actions/dependency-review.md |
Run GitHub dependency review with reusable policy inputs. |
docs/actions/security-gate.md |
Aggregate license, metadata, TOML, dependency review, and CodeQL checks. |
docs/actions/artifact-attestation.md |
Generate build provenance attestations for artifact paths. |
docs/actions/release-attestation.md |
Generate provenance attestations for release asset files. |
docs/actions/sign-artifacts.md |
Sign files with cosign keyless or key-based signing. |
docs/actions/verify-attestations.md |
Verify GitHub artifact attestations and optional cosign signatures. |
Use composite actions when a repository already owns its workflow shape and only wants to avoid repeated step blocks.
| Action | Documentation | Purpose |
|---|---|---|
./actions/setup-node-project |
docs/actions/setup-node-project.md |
Install Node dependencies and optionally run build/test commands in a package directory. |
./actions/node-lint-typecheck |
docs/actions/node-lint-typecheck.md |
Set up Node and run lint, typecheck, test, and build checks. |
./actions/js-framework-ci |
docs/actions/js-framework-ci.md |
Run Vite, Svelte, Vue, React, or generic frontend CI checks. |
./actions/playwright-ci |
docs/actions/playwright-ci.md |
Run Playwright e2e tests and upload reports, traces, screenshots, and videos. |
./actions/build-and-commit-dist |
docs/actions/build-and-commit-dist.md |
Build a Node/Vite-style distribution folder and commit generated output when it changes. |
./actions/python-uv |
docs/actions/python-uv.md |
Set up Python with uv, install dependencies, optionally compute monorepo PYTHONPATH, and run a validation command. |
./actions/tox-ci |
docs/actions/tox-ci.md |
Set up Python, install tox, and run tox environments. |
./actions/python-package-ci |
docs/actions/python-package-ci.md |
Run Python package compile, test, docs, build, and artifact checks across package cells. |
./actions/python-package-build |
docs/actions/python-package-build.md |
Build Python packages with uv build and optionally upload distribution artifacts. |
./actions/rust-cargo-ci |
docs/actions/rust-cargo-ci.md |
Set up Rust and run Cargo fmt, clippy, test, build, and docs checks. |
./actions/os-matrix-cell |
docs/actions/os-matrix-cell.md |
Run one Node, Python, Rust, or generic validation cell on the current runner OS. |
./actions/cross-platform-command |
docs/actions/cross-platform-command.md |
Run default commands with Linux, macOS, and Windows overrides. |
./actions/platform-artifact-build |
docs/actions/platform-artifact-build.md |
Build Linux, Windows, or Darwin artifacts and upload outputs. |
./actions/android-artifact-build |
docs/actions/android-artifact-build.md |
Build Android APK/AAB artifacts and upload outputs. |
./actions/electron-artifact-build |
docs/actions/electron-artifact-build.md |
Build Electron desktop installers and upload outputs. |
./actions/tauri-artifact-build |
docs/actions/tauri-artifact-build.md |
Build Tauri desktop bundles and upload outputs. |
./actions/deb-package-build |
docs/actions/deb-package-build.md |
Build Debian packages and upload .deb outputs. |
./actions/snap-build |
docs/actions/snap-build.md |
Build Snap packages and upload .snap outputs. |
./actions/apt-publish |
docs/actions/apt-publish.md |
Publish Debian packages to an APT repository using caller-owned tooling. |
./actions/rpm-publish |
docs/actions/rpm-publish.md |
Publish RPM packages to a YUM/DNF repository using caller-owned tooling. |
./actions/snap-publish |
docs/actions/snap-publish.md |
Publish Snap packages to Snapcraft. |
./actions/brew-publish |
docs/actions/brew-publish.md |
Update Homebrew formulae or casks in a tap repository. |
./actions/terraform-plan |
docs/actions/terraform-plan.md |
Run Terraform init, validate, plan, and upload the plan artifact. |
./actions/terraform-apply |
docs/actions/terraform-apply.md |
Run Terraform apply with optional plan artifact download. |
./actions/proxmox-command |
docs/actions/proxmox-command.md |
Run Proxmox plan/apply commands through caller-owned tooling. |
./actions/docs-build |
docs/actions/docs-build.md |
Build documentation and upload generated site artifacts. |
./actions/pages-deploy |
docs/actions/pages-deploy.md |
Upload and deploy GitHub Pages artifacts. |
./actions/static-app-build |
docs/actions/static-app-build.md |
Build static apps and upload generated output. |
./actions/static-app-deploy |
docs/actions/static-app-deploy.md |
Deploy static apps with caller-owned provider commands. |
./actions/cloudflare-pages-deploy |
docs/actions/cloudflare-pages-deploy.md |
Deploy static apps to Cloudflare Pages. |
./actions/netlify-deploy |
docs/actions/netlify-deploy.md |
Deploy static apps to Netlify. |
./actions/vercel-deploy |
docs/actions/vercel-deploy.md |
Deploy static apps to Vercel. |
./actions/monorepo-discover |
docs/actions/monorepo-discover.md |
Discover monorepo package cells and generate matrix JSON. |
./actions/uv-monorepo-ci |
docs/actions/uv-monorepo-ci.md |
Run uv-based monorepo package CI cells. |
./actions/pnpm-monorepo-ci |
docs/actions/pnpm-monorepo-ci.md |
Run pnpm-based monorepo package CI cells. |
./actions/monorepo-release-train |
docs/actions/monorepo-release-train.md |
Execute ordered commands across package cells. |
./actions/monorepo-artifact-join |
docs/actions/monorepo-artifact-join.md |
Join matrix artifacts and verify aggregate output. |
./actions/changed-files |
