ivuorinen/actions - My Reusable GitHub Actions and Workflows
July 3, 2026 ยท View on GitHub
Overview
This repository contains a collection of reusable GitHub Actions designed to streamline CI/CD processes and ensure code quality.
Each action is fully self-contained and can be used independently in any GitHub repository.
Key Features
- Production-Ready Actions covering setup, linting, building, testing, and deployment
- Self-Contained Design - each action works independently without dependencies
- External Usage Ready - use any action with pinned refs:
ivuorinen/actions/action-name@2025-01-15or@<commit-sha>for supply-chain security - Multi-Language Support including Node.js, PHP, Python, Go, C#, and more
- Standardized Patterns with consistent error handling and input/output interfaces
- Comprehensive Testing with dual testing framework (ShellSpec + pytest)
- Modular Build System using Makefile for development and maintenance
๐ Action Catalog
This repository contains 25 reusable GitHub Actions for CI/CD automation.
Quick Reference (25 Actions)
| Icon | Action | Category | Description | Key Features |
|---|---|---|---|---|
| ๐ฆ | ansible-lint-fix | Linting | Lints and fixes Ansible playbooks, commits changes, and uplo... | Caching, Auto-detection, Token auth, Outputs |
| โ | biome-lint | Linting | Run Biome linter in check or fix mode | Caching, Auto-detection, Token auth, Outputs |
| ๐ก๏ธ | codeql-analysis | Repository | Run CodeQL security analysis for a single language with conf... | Auto-detection, Token auth, Outputs |
| ๐ผ๏ธ | compress-images | Repository | Compress images on demand (workflow_dispatch), and at 11pm e... | Token auth, Outputs |
| ๐ | csharp-build | Build | Builds and tests C# projects. | Caching, Auto-detection, Token auth, Outputs |
| ๐ | csharp-lint-check | Linting | Runs linters like StyleCop or dotnet-format for C# code styl... | Caching, Auto-detection, Token auth, Outputs |
| ๐ฆ | csharp-publish | Publishing | Publishes a C# project to GitHub Packages. | Caching, Auto-detection, Token auth, Outputs |
| ๐ฆ | docker-build | Build | Builds a Docker image for multiple architectures with enhanc... | Caching, Auto-detection, Token auth, Outputs |
| โ๏ธ | docker-publish | Publishing | Simple wrapper to publish Docker images to GitHub Packages a... | Token auth, Outputs |
| โ | eslint-lint | Linting | Run ESLint in check or fix mode with advanced configuration ... | Caching, Auto-detection, Token auth, Outputs |
| ๐ฆ | go-build | Build | Builds the Go project. | Caching, Auto-detection, Token auth, Outputs |
| ๐ | go-lint | Linting | Run golangci-lint with advanced configuration, caching, and ... | Caching, Token auth, Outputs |
| ๐ | language-version-detect | Setup | DEPRECATED: This action is deprecated. Inline version detect... | Auto-detection, Token auth, Outputs |
| ๐ฆ | npm-publish | Publishing | Publishes the package to the NPM registry with configurable ... | Caching, Auto-detection, Token auth, Outputs |
| ๐ฆ | npm-semantic-release | Other | Runs semantic-release for automated npm versioning and publi... | Caching, Auto-detection, Outputs |
| โ | php-tests | Testing | Run PHPUnit tests with optional Laravel setup and Composer d... | Caching, Auto-detection, Token auth, Outputs |
| โ | pr-lint | Linting | Runs MegaLinter against pull requests | Caching, Auto-detection, Token auth, Outputs |
| ๐ฆ | pre-commit | Linting | Runs pre-commit on the repository and pushes the fixes back ... | Auto-detection, Token auth, Outputs |
| โ | prettier-lint | Linting | Run Prettier in check or fix mode with advanced configuratio... | Caching, Auto-detection, Token auth, Outputs |
| ๐ | python-lint-fix | Linting | Lints and fixes Python files, commits changes, and uploads S... | Caching, Auto-detection, Token auth, Outputs |
| ๐ฆ | release-monthly | Repository | Creates a release for the current month, incrementing patch ... | Token auth, Outputs |
| ๐ก๏ธ | security-scan | Security | Comprehensive security scanning for GitHub Actions including... | Caching, Token auth, Outputs |
| ๐ฆ | stale | Repository | A GitHub Action to close stale issues and pull requests. | Token auth, Outputs |
| ๐ท๏ธ | sync-labels | Repository | Sync GitHub labels declaratively from a YAML/JSON manifest (... | Token auth, Outputs |
| ๐ฅ๏ธ | terraform-lint-fix | Linting | Lints and fixes Terraform files with advanced validation and... | Token auth, Outputs |
Actions by Category
๐ง Setup (1 action)
| Action | Description | Languages | Features |
|---|---|---|---|
