This repository contains reusable GitHub Actions for deploying and managing single applications to Cloudflare Workers.
deploy-app: Deploy a single app to Cloudflare Workerslighthouse: Run Lighthouse performance tests on deployed appsci-checks: Run TypeScript checks, linting, and security scansupsert-preview-comment: Create or update PR preview comments
pr-preview.yml: PR preview deployments with CI checksdeploy-dev.yml: Automatic deployment to dev on push to maindeploy-production.yml: Automatic deployment to production on releasesrollback.yml: Manual rollback workflow
Copy the workflow files from apps-v3/workflows/ to your repository's .github/workflows/ directory:
# Copy all workflows
cp apps-v3/workflows/*.yml /path/to/your-repo/.github/workflows/
# Or copy specific workflows
cp apps-v3/workflows/pr-preview.yml /path/to/your-repo/.github/workflows/
cp apps-v3/workflows/deploy-dev.yml /path/to/your-repo/.github/workflows/
cp apps-v3/workflows/deploy-production.yml /path/to/your-repo/.github/workflows/
cp apps-v3/workflows/rollback.yml /path/to/your-repo/.github/workflows/In each workflow file, update the app-name parameter to match your app:
- name: Deploy to Preview
uses: centrifuge/github-actions-lib/apps-v3/actions/deploy-app@main
with:
environment: dev
build-mode: testnet
app-name: 'your-app-name' # Update thisSet these secrets in your repository:
CLOUDFLARE_API_TOKEN: Cloudflare API token with Workers permissionsCLOUDFLARE_ACCOUNT_ID: Your Cloudflare account ID
Your app should have:
package.jsonwith abuildscriptwrangler.tomlconfigured for your environmentspnpmas package manager (pnpm-lock.yaml)
- Triggers: Pull request events
- Actions:
- Runs CI checks (TypeScript, linting, security)
- Deploys to dev environment
- Runs Lighthouse performance tests
- Creates/updates PR preview comment
- Triggers: Push to main branch
- Actions:
- Runs CI checks
- Deploys to dev environment
- Runs Lighthouse performance tests
- Triggers: GitHub releases
- Actions:
- Downloads build artifacts from the release
- Deploys to production (released) or staging (prereleased)
- Triggers: Manual workflow dispatch
- Actions:
- Downloads build artifacts from specified release
- Deploys to specified environment using
deploy-appwithrelease-tag
- Uses
wrangler deploy --env dev - Builds with
--mode testnet
- Uses
wrangler versions upload --env prod --preview-alias staging - Builds with
--mode mainnet - Creates a preview deployment
- Uses
wrangler deploy --env prod - Builds with
--mode mainnet - Deploys to production domain
You can also use these actions directly in your own workflows:
- name: Deploy to Dev
uses: centrifuge/github-actions-lib/apps-v3/actions/deploy-app@main
with:
environment: dev
build-mode: testnet
- name: Lighthouse Performance Test
uses: centrifuge/github-actions-lib/apps-v3/actions/lighthouse@main
with:
url: ${{ steps.deploy.outputs.deployment-url }}
app-name: 'my-app'- Centralized: All deployment logic in one place
- Consistent: Same deployment process across all apps
- Maintainable: Changes to deployment logic only need to be made once
- Minimal: Consuming repositories only need thin workflow files
- Automatic: Full CI/CD pipeline with PR previews and production releases
- Missing wrangler.toml: Action will skip deployment and show a warning
- Build failures: Check your package.json build script
- Deployment failures: Verify Cloudflare secrets and permissions
- Smoke test failures: Check if your app is responding on the deployed URL
Add ACTIONS_STEP_DEBUG: true to your repository secrets to enable debug logging.