shaposhnikoff.dev
2026 active repo ↗

my_shared_pipeline

GitHub ActionsTerraformPythonHCL

What it is

A central repository of reusable GitHub Actions workflows. Product repositories call these workflows with uses: instead of copying CI logic into every repo. The current set covers linting, Terraform validation, security scanning, cost estimation, and scheduled security checks.

Why it exists

CI drift is easy to create and annoying to clean up. One repository pins tool versions differently, another skips a security check, and a third still has an old workflow nobody wants to touch. A shared pipeline puts that logic in one place so fixes and tool bumps roll out through a single path.

How it works

Calling repositories keep a thin .github/workflows/ci.yml. The shared workflows run path-based filtering, then blocking lint and validation jobs, then advisory cost reporting where Terraform changes are present. The design also pushes teams toward OIDC instead of long-lived cloud credentials.