๐ language-version-detect | DEPRECATED: This action is deprecated. Inline vers... | PHP, Python, Go, .NET, Node.js | Auto-detection, Token auth, Outputs |
๐ Linting (10 actions)
| Action | Description | Languages | Features |
|---|---|---|---|
๐ฆ ansible-lint-fix | Lints and fixes Ansible playbooks, commits changes... | Ansible, YAML | Caching, Auto-detection, Token auth, Outputs |
โ
biome-lint | Run Biome linter in check or fix mode | JavaScript, TypeScript, JSON | Caching, Auto-detection, Token auth, Outputs |
๐ csharp-lint-check | Runs linters like StyleCop or dotnet-format for C#... | C#, .NET | Caching, Auto-detection, Token auth, Outputs |
โ
eslint-lint | Run ESLint in check or fix mode with advanced conf... | JavaScript, TypeScript | Caching, Auto-detection, Token auth, Outputs |
๐ go-lint | Run golangci-lint with advanced configuration, cac... | Go | Caching, Token auth, Outputs |
โ
pr-lint | Runs MegaLinter against pull requests | Conventional Commits | Caching, Auto-detection, Token auth, Outputs |
๐ฆ pre-commit | Runs pre-commit on the repository and pushes the f... | Python, Multiple Languages | Auto-detection, Token auth, Outputs |
โ
prettier-lint | Run Prettier in check or fix mode with advanced co... | JavaScript, TypeScript, Markdown, YAML, JSON | Caching, Auto-detection, Token auth, Outputs |
๐ python-lint-fix | Lints and fixes Python files, commits changes, and... | Python | Caching, Auto-detection, Token auth, Outputs |
๐ฅ๏ธ terraform-lint-fix | Lints and fixes Terraform files with advanced vali... | Terraform, HCL | Token auth, Outputs |
๐งช Testing (1 action)
| Action | Description | Languages | Features |
|---|---|---|---|
โ
php-tests | Run PHPUnit tests with optional Laravel setup and ... | PHP, Laravel | Caching, Auto-detection, Token auth, Outputs |
๐๏ธ Build (3 actions)
| Action | Description | Languages | Features |
|---|---|---|---|
๐ csharp-build | Builds and tests C# projects. | C#, .NET | Caching, Auto-detection, Token auth, Outputs |
๐ฆ docker-build | Builds a Docker image for multiple architectures w... | Docker | Caching, Auto-detection, Token auth, Outputs |
๐ฆ go-build | Builds the Go project. | Go | Caching, Auto-detection, Token auth, Outputs |
๐ Publishing (3 actions)
| Action | Description | Languages | Features |
|---|---|---|---|
๐ฆ csharp-publish | Publishes a C# project to GitHub Packages. | C#, .NET | Caching, Auto-detection, Token auth, Outputs |
โ๏ธ docker-publish | Simple wrapper to publish Docker images to GitHub ... | Docker | Token auth, Outputs |
๐ฆ npm-publish | Publishes the package to the NPM registry with con... | Node.js, npm | Caching, Auto-detection, Token auth, Outputs |
๐ฆ Repository (5 actions)
| Action | Description | Languages | Features |
|---|---|---|---|
๐ก๏ธ codeql-analysis | Run CodeQL security analysis for a single language... | JavaScript, TypeScript, Python, Java, C#, C++, Go, Ruby | Auto-detection, Token auth, Outputs |
๐ผ๏ธ compress-images | Compress images on demand (workflow_dispatch), and... | Images, PNG, JPEG | Token auth, Outputs |
๐ฆ release-monthly | Creates a release for the current month, increment... | GitHub Actions | Token auth, Outputs |
๐ฆ stale | A GitHub Action to close stale issues and pull req... | GitHub Actions | Token auth, Outputs |
๐ท๏ธ sync-labels | Sync GitHub labels declaratively from a YAML/JSON ... | YAML, GitHub | Token auth, Outputs |
๐ก๏ธ Security (1 action)
| Action | Description | Languages | Features |
|---|---|---|---|
๐ก๏ธ security-scan | Comprehensive security scanning for GitHub Actions... | - | Caching, Token auth, Outputs |
Feature Matrix
| Action | Caching | Auto-detection | Token auth | Outputs |
|---|---|---|---|---|
ansible-lint-fix | โ | โ | โ | โ |
biome-lint | โ | โ | โ | โ |
codeql-analysis | - | โ | โ | โ |
compress-images | - | - | โ | โ |
csharp-build | โ | โ | โ | โ |
csharp-lint-check | โ | โ | โ | โ |
csharp-publish | โ | โ | โ | โ |
docker-build | โ | โ | โ | โ |
docker-publish | - | - | โ | โ |
eslint-lint | โ | โ | โ | โ |
go-build | โ | โ | โ | โ |
go-lint | โ | - | โ | โ |
language-version-detect | - | โ | โ | โ |
npm-publish | โ | โ | โ | โ |
npm-semantic-release | โ | โ | - | โ |
php-tests | โ | โ | โ | โ |
pr-lint | โ | โ | โ | โ |
pre-commit | - | โ | โ | โ |
prettier-lint | โ | โ | โ | โ |
python-lint-fix | โ | โ | โ | โ |
release-monthly | - | - | โ | โ |
security-scan | โ | - | โ | โ |
stale | - | - | โ | โ |
sync-labels | - | - | โ | โ |
terraform-lint-fix | - | - | โ | โ |
Language Support
