Reusable GitHub Workflows

Centralized CI/CD workflows and composite actions for your projects

What is this?

This repository contains reusable GitHub Actions workflows and composite actions that can be used across multiple projects to centralize and standardize your CI/CD logic.

Repository Structure

.github/
├── workflows/          # Reusable workflows
│   ├── web-build.yml   # Web application build workflow
│   ├── api-build.yml   # API build workflow
│   └── node-release.yml # Node.js release workflow
└── actions/            # Composite actions
    ├── setup/          # Common setup (Node.js, pnpm, checkout)
    └── install/        # Install dependencies with pnpm

Reusable Workflows

Pre-built workflows for common CI/CD tasks

🌐

Web Build

Builds a Next.js or web application with optional linting and testing.

View Details →
🚀

API Build

Builds a NestJS or API application with optional linting and testing.

View Details →
📦

Node Release

Automatically releases Node.js packages using semantic-release. Updates version in package.json and creates GitHub releases.

View Details →

Web Build

Builds a Next.js or web application with optional linting and testing. This workflow uses the composite actions for setup and dependency installation.

name: Web Build

on:
  pull_request:
    paths:
      - 'apps/web/**'
    branches: [main, dev]

jobs:
  build:
    uses: sisques-labs/workflows/.github/workflows/web-build.yml@main
    with:
      app_path: "apps/web"
      app_name: "Web App"
      node_version: "24"
      run_lint: true
      run_test: true
      build_command: "build"

Inputs

  • app_path (required): Path to the web app (e.g., apps/web)
  • app_name (optional, default: "Web App"): Name of the app for display
  • node_version (optional, default: "24"): Node.js version to use
  • run_lint (optional, default: true): Whether to run lint
  • run_test (optional, default: true): Whether to run tests
  • build_command (optional, default: "build"): Build command to run (e.g., build, build:prod)
  • use_filter (optional, default: false): Whether to use filter for installation

API Build

Builds a NestJS or API application with optional linting and testing. This workflow uses the composite actions for setup and dependency installation.

name: API Build

on:
  pull_request:
    paths:
      - 'apps/api/**'
    branches: [main, dev]

jobs:
  build:
    uses: sisques-labs/workflows/.github/workflows/api-build.yml@main
    with:
      app_path: "apps/api"
      app_name: "API"
      node_version: "24"
      run_lint: true
      run_test: true
      build_command: "build"

Inputs

  • app_path (required): Path to the API app (e.g., apps/api)
  • app_name (optional, default: "API"): Name of the app for display
  • node_version (optional, default: "24"): Node.js version to use
  • run_lint (optional, default: true): Whether to run lint
  • run_test (optional, default: true): Whether to run tests
  • build_command (optional, default: "build"): Build command to run (e.g., build, build:prod)
  • use_filter (optional, default: false): Whether to use filter for installation

Node Release

Automatically releases a Node.js package using semantic-release. Updates the version in package.json, creates Git tags, generates GitHub releases, and creates changelogs automatically based on conventional commits.

name: Release

on:
  push:
    branches:
      - main

jobs:
  release:
    uses: sisques-labs/workflows/.github/workflows/node-release.yml@main
    secrets: inherit
    with:
      app_path: "packages/sdk"
      build_command: "build"
      use_filter: true

Inputs

  • app_path (optional, default: "."): Path to the app/package (e.g., packages/sdk, apps/api). Use "." for root
  • working_directory (optional): Working directory for semantic-release (defaults to app_path)
  • node_version (optional, default: "24"): Node.js version to use
  • pnpm_version (optional, default: ""): pnpm version to use. If empty, will auto-detect from package.json
  • use_filter (optional, default: false): Whether to use filter when installing dependencies
  • build_command (optional): Build command to run before release (e.g., build, build:prod)
  • release_command (optional): Custom release command. Defaults to pnpm release if found in package.json, otherwise uses npx semantic-release

Requirements

  • Your project must have semantic-release configured. You can either:
    • Add a release script to your package.json: "release": "semantic-release"
    • Or install semantic-release as a dependency (the workflow will use npx semantic-release)
  • The workflow requires GITHUB_TOKEN (automatically provided) and optionally NPM_TOKEN if publishing to npm
  • Ensure your commits follow Conventional Commits format for automatic versioning

Composite Actions

Reusable action components for common setup tasks

Setup

Common setup action for repository checkout, Node.js, and pnpm installation.

# Auto-detect pnpm version from package.json (recommended)
- name: Setup
  uses: sisques-labs/workflows/.github/actions/setup@main
  with:
    node_version: "24"

# Or specify pnpm version explicitly
- name: Setup
  uses: sisques-labs/workflows/.github/actions/setup@main
  with:
    node_version: "24"
    pnpm_version: "9.0.0"

Inputs

  • node_version (optional, default: "24"): Node.js version to use
  • pnpm_version (optional, default: ""): pnpm version to use. If empty, will auto-detect from package.json packageManager field

Install

Install dependencies using pnpm with optional filter and frozen lockfile handling. Automatically handles dependabot by skipping frozen lockfile when needed.

- name: Install dependencies
  uses: sisques-labs/workflows/.github/actions/install@main
  with:
    app_path: "apps/web"
    use_filter: "true"
    frozen_lockfile: "true"

Inputs

  • app_path (optional, default: "."): Path to the app/package (e.g., apps/web). Use "." for root
  • use_filter (optional, default: "false"): Whether to use filter for installation
  • frozen_lockfile (optional, default: "true"): Whether to use --frozen-lockfile (automatically skipped for dependabot)

Complete CI Pipeline Example

Example of using both Web Build and API Build workflows in your project

name: CI

on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

jobs:
  build-web:
    uses: sisques-labs/workflows/.github/workflows/web-build.yml@main
    with:
      app_path: "apps/web"
      app_name: "Web App"
      node_version: "24"
      run_lint: true
      run_test: true
      build_command: "build"

  build-api:
    uses: sisques-labs/workflows/.github/workflows/api-build.yml@main
    with:
      app_path: "apps/api"
      app_name: "API"
      node_version: "24"
      run_lint: true
      run_test: true
      build_command: "build"

  release:
    if: github.ref == 'refs/heads/main' && github.event_name == 'push'
    needs: [build-web, build-api]
    uses: sisques-labs/workflows/.github/workflows/node-release.yml@main
    secrets: inherit
    with:
      app_path: "."
      build_command: "build"

Best Practices

  • Always use secrets: inherit when calling workflows that require secrets
  • Use consistent Node.js versions across your project (default is 24)
  • Use install_filter when you only need dependencies for a specific app/package
  • Combine workflows in your project's workflow files for complete CI/CD pipelines