Skip to main content

infra-ci

Shared reusable CI/CD workflows, security scanning configs, and build automation for devarno.cloud.
CategoryInfrastructure
StackGitHub Actions
StatusScaffolding

Overview

Centralized CI/CD workflows consumed by all service and frontend repositories via GitHub Actions’ reusable workflow mechanism.

Dependencies

None — foundational repository.

Structure

.github/workflows/    # Reusable workflow definitions
  ├── ci-lint.yml
  ├── ci-test.yml
  ├── ci-security.yml
  ├── ci-build.yml
  ├── ci-integration.yml
  ├── ci-image-scan.yml
  ├── cd-staging.yml
  └── cd-production.yml
actions/              # Composite actions

Pipeline Stages

  1. Lint & Format
  2. Unit Tests (coverage >80%)
  3. Security Scanning (Semgrep, Snyk, truffleHog)
  4. Build Artifacts (Docker multi-stage)
  5. Integration Tests
  6. Image Scanning (Trivy)
  7. Deploy to Staging
  8. Manual Approval → Production

Architecture

Part of the devarno.cloud platform. See .github for overview.