Skip to content

Add GitHub Actions CI/CD, staging, and production workflows#4

Open
kiro-agent[bot] wants to merge 3 commits intomainfrom
feat/github-actions-cicd
Open

Add GitHub Actions CI/CD, staging, and production workflows#4
kiro-agent[bot] wants to merge 3 commits intomainfrom
feat/github-actions-cicd

Conversation

@kiro-agent
Copy link

@kiro-agent kiro-agent bot commented Mar 21, 2026

This pull request was generated by @kiro-agent 👻

Comment with /kiro fix to address specific feedback or /kiro all to address everything.
Learn about Kiro autonomous agent

Summary

Creates three GitHub Actions workflow files in .github/workflows/:

1. ci.yml - CI Pipeline

  • Triggers on pushes to main and pull requests
  • Runs: flutter pub get, flutter analyze, flutter test, compliance check, flutter build web
  • Includes concurrency control to cancel redundant runs

2. promotion.yml - Staging Deployment

  • Triggers on push to main and manual workflow_dispatch
  • Two-job pipeline: build-and-test, then deploy to staging
  • Uses GitHub staging environment
  • Deploys via CDK (KiroMobile-Staging stack)
  • Writes CDK exports to job summary as a formatted markdown table with emoji indicators for URLs, API keys, buckets, distributions, and ARNs
  • Includes collapsible raw JSON output and artifact upload

3. production.yml - Production Deployment

  • Manual workflow_dispatch only, requires explicit "yes" confirmation and a git ref
  • Three-job pipeline: validate inputs, build-and-test, then deploy
  • Uses GitHub production environment (designed for required reviewers/approval gates)
  • Deploys via CDK (KiroMobile-Production stack)
  • Writes CDK exports to job summary with deployment metadata (ref, actor, timestamp) plus the same formatted exports table
  • Input sanitization via env variables to prevent expression injection

CDK Exports Summary Format

Both deployment workflows parse cdk-outputs.json and render:

  • A markdown table with emoji-classified exports (🔗 URLs, 🔑 API keys, 📦 S3 buckets, 🌐 CloudFront, 🏷️ ARNs)
  • A collapsible <details> block with the raw JSON
  • Graceful handling when no CDK outputs file exists

Notes

  • AWS credentials are configured via OIDC (aws-actions/configure-aws-credentials@v4) - the IAM role ARN and region must be set in GitHub environment secrets
  • CDK deploy steps are placeholders until the CDK app/stack definitions are added to the repo
  • All workflows validated with yamllint (0 errors, 0 warnings)

kiro-agent and others added 3 commits March 21, 2026 18:23
@kiro-agent @Lock128
feat: add GitHub Actions CI/CD workflows for CI, staging, and production
64bece8 
Create three workflow files:
- ci.yml: CI pipeline on PRs and pushes to main (analyze, test, compliance)
- promotion.yml: Staging deployment with CDK deploy and outputs summary
- production.yml: Production deployment with manual dispatch, confirmation
  gate, environment protection, and CDK outputs summary

All workflows use subosito/flutter-action@v2, pin actions to major versions,
include compliance checks, and CDK output steps parse cdk-outputs.json into
formatted markdown tables in GITHUB_STEP_SUMMARY with emoji indicators.

Co-authored-by: Johannes Koch <github@lockhead.net>
@kiro-agent @Lock128
chore: mark FEAT-001 as completed
340dddc 
Co-authored-by: Johannes Koch <github@lockhead.net>
@kiro-agent @Lock128
chore: mark CI/CD task as completed
25a5399 
Co-authored-by: Johannes Koch <github@lockhead.net>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kiro-agent