| Language | Actions |
|---|---|
| .NET | csharp-build, csharp-lint-check, csharp-publish, language-version-detect |
| Ansible | ansible-lint-fix |
| C# | codeql-analysis, csharp-build, csharp-lint-check, csharp-publish |
| C++ | codeql-analysis |
| Conventional Commits | pr-lint |
| Docker | docker-build, docker-publish |
| GitHub | sync-labels |
| GitHub Actions | release-monthly, stale |
| Go | codeql-analysis, go-build, go-lint, language-version-detect |
| HCL | terraform-lint-fix |
| Images | compress-images |
| JPEG | compress-images |
| JSON | biome-lint, prettier-lint |
| Java | codeql-analysis |
| JavaScript | biome-lint, codeql-analysis, eslint-lint, prettier-lint |
| Laravel | php-tests |
| Markdown | prettier-lint |
| Multiple Languages | pre-commit |
| Node.js | language-version-detect, npm-publish |
| PHP | language-version-detect, php-tests |
| PNG | compress-images |
| Python | codeql-analysis, language-version-detect, pre-commit, python-lint-fix |
| Ruby | codeql-analysis |
| Terraform | terraform-lint-fix |
| TypeScript | biome-lint, codeql-analysis, eslint-lint, prettier-lint |
| YAML | ansible-lint-fix, prettier-lint, sync-labels |
| npm | npm-publish |
Action Usage
All actions can be used independently in your workflows:
# Recommended: Use pinned refs for supply-chain security
- uses: ivuorinen/actions/action-name@vYYYY-MM-DD # Date-based tag (example)
with:
# action-specific inputs
# Alternative: Use commit SHA for immutability
- uses: ivuorinen/actions/action-name@abc123def456 # Full commit SHA
with:
# action-specific inputs
Security Note: Always pin to specific tags or commit SHAs instead of
@mainto ensure reproducible workflows and supply-chain integrity.
Usage
Using Actions Externally
All actions in this repository can be used in your workflows like any other GitHub Action.
โ ๏ธ Security Best Practice: Always pin actions to specific tags or commit SHAs instead of @main to ensure:
- Reproducibility: Workflows behave consistently over time
- Supply-chain integrity: Protection against unexpected changes or compromises
- Immutability: Reference exact versions that cannot be modified
steps:
- name: Run Pre-commit Checks
uses: ivuorinen/actions/pre-commit@7061aafd35a2f21b57653e34f2b634b2a19334a9
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Publish npm Package
uses: ivuorinen/actions/npm-publish@v2025.04.05
with:
node-version: '20'
npm-token: ${{ secrets.NPM_TOKEN }}
Development
This repository uses a Makefile-based build system for development tasks:
# Full workflow (install-tools, update-validators, docs, update-catalog, format, lint, precommit)
make all
# Individual operations
make docs # Generate documentation for all actions
make format # Format all files (markdown, YAML, JSON)
make lint # Run all linters
make check # Quick syntax and tool checks
# Development workflow
make dev # Format then lint (good for development)
make ci # CI workflow - check, docs, lint
Python Development
For Python development (validation system), use these specialized commands:
# Python development workflow
make dev-python # Format, lint, and test Python code
make test-python # Run Python unit tests
make test-python-coverage # Run tests with coverage reporting
# Individual Python operations
make format-python # Format Python files with ruff
make lint-python # Lint Python files with ruff
The validation system (_validation/) generates a self-contained validate.py for each action:
- Single Source of Truth:
_validation/kit.pydefines every check once;_validation/spec.pymaps each action's inputs to checks;make update-validatorsregenerates the validators. - Self-Contained & Stdlib-Only: each
<action>/validate.pyruns withpython3โ nouv, no third-party dependencies, and no shared action. - CalVer and SemVer Support: flexible version validation for different schemes.
- Security Features: command-injection and path-traversal protection; fail-closed on invalid input.
- Tested:
_validation/tests/covers every check plus a drift test that re-runs the generator.
Testing
# Run all tests (Python + GitHub Actions)
make test
# Run specific test types
make test-python # Python validation tests only
make test-actions # GitHub Actions tests only
make test-action ACTION=go-build # Test specific action
# Coverage reporting
make test-coverage # All tests with coverage
make test-python-coverage # Python tests with coverage
For detailed development guidelines, see CLAUDE.md.
License
This project is licensed under the MIT License. See the LICENSE file for details.