Organization-level GitHub configuration and reusable workflows for caelicode.
| Workflow | Purpose |
|---|---|
reusable-python-ci.yml |
Lint + test + coverage with matrix Python versions |
reusable-deploy-ssh.yml |
SSH deployment with retry, health checks, rollback |
reusable-docker-build.yml |
Docker build + push with Buildx caching and multi-platform |
reusable-lint-python.yml |
flake8 + black + isort (legacy) |
reusable-python-setup.yml |
Checkout + Python + pip install |
reusable-node-ci.yml |
Lint + test + coverage with matrix Node.js versions |
reusable-lint-node.yml |
ESLint + npm test (legacy) |
reusable-notify-on-failure.yml |
Email notification via send-email action |
reusable-secret-rotation-reminder.yml |
Monthly issue for secret rotation |
jobs:
ci:
uses: caelicode/.github/.github/workflows/reusable-python-ci.yml@main
with:
python-versions: '["3.10", "3.12", "3.13"]'
linter: ruff
source-dir: src
install-project: true
coverage-threshold: 80jobs:
ci:
uses: caelicode/.github/.github/workflows/reusable-node-ci.yml@main
with:
node-versions: '["18", "20", "22"]'
test-command: npm test
coverage-command: npx jest --coverage --coverageReporters=json-summary
coverage-threshold: 60jobs:
deploy:
uses: caelicode/.github/.github/workflows/reusable-deploy-ssh.yml@main
with:
deploy-script: |
cd /home/app/myproject
git pull origin main
npm install --production
pm2 restart myapp
health-check-url: https://myapp.example.com/health
secrets:
ssh-host: ${{ secrets.SERVER_HOST }}
ssh-username: ${{ secrets.SERVER_USER }}
ssh-key: ${{ secrets.SSH_PRIVATE_KEY }}jobs:
build:
uses: caelicode/.github/.github/workflows/reusable-docker-build.yml@main
with:
image-name: myapp
platforms: linux/amd64,linux/arm64
tag-strategy: shaThe reusable-secret-rotation-reminder.yml workflow runs on the 1st and 15th of each month, creating a GitHub issue that lists all org secrets needing rotation.