GitHub Actions

This repository provides reusable composite actions for NHS Notify projects.

Available Actions

• Build Docs - Builds Jekyll documentation site
• Check English Usage - Validates writing style using Vale
• Check File Format - Validates file formatting standards
• Check Markdown Format - Checks Markdown files with markdownlint
• Check PR Title Format - Validates PR titles against regex
• Check TODO Usage - Validates TODO comment format
• Create Lines of Code Report - Counts lines of code
• Lint Terraform - Lints and formats Terraform
• Perform Static Analysis - Runs static analysis tools
• Scan Dependencies - Scans for dependency vulnerabilities
• Scan Secrets - Scans Git history for secrets
• Setup - Installs dependencies and runs make config
• Sync Template Repo - Syncs repository template changes
• Trivy - General Trivy security scanner
• Trivy IaC - Scans Terraform IaC with Trivy
• Trivy Package - Scans packages with Trivy

Usage

Reference actions in your workflow files:

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - uses: NHSDigital/nhs-notify-shared-modules/.github/actions/setup@v1.0.0

      - uses: NHSDigital/nhs-notify-shared-modules/.github/actions/scan-secrets@v1.0.0

Replace v1.0.0 with the latest release tag.

---

Table of contents

• Build Docs
• Check English Usage
• Check File Format
• Check Markdown Format
• Check PR Title Format
• Check TODO Usage
• Create Lines of Code Report
• Lint Terraform
• Perform Static Analysis
• Scan Dependencies
• Scan Secrets
• Setup
• Sync Template Repo
• Trivy
• Trivy IaC
• Trivy Package