Verified, reusable, observable pipelines

Pipery - Vendor-neutral CI/CD pipelines

Define your pipelines once. Run them across platforms.#

Pipery is a vendor-neutral CI/CD standardization layer for reusable delivery workflows. Start with GitHub Actions, run the same delivery logic on GitLab CI or Bitbucket Pipelines, and keep your pipelines portable as your platform changes.

Browse Pipelines Get Started

Watch Pipery in action

See how Pipery turns reusable GitHub Actions, GitLab CI, and Bitbucket Pipelines workflows, structured psh logs, and replayable pipery.jsonl output into a clearer CI/CD workflow.

The Problem

CI/CD pipelines should not be this hard.

Every team ends up rebuilding the same pipelines: copy-pasted YAML, slow and flaky builds, security risks from untrusted workflows, vendor-specific delivery logic, and almost no visibility into what is actually going wrong.

You do not need another CI tool. You need portable delivery logic.

Copy-pasted YAML across repositories
Pipeline logic tied to one CI vendor
Slow, flaky builds
Security risks from untrusted workflows
No visibility into performance or failures

Meet Pipery

Pipery lets teams define CI/CD once and run it across platforms like GitHub Actions, GitLab CI, and Bitbucket Pipelines.

It provides production-grade, reusable CI/CD pipelines that are standardized, versioned, secure, observable, and designed to reduce CI/CD vendor lock-in.

What you get

Standardized

Consistent pipelines across repos, teams, and CI platforms.

Versioned

Stable releases with predictable upgrades.

Secure

Reviewed and maintained to reduce workflow risk.

Portable

Move delivery logic across vendors without starting from blank YAML.

What teams see

verified

60%

less YAML per repo

Measured across migrated repos.

verified

3.4×

faster average build

Better defaults, cached layers.

verified

100%

reviewed pipelines

Every release is code-reviewed.

verified

v1.1.0

latest action release

Semver, with predictable upgrades.

Latest release: v1.1.0

The current Pipery action release is v1.1.0 across the supported CI and CD action catalog. This release focuses on portability, release safety, and GitOps handoff: Go and C/C++ actions support cross-platform compilation, action scenario tests run before release, and the ArgoCD CD action can validate Helm charts before publishing deployment updates.

Pinned action versions

Use exact v1.1.0 tags in GitHub Actions, GitLab CI includes, and Bitbucket shared pipeline imports when you want fully reproducible adoption.

Cross-platform builds

Go and C/C++ CI can build release artifacts for Linux amd64, Linux arm64, Windows amd64, and Darwin amd64 targets.

Release-tested actions

Each action repository keeps runnable test projects and scenario coverage so workflow changes are tested before a new release is published.

GitOps deployment updates

pipery-argocd-cd@v1.1.0 can validate Helm dependencies, lint charts, render templates, and publish values-driven ArgoCD updates.

Read v1.1.0 Notes Browse v1.1.0 Catalog

Vendor-neutral by design

Your delivery logic should not be trapped inside one CI vendor.

Pipery is moving CI/CD from provider-specific workflow files toward reusable delivery standards. Use the same Pipery pipeline family from GitHub Actions, GitLab CI, or Bitbucket Pipelines today, and keep a path open for future platforms like CircleCI, Jenkins, and Azure DevOps.

Define once

Standardize the build, scan, package, release, and deploy flow as Pipery pipeline logic instead of rewriting it per repository.

Run across platforms

Generate GitHub Actions workflows, GitLab CI YAML, or Bitbucket Pipelines YAML from the same catalog of CI and CD building blocks.

Switch with less rewrite

When teams move between GitHub, GitLab, or future providers, the delivery model stays familiar.

Keep observability

psh and pipery.jsonl give every supported backend the same structured debugging trail.

