Reusable GitHub Actions workflows for Git Flow release management across multiple project types.
- 🚀 Release Management - Automated release flow with changelog generation
- 🔥 Hotfix Support - Quick patch releases with proper versioning
- 📦 Multi-Platform Publishing - npm, Dart/Flutter, PHP packages
- 🌐 Web Deployment - Deploy to SSH, Vercel, Netlify, Firebase
- 📱 Mobile Deployment - Android and iOS Flutter apps
- 🔄 Back-merge - Automatic PR to sync changes back to develop
- 🧹 Sanity Checks - Code quality checks for Vue, Laravel, Dart/Flutter projects
- 🛡️ Backup & Rollback - Automatic pre-deployment backup with rollback on failure (SSH)
- 🔍 Go CI - Lint, test, coverage, and build for Go projects
| Type | Changelog Strategy | Description |
|---|---|---|
web-app |
Post-tag | Changelog after tag, included in back-merge |
npm-package |
Pre-merge | Changelog before merge, included in published package |
dart-package |
Pre-merge | Changelog before merge, included in pub.dev |
flutter-package |
Pre-merge | Changelog before merge, included in pub.dev |
flutter-app |
Post-tag | Changelog after tag, included in back-merge |
php-package |
Pre-merge | Changelog before merge, included in packagist |
name: Release
on:
push:
branches:
- 'release/**'
- 'hotfix/**'
pull_request:
types: [closed]
branches: [main]
jobs:
release:
uses: banua-coder/banua-coder-workflow/.github/workflows/release.yml@v1
with:
project-type: web-app # or: npm-package, dart-package, flutter-package, php-package
main-branch: main
develop-branch: develop
secrets: inheritgit checkout develop
git checkout -b release/1.0.0
git push origin release/1.0.0The workflow will:
- Create a PR to main
- When merged: tag the release, generate changelog, create back-merge PR
Full CI pipeline for Go projects: lint, test with coverage, and build.
Inputs:
| Input | Description | Default |
|---|---|---|
go-version |
Go version | stable |
working-directory |
Working directory | . |
run-tests |
Run unit tests | true |
run-lint |
Run golangci-lint | true |
run-build |
Build the project | true |
run-coverage |
Generate coverage report | true |
test-packages |
Packages to test | ./... |
build-target |
Build target file | auto-detected |
build-output |
Build output binary name | app |
coverage-threshold |
Minimum coverage % (0 = disabled) | 0 |
golangci-lint-version |
golangci-lint version | v1.61.0 |
post-coverage-comment |
Post coverage as PR comment | true |
Note: golangci-lint v2.x requires
golangci-lint-version: v2.x.x— the action usesgolangci-lint-action@v7which supports v2.
Example:
jobs:
ci:
uses: banua-coder/banua-coder-workflow/.github/workflows/ci-go.yml@v1
with:
go-version: '1.24.x'
golangci-lint-version: 'v2.10.1'
coverage-threshold: 80
secrets: inheritMain release workflow that handles the entire release process.
Inputs:
| Input | Description | Default |
|---|---|---|
project-type |
Project type: web-app, npm-package, dart-package, flutter-package, flutter-app, php-package |
web-app |
main-branch |
Main/production branch name | main |
develop-branch |
Development branch name | develop |
changelog-format |
Changelog format: keepachangelog, conventional, simple |
keepachangelog |
auto-merge-backport |
Auto-merge back-merge PR | false |
node-version |
Node.js version | 20 |
pnpm-version |
pnpm version (empty = use packageManager from package.json) | `` |
php-version |
PHP version | 8.2 |
flutter-version |
Flutter version | 3.27.2 |
Deploy when a tag is pushed. Supports backup & automatic rollback for SSH deployments.
