ghndrx/github-actions-library
1
0
Fork 0
mirror of https://github.com/ghndrx/github-actions-library.git synced 2026-02-10 06:45:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
3 Commits 1 Branch 0 Tags
03325f57841956f7d829058e374161199c4e7496
Commit Graph

3 Commits

Author SHA1 Message Date
Greg Hendrickson
03325f5784 feat(docker): add Docker CI/CD reusable workflow 
- OIDC authentication to GHCR (keyless, no secrets required)
- Multi-platform builds (linux/amd64, linux/arm64)
- SBOM generation and attestation
- Build provenance attestation
- Trivy vulnerability scanning with SARIF upload
- GitHub Actions cache for layer reuse
- Semantic version tagging from git refs
- All actions pinned to SHA for supply chain security

Follows 2026 GitHub Actions security best practices:
- Pin dependencies by SHA
- Generate software attestations
- Scan for vulnerabilities before push
 2026-02-08 18:02:08 +00:00
Greg Hendrickson
93dad2156e feat: Add Python CI workflow with UV package manager 
- Add setup-python-uv composite action for fast cached Python setup
- Add python-ci.yml reusable workflow with:
  - Ruff linting and formatting
  - Pyright type checking
  - Matrix pytest with coverage enforcement
  - Bandit security scanning (SARIF upload)
- Update README with comprehensive documentation
- Based on 2025 best practices using astral-sh/setup-uv@v5
 2026-02-01 18:01:49 +00:00
Greg Hendrickson
68211418a5 feat: initial github actions library structure 2026-01-31 06:53:41 +00:00