Release and deploy bots for GitHub

Pipery also includes GitHub App services for the parts of delivery that should be deliberate: creating release branches, tagging releases, and scheduling one-time deploys with a clear audit trail.

pipery-release-bot

Create configured release/* branches through a GitHub App, optionally tag them, and publish GitHub Releases from markdown release notes stored in the repository.

pipery-deploy-bot

Schedule a one-time deploy from a workflow, trigger the selected GitHub Actions job at the requested time, and track attempts in Postgres with a dashboard.

Dex and ArgoCD handoff

Bots validate Dex-issued tokens, ship Helm charts, and publish ArgoCD Application updates into the private pipery-argocd repository on every release.

Release Bot Docs Deploy Bot Docs

How it works

From YAML chaos to clean pipelines.

Replace hundreds of lines of brittle vendor-specific workflow logic with a single, trusted pipeline. Pick a platform to see the before and after.

GitHub Actions GitLab CI Bitbucket Cloud View on GitHub View on GitLab View on Bitbucket

Before · 62 lines

Before · GitHub Actionsname: Node CI/CD

on:
  push:
    branches: [main]
  pull_request:

permissions:
  contents: read
  id-token: write

env:
  REGISTRY: europe-west1-docker.pkg.dev
  IMAGE_NAME: pipery/api

jobs:
  ci:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-node@v4
        with:
          node-version: 20
          cache: npm

      - run: npm ci
      - run: npm run lint
      - run: npm test -- --ci
      - run: npm run build

      - uses: google-github-actions/auth@v2
        with:
          workload_identity_provider: ${{ secrets.GCP_WIF_PROVIDER }}
          service_account: ${{ secrets.GCP_CI_SA }}

      - uses: docker/setup-buildx-action@v3

      - run: gcloud auth configure-docker europe-west1-docker.pkg.dev

      - run: |
          docker build -t $REGISTRY/$IMAGE_NAME:${GITHUB_SHA} .
          docker push $REGISTRY/$IMAGE_NAME:${GITHUB_SHA}

  deploy:
    needs: ci
    runs-on: ubuntu-latest
    if: github.ref == 'refs/heads/main'
    steps:
      - uses: actions/checkout@v4

      - uses: google-github-actions/auth@v2
        with:
          workload_identity_provider: ${{ secrets.GCP_WIF_PROVIDER }}
          service_account: ${{ secrets.GCP_DEPLOY_SA }}

      - uses: google-github-actions/get-gke-credentials@v2
        with:
          cluster_name: prod-cluster
          location: europe-west1
          project_id: acme-platform-prod

      - run: |
          kubectl set image deployment/api \
            api=$REGISTRY/$IMAGE_NAME:${GITHUB_SHA} \
            --namespace production
          kubectl rollout status deployment/api --namespace production

After · 21 lines

Aftername: Node CI/CD

on:
  push:
    branches: [main]
  pull_request:

permissions:
  contents: write
  id-token: write
  packages: write

jobs:
  ci:
    uses: pipery-dev/npm-ci@v1.1.0
    with:
      node_version: 20
      package_manager: npm
      run_lint: true
      run_tests: true
      build_command: npm run build
      publish: true
    secrets: inherit

  deploy:
    needs: ci
    if: github.ref == 'refs/heads/main'
    uses: pipery-dev/cloudrun-cd@v1.1.0
    with:
      image_name: api
      region: europe-west1
      project_id: acme-platform-prod
    secrets: inherit

Before · vendor YAML

Before · GitLab CIstages:
  - test
  - build
  - deploy

variables:
  IMAGE_NAME: pipery/api
  REGISTRY: registry.gitlab.com/acme/platform

npm_test:
  stage: test
  image: node:20
  script:
    - npm ci
    - npm run lint
    - npm test -- --ci
    - npm run build

docker_build:
  stage: build
  image: docker:27
  services:
    - docker:27-dind
  script:
    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
    - docker build -t "$REGISTRY/$IMAGE_NAME:$CI_COMMIT_SHA" .
    - docker push "$REGISTRY/$IMAGE_NAME:$CI_COMMIT_SHA"

deploy:
  stage: deploy
  image: google/cloud-sdk:slim
  rules:
    - if: '$CI_COMMIT_BRANCH == "main"'
  script:
    - gcloud auth activate-service-account --key-file "$GCP_SERVICE_ACCOUNT_KEY"
    - kubectl set image deployment/api api="$REGISTRY/$IMAGE_NAME:$CI_COMMIT_SHA" --namespace production
    - kubectl rollout status deployment/api --namespace production