Inputs:
| Input | Description | Default |
|---|---|---|
environment |
Deployment environment | production |
deploy-provider |
Provider: ssh, vercel, netlify, firebase |
ssh |
build-command |
Custom build command | `` |
deploy-path |
Deployment path on server (SSH) | `` |
node-version |
Node.js version | 20 |
php-version |
PHP version | 8.2 |
backup-enabled |
Take a backup before deploying (SSH only) | true |
backup-keep |
Number of backups to retain (0 = keep all) | 3 |
Outputs:
| Output | Description |
|---|---|
deploy-url |
Deployment URL (Vercel/Netlify) |
status |
Deployment status |
backup-path |
Path to the pre-deployment backup on the server |
Backup & Rollback Flow (SSH):
┌─────────────────────────────────────────────────────────────────┐
│ DEPLOY WITH BACKUP/ROLLBACK │
├─────────────────────────────────────────────────────────────────┤
│ │
│ 1. Backup job │
│ Copy current deploy-path → .backups/<timestamp>_<app> │
│ Prune old backups (keep N most recent) │
│ │ │
│ ▼ │
│ 2. Deploy job (on backup success) │
│ git pull + composer/npm + artisan optimize │
│ │ │
│ ├── success ──▶ done ✅ │
│ │ │
│ └── failure ──▶ Rollback job 🔄 │
│ rm broken deploy-path │
│ cp backup → deploy-path │
│ artisan optimize (if Laravel) │
│ mark workflow as failed ❌ │
│ │
└─────────────────────────────────────────────────────────────────┘
Cloud providers (Vercel, Netlify, Firebase) manage their own versioning and instant rollback — the backup step is skipped automatically for these providers.
Example:
name: Deploy
on:
push:
tags:
- 'v*'
jobs:
deploy:
uses: banua-coder/banua-coder-workflow/.github/workflows/deploy-on-tag.yml@v1
with:
environment: production
deploy-provider: ssh
deploy-path: /var/www/my-app
backup-enabled: true
backup-keep: 3
secrets: inheritAutomatically delete merged branches (except protected ones).
Inputs:
| Input | Description | Default |
|---|---|---|
protected-branches |
Comma-separated list of protected branches | main,master,develop |
Run code linting (PHP with Pint, frontend with ESLint/Prettier).
Inputs:
| Input | Description | Default |
|---|---|---|
php-version |
PHP version | 8.3 |
node-version |
Node.js version | 20 |
pnpm-version |
pnpm version (empty = use packageManager) | `` |
lint-php |
Run PHP linting | true |
lint-frontend |
Run frontend linting | true |
Run Laravel/PHP tests with database setup.
Inputs:
| Input | Description | Default |
|---|---|---|
php-version |
PHP version | 8.3 |
node-version |
Node.js version | 20 |
pnpm-version |
pnpm version (empty = use packageManager) | `` |
database |
Database type: sqlite, mysql, pgsql |
sqlite |
run-migrations |
Run database migrations | true |
run-seeders |
Run database seeders | true |
build-assets |
Build frontend assets | true |
test-command |
Test command to run | ./vendor/bin/pest |
coverage |
Code coverage: xdebug, pcov, none |
none |
Customizable code quality and sanity checks for multiple project types.
Inputs:
| Input | Description | Default |
|---|---|---|
project-type |
Project type: laravel, vue, react, dart, flutter, auto |
auto |
php-version |
PHP version | 8.3 |
node-version |
Node.js version | 20 |
flutter-version |
Flutter version | 3.38.4 |
vue-max-loc |
Max lines of code for Vue files | 700 |
check-native-inputs |
Check for native HTML inputs (should use shadcn/ui) | true |
check-vue-types |
Check for type definitions inside .vue files | true |
check-missing-requests |
Check for missing FormRequest classes | true |
check-column-mismatches |
Check for column name mismatches | true |
check-relationship-conflicts |
Check for property/relationship name conflicts | true |
dart-max-file-size |
Max Dart file size in KB | 18 |
dart-max-loc |
Max lines of code for Dart files | 600 |
check-assets |
Check for non-optimized assets | true |
Check Categories:
- Vue/JS: File size limits, native input detection, type definitions in .vue files
- Laravel: FormRequest usage, column mismatches, relationship conflicts
- Dart/Flutter: File size and LOC limits
- Assets: Image optimization (JPEG, PNG, SVG)
Publish package to npm registry.
Inputs:
| Input | Description | Default |
|---|---|---|
node-version |
Node.js version | 20 |
registry |
npm registry URL | https://registry.npmjs.org |
access |
Package access level | public |
dry-run |
Perform dry run | false |
Publish package to pub.dev using OIDC authentication.
Inputs:
| Input | Description | Default |
|---|---|---|
flutter-version |
Flutter version | 3.27.2 |
use-flutter |
Use Flutter SDK | true |
dry-run |
Perform dry run | false |
environment |
GitHub environment for OIDC auth | pub.dev |
Note: This workflow uses OIDC authentication instead of PUB_CREDENTIALS. You need to configure a GitHub environment named "pub.dev" in your repository settings. See Dart Automated Publishing for setup instructions.
Notify Packagist about new release.
