adobe · solaris007 · Mar 19, 2026 · Mar 19, 2026
diff --git a/.github/actions/configure-aws/action.yaml b/.github/actions/configure-aws/action.yaml
diff --git a/.github/actions/lint-test-coverage/action.yaml b/.github/actions/lint-test-coverage/action.yaml
diff --git a/.github/actions/protect-nyc-config/action.yaml b/.github/actions/protect-nyc-config/action.yaml
diff --git a/.github/actions/setup-node-npm/action.yaml b/.github/actions/setup-node-npm/action.yaml
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -1,200 +1,19 @@
-name: Build
+name: CI
 
 permissions:
   id-token: write
   contents: write
   issues: read
+  pull-requests: read
 
 on:
   push:
   pull_request:
     types: [opened, synchronize, ready_for_review, reopened]
 
-env:
-  CI_BUILD_NUM: ${{ github.run_id }}
-  CI_BRANCH: ${{ github.ref_name }}
-  HLX_AWS_REGION: ${{ secrets.AWS_REGION }}
 jobs:
-  protect-nyc-config:
-    if: github.event_name == 'pull_request'
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      pull-requests: read
-    steps:
-      - name: Check out
-        uses: actions/checkout@v6
-        with:
-          persist-credentials: 'false'
-
-      - name: Protect NYC config
-        uses: ./.github/actions/protect-nyc-config
-
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check out
-        uses: actions/checkout@v6
-        with:
-          persist-credentials: 'false'
-      - name: Setup Node & NPM
-        uses: ./.github/actions/setup-node-npm
-        env:
-          MYSTICAT_DATA_SERVICE_REPO_READ_TOKEN: ${{ secrets.MYSTICAT_DATA_SERVICE_REPO_READ_TOKEN }}
-
-      - name: Lint, Test, Coverage Upload
-        uses: ./.github/actions/lint-test-coverage
-        with:
-          upload_coverage: "true"
-          codecov_token: ${{ secrets.CODECOV_TOKEN }}
-
-      - name: Semantic Release (Dry Run)
-        if: github.event_name == 'push' && github.ref != 'refs/heads/main'
-        run: npm run semantic-release-dry
-        env:
-          GITHUB_TOKEN: ${{ secrets.ADOBE_BOT_GITHUB_TOKEN }}
-          NPM_TOKEN: ${{ secrets.ADOBE_BOT_NPM_TOKEN }}
-
-      - name: Print npm debug log if build fails
-        if: failure()
-        run: |
-          if [ -f /home/runner/.npm/_logs/*.log ]; then
-            echo "==== NPM DEBUG LOG ===="
-            find /home/runner/.npm/_logs -name '*.log' -exec cat {} \;
-            echo "==== END NPM DEBUG LOG ===="
-          else
-            echo "No npm debug log found."
-          fi
-
-      - name: Clean npm cache
-        run: npm cache clean --force
-
-      - name: Create empty cache directory
-        run: mkdir -p /tmp/empty-cache
-
-      - name: Install dependencies
-        run: npm ci --cache /tmp/empty-cache
-
-  semantic-release:
-    runs-on: ubuntu-latest
-    needs: build
-    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
-    steps:
-      - name: Check out
-        uses: actions/checkout@v6
-        with:
-          persist-credentials: 'false'
-
-      - name: Configure Environment
-        run: echo -e "LOG_LEVEL=info\n" > .env
-
-      - name: Setup Node & NPM
-        uses: ./.github/actions/setup-node-npm
-        env:
-          MYSTICAT_DATA_SERVICE_REPO_READ_TOKEN: ${{ secrets.MYSTICAT_DATA_SERVICE_REPO_READ_TOKEN }}
-
-      - name: Configure AWS
-        uses: ./.github/actions/configure-aws
-        with:
-          aws_role_to_assume: 'arn:aws:iam::${{secrets.AWS_ACCOUNT_ID_PROD}}:role/spacecat-role-github-actions'
-
-      - name: Semantic Release
-        run: npm run semantic-release