After · Pipery templates

After · GitLab CIinclude:
  - project: pipery-dev/npm-ci
    ref: v1.1.0
    file: /.gitlab-ci.yml
  - project: pipery-dev/cloudrun-cd
    ref: v1.1.0
    file: /.gitlab-ci.yml

stages:
  - ci
  - cd

variables:
  PIPERY_PROJECT_PATH: .
  PIPERY_NODE_VERSION: "20"
  PIPERY_RUN_LINT: "true"
  PIPERY_RUN_TESTS: "true"
  PIPERY_BUILD_COMMAND: npm run build
  PIPERY_IMAGE_NAME: api
  PIPERY_REGION: europe-west1
  PIPERY_PROJECT_ID: acme-platform-prod

pipery_npm_ci:
  stage: ci
  extends: .pipery_npm_ci

pipery_cloudrun_cd:
  stage: cd
  extends: .pipery_cloudrun_cd
  needs:
    - pipery_npm_ci
  rules:
    - if: '$CI_COMMIT_BRANCH == "main"'

Before · vendor YAML

Before · Bitbucket Pipelinesimage: node:20

definitions:
  services:
    docker:
      memory: 2048

pipelines:
  branches:
    main:
      - step:
          name: Test and build
          caches:
            - node
          script:
            - npm ci
            - npm run lint
            - npm test -- --ci
            - npm run build
      - step:
          name: Build image
          services:
            - docker
          script:
            - docker login -u "$REGISTRY_USER" -p "$REGISTRY_PASSWORD" "$REGISTRY"
            - docker build -t "$REGISTRY/pipery/api:$BITBUCKET_COMMIT" .
            - docker push "$REGISTRY/pipery/api:$BITBUCKET_COMMIT"
      - step:
          name: Deploy
          deployment: production
          script:
            - gcloud auth activate-service-account --key-file "$GCP_SERVICE_ACCOUNT_KEY"
            - kubectl set image deployment/api api="$REGISTRY/pipery/api:$BITBUCKET_COMMIT" --namespace production
            - kubectl rollout status deployment/api --namespace production

After · Pipery pipeline

After · Bitbucket Pipelines# Pipery shared pipeline repository in the same Bitbucket workspace:
# https://bitbucket.org/pipery-dev/npm-ci/
export: true

definitions:
  pipelines:
    pipery-npm-to-cloudrun:
      - step:
          name: Setup npm Environment
          image: node:20-alpine
          caches:
            - node
          script:
            - cd ${PROJECT_PATH:-.}
            - npm ci
      - parallel:
          - step:
              name: SAST Security Scan
              image: python:3.11-alpine
              script:
                - pip install --quiet pipery-tooling
                - pipery-tooling sast --project-path ${PROJECT_PATH:-.} --log-file ${LOG_FILE:-pipery.jsonl}
          - step:
              name: SCA Security Scan
              image: python:3.11-alpine
              script:
                - pip install --quiet pipery-tooling
                - pipery-tooling sca --project-path ${PROJECT_PATH:-.} --log-file ${LOG_FILE:-pipery.jsonl}
      - step:
          name: Build Application
          image: node:20-alpine
          script:
            - cd ${PROJECT_PATH:-.}
            - npm run build
      - step:
          name: Deploy to Cloud Run
          image: google/cloud-sdk:alpine
          script:
            - pipery-cloudrun deploy
      - step:
          name: Publish Pipery Logs
          script:
            - test -f ${LOG_FILE:-pipery.jsonl} && tail -n 20 ${LOG_FILE:-pipery.jsonl} || true

---
# Application repository:
# bitbucket-pipelines.yml
definitions:
  imports:
    pipery-npm-ci: pipery-dev/npm-ci:v1.1.0
    pipery-cloudrun-cd: pipery-dev/cloudrun-cd:v1.1.0:.bitbucket/shared-pipelines.yml

pipelines:
  branches:
    main:
      import: pipery-npm-ci@pipery-npm-ci

  custom:
    deploy-cloudrun:
      import: pipery-cloudrun-cd@pipery-cloudrun-cd

Observe and replay every step

Pipery workflows run task scripts through psh, the Pipery Shell. Instead of asking every pipeline author to hand-write logging, psh observes each command as it runs and writes structured events to pipery.jsonl.

Timing and runtime context

Each logged command carries timing, working directory, runner context, environment details, arguments, exit status, and captured output.

Structured pipeline history

pipery.jsonl is line-delimited JSON, so it can be uploaded as a workflow artifact, searched in the dashboard, or inspected locally with ordinary CLI tools.

Replay for debugging

Because the log records what ran and how it ran, Pipery can replay the captured execution path so a developer can reproduce a failing step with the same command shape.

Replayable execution log

pipery.jsonl{"timestamp":"2026-04-29T10:21:18.492351Z","started_at":"2026-04-29T10:21:15.083104Z","finished_at":"2026-04-29T10:21:18.492351Z","duration":"3.409247s","duration_ms":3409,"system_cpu_cores":4,"system_memory_bytes":17179869184,"process_user_cpu_ms":812,"process_system_cpu_ms":143,"process_max_rss_bytes":73400320,"mode":"shell","builtin":false,"command":"/bin/bash","args":["-lc","docker build -t ghcr.io/acme/api:sha-abc123 ."],"raw_command":"docker build -t ghcr.io/acme/api:sha-abc123 .","before_cwd":"/github/workspace","cwd":"/github/workspace","before_env":["GITHUB_ACTIONS=true","RUNNER_OS=Linux"],"env":["GITHUB_ACTIONS=true","RUNNER_OS=Linux"],"stdin":"","stdout":"Successfully built image\\n","stderr":"","exit_code":0,"pid":12842}
{"timestamp":"2026-04-29T10:22:07.819604Z","started_at":"2026-04-29T10:22:04.112008Z","finished_at":"2026-04-29T10:22:07.819604Z","duration":"3.707596s","duration_ms":3707,"system_cpu_cores":4,"system_memory_bytes":17179869184,"process_user_cpu_ms":1204,"process_system_cpu_ms":196,"process_max_rss_bytes":104857600,"mode":"shell","builtin":false,"command":"/bin/bash","args":["-lc","npm test -- --ci"],"raw_command":"npm test -- --ci","before_cwd":"/github/workspace","cwd":"/github/workspace","before_env":["GITHUB_ACTIONS=true","RUNNER_OS=Linux"],"env":["GITHUB_ACTIONS=true","RUNNER_OS=Linux"],"stdin":"","stdout":"","stderr":"1 failing test\\n","exit_code":1,"pid":12911}

Pipery Dashboard

Pipery Dashboard turns raw pipeline logs into a searchable debugging workspace. Open a workflow run, inspect the pipery.jsonl timeline, and move from “the build failed” to the exact command, output, timing, and context that explain why.

Open Dashboard View Source

Find the run that matters

Browse recent workflow runs and open their Pipery logs without digging through downloaded artifacts by hand.

Search command history

Filter entries by command, output, status, timing, or environment context so the noisy parts of CI stay out of the way.

Keep useful logs close

Reopen recent logs for offline review, compare what changed between runs, and share a clearer failure story with the team.

