Skip to content

ci: add GitHub Actions CI (shellcheck, compose validation, gitleaks)#3

Merged
bst27 merged 1 commit into
mainfrom
ci/github-actions
Jul 3, 2026
Merged

ci: add GitHub Actions CI (shellcheck, compose validation, gitleaks)#3
bst27 merged 1 commit into
mainfrom
ci/github-actions

Conversation

@bst27

@bst27 bst27 commented Jul 3, 2026

Copy link
Copy Markdown
Owner

Adds a lightweight CI workflow (.github/workflows/ci.yml) that runs on pushes to main, on pull requests, and via manual dispatch. There is no build/test for this repo, so the checks focus on linting and safety:

  • shellcheck — lints restore.sh (POSIX sh).
  • composeyamllint -d relaxed plus a docker compose config render smoke-test of the base file and both backend overlays (SFTP / local), using a throwaway dummy .env generated in the runner.
  • gitleaks — scans the git history for accidentally committed secrets (.env, restic password, SSH keys). Runs from the official image; no marketplace action or license needed.

Least-privilege (contents: read), concurrency-cancel on re-push. All three jobs were verified locally against the exact commands before opening this PR.

Runs on pushes to main and on pull requests:
- shellcheck lints restore.sh (POSIX sh)
- docker compose config validates the base file and both backend overlays,
  using yamllint plus a throwaway dummy .env generated in the runner
- gitleaks scans the git history for committed secrets

No external services, accounts or licenses required.
@bst27 bst27 merged commit 92680c7 into main Jul 3, 2026
3 checks passed
@bst27 bst27 deleted the ci/github-actions branch July 3, 2026 16:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant