kamranahmedse/developer-roadmap
10 workflows · maturity 0% · 0 patterns · GitHub ↗
Practices
○ Matrix○ Permissions○ Security scan○ AI review○ Cache○ Concurrency○ Reusable workflows
Security dimensions
Workflows (10)
aws-costs .github/workflows/aws-costs.yml
View raw YAML
name: Sends Daily AWS Costs to Slack
on:
# Allow manual Run
workflow_dispatch:
# Run at 7:00 UTC every day
schedule:
- cron: "0 7 * * *"
jobs:
aws_costs:
runs-on: ubuntu-latest
steps:
- name: Get Costs
env:
AWS_KEY: ${{ secrets.COST_AWS_ACCESS_KEY }}
AWS_SECRET: ${{ secrets.COST_AWS_SECRET_KEY }}
AWS_REGION: ${{ secrets.COST_AWS_REGION }}
SLACK_CHANNEL: ${{ secrets.SLACK_COST_CHANNEL }}
SLACK_TOKEN: ${{ secrets.SLACK_TOKEN }}
run: |
npm install -g aws-cost-cli
aws-cost -k $AWS_KEY -s $AWS_SECRET -r $AWS_REGION -S $SLACK_TOKEN -C $SLACK_CHANNEL
cleanup-orphaned-content .github/workflows/cleanup-orphaned-content.yml
View raw YAML
name: Cleanup Orphaned Content
on:
workflow_dispatch:
inputs:
roadmap_slug:
description: "The ID of the roadmap to clean up"
required: true
jobs:
cleanup-content:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup pnpm@v9
uses: pnpm/action-setup@v4
with:
version: 9
run_install: false
- name: Setup Node.js Version 20 (LTS)
uses: actions/setup-node@v4
with:
node-version: 20
cache: 'pnpm'
- name: Install Dependencies and Run Cleanup
run: |
echo "Installing Dependencies"
pnpm install
echo "Running Orphaned Content Cleanup"
npm run cleanup:orphaned-content -- --roadmap-slug=${{ inputs.roadmap_slug }}
- name: Read cleanup summary
id: read-summary
run: |
if [ -f .cleanup-summary.md ]; then
{
echo 'summary<<EOF'
cat .cleanup-summary.md
echo 'EOF'
} >> $GITHUB_OUTPUT
fi
- name: Check for changes
id: verify-changed-files
run: |
if [ -n "$(git status --porcelain)" ]; then
echo "changed=true" >> $GITHUB_OUTPUT
else
echo "changed=false" >> $GITHUB_OUTPUT
fi
- name: Delete summary file
if: steps.verify-changed-files.outputs.changed == 'true'
run: rm -f .cleanup-summary.md
- name: Create PR
if: steps.verify-changed-files.outputs.changed == 'true'
uses: peter-evans/create-pull-request@v7
with:
delete-branch: false
branch: "chore/cleanup-orphaned-content-${{ inputs.roadmap_slug }}"
base: "master"
labels: |
automated pr
reviewers: jcanalesluna,kamranahmedse
commit-message: "chore: cleanup orphaned content files"
title: "chore: cleanup orphaned content - ${{ inputs.roadmap_slug }}"
body: |
${{ steps.read-summary.outputs.summary }}
> [!IMPORTANT]
> This PR removes orphaned/duplicate content files for: ${{ inputs.roadmap_slug }}
>
> Commit: ${{ github.sha }}
> Workflow Path: ${{ github.workflow_ref }}
**Please review the changes and merge the PR if everything looks correct.**
close-feedback-pr .github/workflows/close-feedback-pr.yml
View raw YAML
name: Close PRs with Feedback
on:
workflow_dispatch:
schedule:
- cron: '0 0 * * *'
jobs:
close-pr:
runs-on: ubuntu-latest
steps:
- name: Close PR if it has label "feedback left" and no changes in 7 days
uses: actions/github-script@v3
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const { data: pullRequests } = await github.pulls.list({
owner: context.repo.owner,
repo: context.repo.repo,
state: 'open',
base: 'master',
});
for (const pullRequest of pullRequests) {
const { data: labels } = await github.issues.listLabelsOnIssue({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: pullRequest.number,
});
const feedbackLabel = labels.find((label) => label.name === 'feedback left');
if (feedbackLabel) {
const lastUpdated = new Date(pullRequest.updated_at);
const sevenDaysAgo = new Date();
sevenDaysAgo.setDate(sevenDaysAgo.getDate() - 7);
if (lastUpdated < sevenDaysAgo) {
await github.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: pullRequest.number,
body: 'Closing this PR because there has been no activity for the past 7 days. Feel free to reopen if you have any feedback.',
});
await github.pulls.update({
owner: context.repo.owner,
repo: context.repo.repo,
pull_number: pullRequest.number,
state: 'closed',
});
}
}
}cloudfront-api-cache .github/workflows/cloudfront-api-cache.yml
View raw YAML
name: Clears API Cloudfront Cache
on:
workflow_dispatch:
jobs:
cloudfront_api_cache:
runs-on: ubuntu-latest
steps:
- name: Clear Cloudfront Caching
run: |
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.GH_PAT }}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/roadmapsh/infra-ansible/actions/workflows/playbook.yml/dispatches \
-d '{ "ref":"master", "inputs": { "playbook": "roadmap_web.yml", "tags": "cloudfront-api", "is_verbose": false } }'
cloudfront-fe-cache .github/workflows/cloudfront-fe-cache.yml
View raw YAML
name: Clears Frontend Cloudfront Cache
on:
workflow_dispatch:
jobs:
cloudfront_fe_cache:
runs-on: ubuntu-latest
steps:
- name: Clear Cloudfront Caching
run: |
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.GH_PAT }}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/roadmapsh/infra-ansible/actions/workflows/playbook.yml/dispatches \
-d '{ "ref":"master", "inputs": { "playbook": "roadmap_web.yml", "tags": "cloudfront,cloudfront-course", "is_verbose": false } }'
deployment .github/workflows/deployment.yml
View raw YAML
name: Deploy to EC2
on:
workflow_dispatch:
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@v4
with:
fetch-depth: 2
- uses: actions/setup-node@v4
with:
node-version: 20
- uses: pnpm/action-setup@v4.0.0
with:
version: 9
# -------------------
# Setup configuration
# -------------------
- name: Prepare configuration files
run: |
git clone https://${{ secrets.GH_PAT }}@github.com/roadmapsh/infra-config.git configuration --depth 1
- name: Copy configuration files
run: |
cp configuration/dist/github/developer-roadmap.env .env
# -----------------
# Prepare the Build
# -----------------
- name: Install Dependencies
run: |
pnpm install
- name: Generate Production Build
run: |
git clone https://${{ secrets.GH_PAT }}@github.com/roadmapsh/web-draw.git .temp/web-draw --depth 1
npm run generate-renderer
npm run compress:images
npm run build
# --------------------
# Deploy to EC2
# --------------------
- uses: webfactory/ssh-agent@v0.7.0
with:
ssh-private-key: ${{ secrets.EC2_PRIVATE_KEY }}
- name: Deploy Application to EC2
run: |
rsync -apvz --delete --no-times --exclude "configuration" -e "ssh -o StrictHostKeyChecking=no" -p ./ ${{ secrets.EC2_USERNAME }}@${{ secrets.EC2_HOST }}:/var/www/roadmap.sh/
- name: Restart PM2
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.EC2_HOST }}
username: ${{ secrets.EC2_USERNAME }}
key: ${{ secrets.EC2_PRIVATE_KEY }}
script: |
cd /var/www/roadmap.sh
sudo pm2 restart web-roadmap
# ----------------------
# Clear cloudfront cache
# ----------------------
- name: Clear Cloudfront Caching
run: |
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.GH_PAT }}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/roadmapsh/infra-ansible/actions/workflows/playbook.yml/dispatches \
-d '{ "ref":"master", "inputs": { "playbook": "roadmap_web.yml", "tags": "cloudfront", "is_verbose": false } }'label-issue .github/workflows/label-issue.yml
View raw YAML
name: Label Issue
on:
issues:
types: [ opened, edited ]
jobs:
label-topic-change-issue:
runs-on: ubuntu-latest
steps:
- name: Add Labels To Issue
uses: actions/github-script@v7
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const issue = context.payload.issue;
const roadmapUrl = issue.body.match(/https?:\/\/roadmap.sh\/[^ ]+/);
// if the issue is labeled as a topic-change, add the roadmap slug as a label
if (issue.labels.some(label => label.name === 'topic-change')) {
if (roadmapUrl) {
const roadmapSlug = new URL(roadmapUrl[0]).pathname.replace(/\//, '');
github.rest.issues.addLabels({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: issue.number,
labels: [roadmapSlug]
});
}
// Close the issue if it has no roadmap URL
if (!roadmapUrl) {
github.rest.issues.update({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: issue.number,