Logs you open stay available for quick follow-up, even when you need to revisit a failure after the build page has gone cold.

Teams can inspect the same private workflow runs they already have access to, without copying logs into a separate system.

Use the dashboard for visual inspection, or the CLI when you want the same log-browsing flow from a terminal.

Features

Everything your pipelines were missing.

Reusable building blocks

Use the same proven pipelines across repositories and CI providers.

Secure by default

Reduce exposure to risky third-party actions and fragile workflow logic.

Versioned and stable

Pin versions, manage upgrades cleanly, and avoid breaking changes.

Built-in observability

Track runtime, failures, and trends across your pipelines.

Optimized performance

Ship with faster builds, better defaults, and less CI waste.

Multi-platform support

GitHub Actions, GitLab CI, and Bitbucket Pipelines are supported now, with more CI ecosystems on the roadmap.

Pipeline catalog

Start with the essentials.

CI Actions

Docker CI: lint (hadolint) → SAST → SCA → build → test → version → push to registry. pipery-dev/docker-ci@v1.1.0

Go CI: SAST → SCA → lint (golangci-lint) → build → test → version → cross-compile → GitHub release. pipery-dev/golang-ci@v1.1.0

npm/Node.js CI: SAST → SCA → lint (ESLint) → build → test → version → npm publish. pipery-dev/npm-ci@v1.1.0

Python CI: SAST → SCA → lint (ruff) → build → test → version → PyPI publish. pipery-dev/python-ci@v1.1.0

Java CI: SAST → SCA → lint (Checkstyle) → build → test → version → package → GitHub release. Supports Maven, Gradle, Ant, and Groovy. pipery-dev/java-ci@v1.1.0

Kotlin CI: SAST → SCA → lint → Gradle/Maven build → test → package. Supports JVM, Android, and Multiplatform projects. pipery-dev/pipery-kotlin-ci@main

Android CI: SAST → SCA → lint → assemble → test → package APK/AAB artifacts. pipery-dev/pipery-android-ci@main

Swift CI: SwiftLint → SwiftPM build → test → package → release-ready artifacts. pipery-dev/pipery-swift-ci@main

iOS CI: SwiftLint → xcodebuild build → test → archive → export IPA artifacts. pipery-dev/pipery-ios-ci@main

C/C++ CI: SAST → SCA → lint (clang-tidy/cppcheck) → build (CMake/Make/Meson) → test → version → package → GitHub release. pipery-dev/cpp-ci@v1.1.0

Rust CI: SAST → SCA → lint (clippy) → build → test → version → cargo package → GitHub release. pipery-dev/rust-ci@v1.1.0

Terraform CI: SAST (tfsec) → SCA → lint (tflint) → validate → plan → version → release. pipery-dev/terraform-ci@v1.1.0

CD Actions

ArgoCD CD: update image tag & values → ArgoCD sync → wait for Argo Rollout. GitOps-native deployment. pipery-dev/argocd-cd@v1.1.0

Helm CD: update chart values → helm upgrade → wait for rollout. Deploy any workload via Helm. pipery-dev/helm-cd@v1.1.0

Cloud Run CD: push image → gcloud run deploy → manage traffic migration and health checks. Deploy to Google Cloud Run. pipery-dev/cloudrun-cd@v1.1.0

Google Play CD: upload Android APK/AAB artifacts with Fastlane supply or Gradle Play Publisher. pipery-dev/pipery-googleplay-cd@main

App Store CD: upload iOS IPA artifacts to App Store Connect with Fastlane pilot or xcrun altool. pipery-dev/pipery-appstore-cd@main

Ansible CD: clone playbook repo, install pip requirements, run playbook → status check. Deploy to VMs or bare metal. pipery-dev/ansible-cd@v1.1.0

Docker CD: docker-compose up or docker swarm deploy → health check. Deploy containerized workloads directly. pipery-dev/docker-cd@v1.1.0

Terraform CD: terraform plan → terraform apply → state management and drift detection. Infrastructure as code deployment. pipery-dev/terraform-cd@v1.1.0

Start with a guide

If you want a faster path than reading every README, start with one of these action-specific guides. Each one shows the workflow shape, the inputs that matter first, and where Pipery observability helps when a run fails.