Inputs:
| Input | Description | Default |
|---|---|---|
php-version |
PHP version | 8.2 |
Bump version in project files.
- uses: banua-coder/banua-coder-workflow/actions/bump-version@v1
with:
version: '1.2.3'
commit: 'true'Generate changelog from commits.
- uses: banua-coder/banua-coder-workflow/actions/changelog@v1
with:
version: '1.2.3'
format: 'keepachangelog'Create back-merge PR to develop.
- uses: banua-coder/banua-coder-workflow/actions/back-merge@v1
with:
source-branch: 'main'
target-branch: 'develop'Setup project environment (Node.js, PHP, Flutter).
- uses: banua-coder/banua-coder-workflow/actions/setup-environment@v1
with:
node-version: '20'
php-version: '8.2'See the examples/ directory for complete workflow examples:
web-app.yml- Generic web applicationslaravel-app.yml- Laravel application with testsnpm-package.yml- npm packagesdart-package.yml- Pure Dart packagesflutter-package.yml- Flutter packagesflutter-app.yml- Flutter mobile applicationsphp-package.yml- PHP/Composer packages
┌─────────────────────────────────────────────────────────────────┐
│ RELEASE FLOW │
├─────────────────────────────────────────────────────────────────┤
│ │
│ 1. Create release branch │
│ ┌─────────┐ │
│ │ develop │ ──── git checkout -b release/1.0.0 │
│ └─────────┘ │
│ │ │
│ ▼ │
│ 2. Push triggers workflow │
│ ┌───────────────┐ │
│ │ release/1.0.0 │ ──── Creates PR to main │
│ └───────────────┘ │
│ │ │
│ ▼ │
│ 3. PR merged to main │
│ ┌──────┐ │
│ │ main │ ──── Tag v1.0.0 created │
│ └──────┘ Changelog generated │
│ │ Back-merge PR created │
│ │ │
│ ▼ │
│ 4. Tag triggers deploy/publish │
│ ┌─────────┐ │
│ │ v1.0.0 │ ──── Backup → Deploy → (Rollback on failure) │
│ └─────────┘ Publish to registry │
│ │
└─────────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────────┐
│ HOTFIX FLOW │
├─────────────────────────────────────────────────────────────────┤
│ │
│ 1. Create hotfix branch from main │
│ ┌──────┐ │
│ │ main │ ──── git checkout -b hotfix/1.0.1 │
│ └──────┘ │
│ │ │
│ ▼ │
│ 2. Push triggers workflow │
│ ┌─────────────┐ │
│ │ hotfix/1.0.1│ ──── Creates PR to main │
│ └─────────────┘ │
│ │ │
│ ▼ │
│ 3. PR merged (same as release flow) │
│ Tag, changelog, back-merge, deploy │
│ │
└─────────────────────────────────────────────────────────────────┘
This workflow uses conventional commits to generate changelogs:
| Prefix | Description | Changelog Section |
|---|---|---|
feat: |
New feature | Added |
fix: |
Bug fix | Fixed |
docs: |
Documentation | Documentation |
refactor: |
Code refactoring | Changed |
perf: |
Performance improvement | Performance |
test: |
Adding tests | Tests |
chore: |
Maintenance | Maintenance |
style: |
Code style | Style |
ci: |
CI/CD changes | CI/CD |
build: |
Build system | Build |
revert: |
Revert changes | Reverted |
Configure these secrets in your repository settings:
| Secret | Required For | Description |
|---|---|---|
GITHUB_TOKEN |
All | Automatically provided by GitHub |
NPM_TOKEN |
npm publishing | npm auth token from npmjs.com |
SSH_HOST |
SSH deployment | Server hostname |
SSH_USER |
SSH deployment | SSH username |
SSH_KEY |
SSH deployment | SSH private key |
SSH_PORT |
SSH deployment | SSH port (optional, defaults to 22) |
VERCEL_TOKEN |
Vercel deployment | Vercel auth token |
VERCEL_ORG_ID |
Vercel deployment | Vercel org ID |
VERCEL_PROJECT_ID |
Vercel deployment | Vercel project ID |
NETLIFY_AUTH_TOKEN |
Netlify deployment | Netlify auth token |
NETLIFY_SITE_ID |
Netlify deployment | Netlify site ID |
FIREBASE_TOKEN |
Firebase deployment | Firebase service account JSON |
Note: For pub.dev publishing, we use OIDC authentication instead of secrets. Configure a GitHub environment named "pub.dev" following Dart's automated publishing guide.
MIT License - see LICENSE for details.