state: 'closed'
});
}
}sync-content-to-repo .github/workflows/sync-content-to-repo.yml
View raw YAML
name: Sync Content to Repo
on:
workflow_dispatch:
inputs:
roadmap_slug:
description: "The ID of the roadmap to sync"
required: true
default: "__default__"
jobs:
sync-content:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup pnpm@v9
uses: pnpm/action-setup@v4
with:
version: 9
run_install: false
- name: Setup Node.js Version 20 (LTS)
uses: actions/setup-node@v4
with:
node-version: 20
cache: 'pnpm'
- name: Install Dependencies and Sync Content
run: |
echo "Installing Dependencies"
pnpm install
echo "Syncing Content to Repo"
npm run sync:content-to-repo -- --roadmap-slug=${{ inputs.roadmap_slug }} --secret=${{ secrets.GH_SYNC_SECRET }}
- name: Check for changes
id: verify-changed-files
run: |
if [ -n "$(git status --porcelain)" ]; then
echo "changed=true" >> $GITHUB_OUTPUT
else
echo "changed=false" >> $GITHUB_OUTPUT
fi
- name: Create PR
if: steps.verify-changed-files.outputs.changed == 'true'
uses: peter-evans/create-pull-request@v7
with:
delete-branch: false
branch: "chore/sync-content-to-repo-${{ inputs.roadmap_slug }}"
base: "master"
labels: |
automated pr
reviewers: jcanalesluna,kamranahmedse
commit-message: "chore: sync content to repo"
title: "chore: sync content to repository - ${{ inputs.roadmap_slug }}"
body: |
## Sync Content to Repo
> [!IMPORTANT]
> This PR Syncs the Content to the Repo for the Roadmap: ${{ inputs.roadmap_slug }}
>
> Commit: ${{ github.sha }}
> Workflow Path: ${{ github.workflow_ref }}
**Please Review the Changes and Merge the PR if everything is fine.**
sync-repo-to-database .github/workflows/sync-repo-to-database.yml
View raw YAML
name: Sync Repo to Database
on:
workflow_dispatch:
inputs:
roadmap_slug:
description: "The slug of the roadmap to sync (e.g., frontend, backend)"
required: true
jobs:
sync-roadmap:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup pnpm@v9
uses: pnpm/action-setup@v4
with:
version: 9
run_install: false
- name: Setup Node.js Version 20 (LTS)
uses: actions/setup-node@v4
with:
node-version: 20
cache: 'pnpm'
- name: Get all roadmap files
id: roadmap-files
run: |
ROADMAP_DIR="src/data/roadmaps/${{ inputs.roadmap_slug }}"
if [ ! -d "$ROADMAP_DIR" ]; then
echo "Error: Roadmap directory '$ROADMAP_DIR' does not exist"
exit 1
fi
echo "Getting all files in $ROADMAP_DIR"
ALL_FILES=$(find "$ROADMAP_DIR" -type f | tr '\n' ',')
echo "Files to sync:"
echo "$ALL_FILES"
echo "files=$ALL_FILES" >> $GITHUB_OUTPUT
- name: Install Dependencies
run: |
echo "Installing Dependencies"
pnpm install
- name: Run sync script
run: |
echo "Running sync script for roadmap: ${{ inputs.roadmap_slug }}"
echo "Files: ${{ steps.roadmap-files.outputs.files }}"
npm run sync:repo-to-database -- --files="${{ steps.roadmap-files.outputs.files }}" --secret=${{ secrets.GH_SYNC_SECRET }}
upgrade-dependencies .github/workflows/upgrade-dependencies.yml
View raw YAML
name: Upgrade Dependencies
on:
workflow_dispatch:
schedule:
- cron: '0 0 * * 0'
jobs:
upgrade-deps:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Node.js Version 20 (LTS)
uses: actions/setup-node@v4
with:
node-version: 20
- name: Setup pnpm@v9
uses: pnpm/action-setup@v4
with:
version: 9
- name: Install & Upgrade Dependencies
run: |
pnpm install
npm run upgrade
pnpm install --lockfile-only
- name: Create Pull Request
uses: peter-evans/create-pull-request@v7
with:
delete-branch: false
branch: "update-deps"
base: "master"
labels: |
dependencies
automated pr
reviewers: kamranahmedse
commit-message: "chore: update dependencies to latest"
title: "Upgrade Dependencies To Latest - Automated"
body: |
## Updated all Dependencies to Latest Versions.
> [!IMPORTANT]
> This PR Upgrades the Dependencies to the their latest versions.
>
> Commit: ${{ github.sha }}
> Workflow Path: ${{ github.workflow_ref }}
**Please Review the Changes and Merge the PR if everything is fine.**