Production-grade composite actions for CI/CD, deployments, and infrastructure automation.
| Action | Description |
|---|---|
ssh-deploy |
Deploy via SSH with retry logic, health checks, and rollback |
python-ci |
Complete Python CI — lint, test, and coverage in one step |
notify |
Multi-channel notifications — Slack, email, GitHub issues |
sarif-report |
Convert JSON findings to SARIF and upload to Code Scanning |
- uses: bertrandmbanwi/github-actions/ssh-deploy@v1
with:
host: ${{ secrets.SERVER_HOST }}
username: ${{ secrets.SERVER_USER }}
key: ${{ secrets.SSH_PRIVATE_KEY }}
deploy-script: |
cd /home/app/myproject
git pull origin main
npm install --production
pm2 restart myapp
health-check-url: https://myapp.example.com/health- uses: actions/checkout@v4
- uses: bertrandmbanwi/github-actions/python-ci@v1
with:
python-version: "3.12"
linter: ruff
install-project: "true"
coverage-threshold: "80"- uses: bertrandmbanwi/github-actions/notify@v1
if: failure()
with:
message: "Build failed on ${{ github.ref_name }}"
status: failure
channels: slack,email
slack-webhook: ${{ secrets.SLACK_WEBHOOK }}
email-to: team@example.com
smtp-host: smtp.gmail.com
smtp-username: ${{ secrets.SMTP_USER }}
smtp-password: ${{ secrets.SMTP_PASS }}
email-from: ci@example.com- uses: bertrandmbanwi/github-actions/sarif-report@v1
with:
tool-name: infraguard
input-file: report.json
github-token: ${{ secrets.GITHUB_TOKEN }}
fail-on-findings: "true"MIT