-        env:
-          GITHUB_TOKEN: ${{ secrets.ADOBE_BOT_GITHUB_TOKEN }}
-          NPM_TOKEN: ${{ secrets.ADOBE_BOT_NPM_TOKEN }}
-          AWS_REGION: us-east-1
-          AWS_ACCOUNT_ID: ${{secrets.AWS_ACCOUNT_ID_PROD}}
-
-  deploy-stage:
-    runs-on: ubuntu-latest
-    needs: build
-    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
-    steps:
-      - name: Check out
-        uses: actions/checkout@v6
-        with:
-          persist-credentials: 'false'
-
-      - name: Setup Node & NPM
-        uses: ./.github/actions/setup-node-npm
-        env:
-          MYSTICAT_DATA_SERVICE_REPO_READ_TOKEN: ${{ secrets.MYSTICAT_DATA_SERVICE_REPO_READ_TOKEN }}
-
-      - name: Configure AWS for STAGE
-        uses: ./.github/actions/configure-aws
-        with:
-          aws_role_to_assume: 'arn:aws:iam::${{secrets.AWS_ACCOUNT_ID_STAGE}}:role/spacecat-role-github-actions'
-
-      - name: Branch Deployment
-        run: npm run deploy-stage
-        env:
-          AWS_REGION: us-east-1
-          AWS_ACCOUNT_ID: ${{secrets.AWS_ACCOUNT_ID_STAGE}}
-
-  upload-build-artifacts:
-    runs-on: ubuntu-latest
-    needs: build
-    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
-    steps:
-      - name: Check out
-        uses: actions/checkout@v6
-        with:
-          persist-credentials: 'false'
-
-      - name: Setup Node & NPM
-        uses: ./.github/actions/setup-node-npm
-        env:
-          MYSTICAT_DATA_SERVICE_REPO_READ_TOKEN: ${{ secrets.MYSTICAT_DATA_SERVICE_REPO_READ_TOKEN }}
-
-      - name: Configure AWS for DEV
-        uses: ./.github/actions/configure-aws
-        with:
-          aws_role_to_assume: 'arn:aws:iam::${{secrets.AWS_ACCOUNT_ID_DEV}}:role/spacecat-role-github-actions'
-
-      - name: Create Build Artifacts
-        run: npm run build
-        env:
-          AWS_REGION: us-east-1
-          AWS_ACCOUNT_ID: ${{secrets.AWS_ACCOUNT_ID_DEV}}
-
-      - name: Copy Build Artifact
-        run: cp dist/spacecat-services/task-processor@*.zip spacecat-services--task-processor-latest.zip
-        env:
-          AWS_REGION: us-east-1
-          AWS_ACCOUNT_ID: ${{secrets.AWS_ACCOUNT_ID_DEV}}
-
-      - name: Upload Build Artifact
-        run: aws s3 cp spacecat-services--task-processor-latest.zip s3://spacecat-artifacts-dev/spacecat-services--task-processor-latest.zip
-        env:
-          AWS_REGION: us-east-1
-          AWS_ACCOUNT_ID: ${{secrets.AWS_ACCOUNT_ID_DEV}}
-
-  branch-deploy:
-    runs-on: ubuntu-latest
-    needs: build
-    if: github.event_name == 'push' && github.ref != 'refs/heads/main'
-    steps:
-      - name: Check out
-        uses: actions/checkout@v6
-        with:
-          persist-credentials: 'false'
-
-      - name: Setup Node & NPM
-        uses: ./.github/actions/setup-node-npm
-        env:
-          MYSTICAT_DATA_SERVICE_REPO_READ_TOKEN: ${{ secrets.MYSTICAT_DATA_SERVICE_REPO_READ_TOKEN }}
-
-      - name: Configure AWS
-        uses: ./.github/actions/configure-aws
-        with:
-          aws_role_to_assume: 'arn:aws:iam::${{secrets.AWS_ACCOUNT_ID_DEV}}:role/spacecat-role-github-actions'
-
-      - name: Branch Deployment
-        run: npm run deploy-dev
-        env:
-          AWS_REGION: us-east-1
-          AWS_ACCOUNT_ID: ${{secrets.AWS_ACCOUNT_ID_DEV}}
-
-      - name: Post-Deployment Integration Test
-        run: npm run test-postdeploy
+  ci:
+    uses: adobe/mysticat-ci/.github/workflows/service-ci.yaml@v1
+    with:
+      service-name: task-processor
+    secrets: inherit