All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
1.3.0 - 2026-02-02
- deploy action: Wait for ready feature
- Wait for deployment to be reachable before continuing
- New inputs:
wait-for-ready,health-endpoint,wait-timeout,wait-interval - Polls deployment URL until HTTP 2xx/3xx or timeout
- PR comment only appears after deployment is healthy (when combined with
comment-on-pr)
- deploy action: QR code in PR comment
- New input:
qr-code(default:false) - QR code for easy mobile testing of preview deployments
- Generated locally using
qrencode(no external API calls, privacy-friendly)
- New input:
.editorconfigfor consistent editor formatting.github/dependabot.ymlfor automated GitHub Actions updates.gitignorefor local settings and Claude plans.claude/configuration for AI assistant (coding rules, skills, workflow)
.pre-commit-config.yaml: require minimum version 4.5.0CONTRIBUTING.md: simplify setup withuvinstead ofpiprelease.yml: verify CHANGELOG entry exists, rollback tag on failure- deploy and cleanup actions:
github-tokennow defaults togithub.token- No longer necessary to explicitly pass
github-token: ${{ secrets.GITHUB_TOKEN }} - Only needed when using a custom PAT for cross-repository operations
- No longer necessary to explicitly pass
- Bump
actions/checkoutfrom v4 to v6
- Added justfile for common development tasks
- Added pre-commit.ci configuration (weekly autoupdates, skip duplicates with CI)
1.2.0 - 2026-01-22
- cleanup action: PR comment update feature
- Update the deploy PR comment to show cleanup status when PR is closed
- New inputs:
update-pr-comment,comment-header - New output:
pr-comment-updated
1.1.0 - 2026-01-22
-
deploy action: PR commenting feature
- Automatically post/update a comment on PRs with the deployment URL
- New inputs:
comment-on-pr,github-token,comment-header - Upsert behavior: updates existing comment instead of creating duplicates
-
cleanup action: PR comment delete feature
- Delete the deploy PR comment when PR is closed (default: enabled)
- New inputs:
delete-pr-comment,comment-header - New output:
pr-comment-deleted
-
CI/CD pipeline with ShellCheck, actionlint, and yamllint
-
Branch protection and governance files (CODEOWNERS, issue templates, PR template)
-
CONTRIBUTING.md with development guidelines
-
SECURITY.md with security policy
-
Pre-commit hooks configuration
- deploy and cleanup actions:
github-tokennow defaults togithub.token- No longer necessary to explicitly pass
github-token: ${{ secrets.GITHUB_TOKEN }} - Only needed when using a custom PAT for cross-repository operations
- No longer necessary to explicitly pass
- BREAKING
cleanupaction:update-pr-commentinput (usedelete-pr-commentinstead) - BREAKING
cleanupaction:pr-comment-updatedoutput (usepr-comment-deletedinstead)
- Added justfile for common development tasks
- Added pre-commit.ci configuration (weekly autoupdates, skip duplicates with CI)
- ShellCheck warnings: properly quoted GITHUB_OUTPUT
- Actionlint configuration to only lint workflow files
1.0.0 - 2026-01-22
- Initial release of ZAD Actions
- deploy action: Deploy container images to ZAD Operations Manager
- Support for cloning configuration from existing deployments
force-cloneparameter to re-clone even if deployment exists- Input validation for security (alphanumeric, hyphens, underscores, dots only)
- 60-second curl timeout to prevent hanging
- cleanup action: Remove ZAD deployments and GitHub resources
- Delete ZAD deployments via Operations Manager API
- Delete GitHub deployments (mark inactive, then delete)
- Delete GitHub environments (requires admin token)
- Delete container images from GHCR
- Best-effort cleanup (continues even if individual steps fail)
- Comprehensive documentation with examples
- EUPL-1.2 license
- Input validation before logging to prevent injection attacks
- Secure handling of API keys via environment variables
- Dangerous character detection for container inputs