Production-ready GitHub Actions workflows for CI/CD. Self-contained, configurable, and designed for both public and private repositories.
- Choose workflow from Available Workflows
- Copy manifest example to
.github/workflows/{name}.ymlin your repository - Modify pipeline configuration to match your needs - see Docs for all options, required permissions, and supported triggers
- Ensure secrets/vars are configured - follow setup instructions in Docs
- Push and run - enjoy!
💡 Pro Tip: Start from the examples in examples/ and tailor inputs/secrets using the docs.
When calling workflows from this repo, you can pin by:
- Branch:
@master - Tag:
@v1.0.1(or moving major tag like@v1) - Commit SHA:
@<full_sha>
Example:
jobs:
build:
uses: udx/reusable-workflows/.github/workflows/js-ops.yml@v1.0.1When calling any reusable workflow, use the canonical caller patterns in docs/caller-reference/caller-patterns.md and the docs index in docs/README.md:
- Set permissions in the caller job (
contents,packages,id-token) using least privilege. - Use clear
workflow_callinput names (preferlower_snake_case, for exampledeploy_environment). - Prefer trigger filters and workflow inputs (for example
release_branch) over complex job-levelif:gates. - Pass secrets via
jobs.<id>.secretsmapping (for examplegh_token: ${{ secrets.GH_TOKEN }}). - Consume outputs with
needs.<job_id>.outputs.<output_name>.
npm-release-opsuses keyless npm publishing (OIDC); caller inputs are declared in docs and do not includenpm_tokenorpackage_version.docker-opsuses provider-specific declared inputs;registry_urlis not part of this workflow interface.wp-gh-release-opsexpectstag; if your caller usestag_name, map it totag.
| Workflow | Description | Docs | Example |
|---|---|---|---|
| docker-ops | Build, scan, and publish Docker images to multiple registries (Docker Hub, GCP, ACR) with security scanning and SBOM | 📖 Docs | 📋 Example |
| js-ops | Build and validate immutable Next.js standalone bundles, with optional GitHub Release publishing and metadata | 📖 Docs | 📋 Example |
| npm-release-ops | Build and publish npm packages with provenance, versioning, and release automation | 📖 Docs | 📋 Example |
| wp-gh-release-ops | Generate and publish WordPress plugin releases on GitHub | 📖 Docs | 📋 Example |
- Reusable - Designed for
workflow_callconsumption - Self-contained - No internal or proprietary dependencies
- Configurable - Explicit inputs and secrets
- Documented - Complete setup guides and examples
- Automation-friendly - Structured documentation for consistent tooling and team usage
Each template is structured as follows:
- Workflow file (
.github/workflows/) - Template definition with inputs/secrets - Documentation (
docs/) - Setup guides, configuration options, troubleshooting - Examples (
examples/) - Real-world usage patterns with variable/secret patterns
To add a new reusable workflow:
- Create your workflow in
.github/workflows/. - Add a setup guide in
docs/and a usage example inexamples/. - Ensure your workflow inputs follow the standard registry-prefix naming convention in descriptions (e.g.,
Docker Hub: Image Name).
Repository automation workflows (tests, release automation, etc.) are marked with a _ prefix.
MIT License - see LICENSE