Use GitLab mirror repositories, remote includes, protected variables, and pipery.jsonl artifacts.

Adopt Bitbucket Pipelines with shared imports, repository variables, artifacts, and dashboard links.

Review the mirror, template, skip flag, artifact, and dashboard changes across Pipery pipelines.

See the latest action versions, cross-platform build work, ArgoCD chart publishing, and release-test coverage.

Configure one Dex issuer for bots while dashboard and workflow-gen keep provider OAuth tokens for API work.

Use pipery-deploy-bot when a deployment has a fixed release window but should not be a recurring cron.

Set up a reusable Node.js pipeline for scanning, linting, testing, packaging, and npm release.

Adopt a Python pipeline covering Bandit, Ruff, pytest, packaging, and PyPI release.

Standardize container build, scan, smoke test, tag, and registry push workflows.

Add validation and plan checks to infrastructure repos without rebuilding the workflow by hand.

Ship a built image to Cloud Run with reusable deploy, traffic migration, and status checks.

Built for real-world teams

Built for teams tired of rewriting pipelines every time repositories, standards, or vendors change.

Pipery is designed for startups and platform teams that want faster, safer, and more maintainable CI/CD without rebuilding the same workflows over and over again. It gives platform engineering teams a practical delivery portability layer today, without requiring a heavy custom DSL before the value is obvious.

Get started

Stop maintaining vendor-specific pipelines.

Start shipping faster with Pipery.

Get started for free Contact us

Recent Posts

June 12, 2026 Pipery

Reading pipery.jsonl logs with psh

How the #!/usr/bin/env psh shebang turns every command in a pipery step script into a structured pipery.jsonl entry, and how to read that log with jq.

May 23, 2026 Pipery

Pipery actions v1.1.0: exact pins, tested scenarios, and GitOps handoff

What changed in Pipery actions v1.1.0, including exact version pins, cross-platform builds, action scenario tests, and ArgoCD chart publishing.

May 23, 2026 Pipery

Scheduling one-time deploys with pipery-deploy-bot

How pipery-deploy-bot schedules a single deployment at a fixed time without turning it into a recurring cron job.

May 23, 2026 Pipery

Using Dex as the Pipery auth issuer

How Pipery uses Dex for shared identity while dashboard and workflow generation still keep provider OAuth tokens for repository API access.

May 15, 2026 Pipery

New cross-platform features in Pipery

A practical overview of Pipery mirror repositories, GitLab CI templates, Bitbucket Pipelines support, shared skip flags, artifacts, and dashboard links.

May 15, 2026 Pipery

Running Pipery on Bitbucket Pipelines

Adopt Pipery on Bitbucket Pipelines with shared pipeline imports, repository variables, artifacts, and dashboard links.

May 15, 2026 Pipery

Running Pipery on GitLab CI

Use Pipery GitLab mirror repositories, remote includes, CI/CD variables, artifacts, and pipery.jsonl logs to run reusable pipelines in GitLab CI.

April 30, 2026 Pipery

Deploying to Cloud Run with Pipery Cloud Run CD

Ship a container to Google Cloud Run with Pipery Cloud Run CD, including image push, deploy, traffic migration, health checks, and replayable logs.

April 30, 2026 Pipery

Getting started with Pipery Docker CI

Adopt Pipery Docker CI to lint Dockerfiles, scan images, build containers, run smoke tests, tag images, and push them across CI providers.

April 30, 2026 Pipery

Getting started with Pipery npm CI

Set up Pipery npm CI in a Node.js repository to run scanning, linting, tests, packaging, and npm release with structured logs across CI providers.

Pagination