docs/actions/changed-files.md |
Detect changed files and derive changed package cells. |
./actions/git-commit-generated |
docs/actions/git-commit-generated.md |
Commit generated outputs without assuming a specific artifact path. |
./actions/create-pr |
docs/actions/create-pr.md |
Create or update a pull request for generated changes. |
./actions/sync-docs |
docs/actions/sync-docs.md |
Sync generated docs and open a pull request. |
./actions/workflow-dispatch-batches |
docs/actions/workflow-dispatch-batches.md |
Dispatch child workflows from JSON batch definitions. |
./actions/ssot-validate |
docs/actions/ssot-validate.md |
Validate SSOT registries and upload validation reports. |
./actions/ssot-sync-statuses |
docs/actions/ssot-sync-statuses.md |
Synchronize SSOT implementation status from evidence or repo truth. |
./actions/ssot-boundary-gate |
docs/actions/ssot-boundary-gate.md |
Gate work on SSOT boundary scope and frozen readiness. |
./actions/ssot-evidence-lane |
docs/actions/ssot-evidence-lane.md |
Run SSOT evidence lanes and upload evidence artifacts. |
./actions/ssot-certification-profile |
docs/actions/ssot-certification-profile.md |
Run SSOT certification profile checks. |
./actions/ssot-release-certify |
docs/actions/ssot-release-certify.md |
Certify, promote, or publish SSOT release entities. |
./actions/docker-compose-service |
docs/actions/docker-compose-service.md |
Restart, rebuild, or collect logs for one Docker Compose service. |
./actions/pypi-publish |
docs/actions/pypi-publish.md |
Publish Python distributions to PyPI or TestPyPI. |
./actions/npm-publish |
docs/actions/npm-publish.md |
Publish Node packages to npmjs or another npm-compatible registry. |
./actions/crates-publish |
docs/actions/crates-publish.md |
Publish Rust crates with cargo publish. |
./actions/github-release |
docs/actions/github-release.md |
Create or update GitHub Releases and upload files. |
./actions/release-assets |
docs/actions/release-assets.md |
Download artifacts, normalize release assets, and generate checksums. |
./actions/version-bump |
docs/actions/version-bump.md |
Bump versions in package manifests, TOML files, and release metadata. |
./actions/release-prepare |
docs/actions/release-prepare.md |
Compute release tag/name and generate release notes from changelog content. |
./actions/changesets-release |
docs/actions/changesets-release.md |
Create Changesets version PRs or publish Changesets-managed packages. |
./actions/license-scan |
docs/actions/license-scan.md |
Scan package manifests for license declarations and license file coverage. |
./actions/package-metadata |
docs/actions/package-metadata.md |
Validate package manifest names, versions, descriptions, licenses, readmes, and URLs. |
./actions/notice-readme-check |
docs/actions/notice-readme-check.md |
Verify README, NOTICE, LICENSE, and package-name consistency. |
./actions/toml-validate |
docs/actions/toml-validate.md |
Validate TOML syntax and required package metadata sections. |
./actions/codeql |
docs/actions/codeql.md |
Run CodeQL init, optional autobuild, and analyze. |
./actions/dependency-review |
docs/actions/dependency-review.md |
Run GitHub dependency review with reusable policy inputs. |
./actions/security-gate |
docs/actions/security-gate.md |
Aggregate license, metadata, TOML, dependency review, and CodeQL checks. |
./actions/artifact-attestation |
docs/actions/artifact-attestation.md |
Generate build provenance attestations for artifact paths. |
./actions/release-attestation |
docs/actions/release-attestation.md |
Generate provenance attestations for release asset files. |
./actions/sign-artifacts |
docs/actions/sign-artifacts.md |
Sign files with cosign keyless or key-based signing. |
./actions/verify-attestations |
docs/actions/verify-attestations.md |
Verify GitHub artifact attestations and optional cosign signatures. |
External use example:
steps:
- uses: actions/checkout@v4
- uses: cobycloud/actions/actions/python-uv@main
with:
python-version: "3.12"
working-directory: backend
install-command: uv pip install -e . pytest
run-command: uv run pytestUse reusable workflows when a repository wants the full job wrapper.
External use example:
jobs:
python:
uses: cobycloud/actions/.github/workflows/reusable-python-uv-ci.yml@main
with:
working-directory: backend
install-command: uv pip install -e . pytest
run-command: uv run pytestLicensed under the Apache License, Version 2.0. See LICENSE.
Start with docs/reusable-component-map.md for the action-level design and deferred extraction candidates.
The reusable set now covers the first package publication lane, release preparation/version bumping, baseline license/notice/readme/metadata validation, CodeQL, dependency review, aggregate security gates, provenance attestation, cosign signing, attestation/signature verification, Rust/Cargo CI, Node/Python/Rust version fan-out, JavaScript framework CI, Playwright/e2e, tox CI, OS fan-out, platform artifact builds, Android artifacts, Electron/Tauri installers, Debian/Snap builds, apt/rpm/snap/brew publication, Terraform, Proxmox, docs build, Pages deploy, static app deployment, uv/pnpm monorepo CI, monorepo matrix discovery, artifact joining, ordered package release trains, changed-file detection, generated commits, PR creation, docs sync, workflow dispatch batches, and SSOT validation/evidence/certification/release gates. See docs/missing-reusable-workflow-families.md.