>_SkillsHub

> adobe-ci-integration

Configure CI/CD pipelines for Adobe integrations with GitHub Actions, including OAuth credential injection, PDF Services testing, Firefly API smoke tests, and secret scanning for Adobe credential patterns. Trigger with phrases like "adobe CI", "adobe GitHub Actions", "adobe automated tests", "CI adobe", "adobe pipeline".

fetch
$curl "https://skillshub.wtf/jeremylongshore/claude-code-plugins-plus-skills/adobe-ci-integration?format=md"
SKILL.mdadobe-ci-integration

Adobe CI Integration

Overview

Set up CI/CD pipelines for Adobe API integrations with proper credential management, unit/integration test separation, and secret scanning for Adobe-specific credential patterns.

Prerequisites

  • GitHub repository with Actions enabled
  • Adobe Developer Console credentials for CI (separate from production)
  • npm/pnpm project with vitest configured

Instructions

Step 1: Store Adobe Credentials as GitHub Secrets

# Set OAuth Server-to-Server credentials
gh secret set ADOBE_CLIENT_ID --body "your-ci-client-id"
gh secret set ADOBE_CLIENT_SECRET --body "your-ci-client-secret"
gh secret set ADOBE_SCOPES --body "openid,AdobeID,firefly_api"

Step 2: Create CI Workflow

# .github/workflows/adobe-integration.yml
name: Adobe Integration Tests

on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

jobs:
  unit-tests:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: '20'
          cache: 'npm'
      - run: npm ci
      - run: npm test -- --coverage
        # Unit tests run with mocked Adobe APIs — no credentials needed

  secret-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Scan for Adobe credentials
        run: |
          FOUND=0
          # Adobe OAuth client secrets start with p8_
          if grep -rE "p8_[A-Za-z0-9_-]{20,}" --include="*.ts" --include="*.js" --include="*.py" --include="*.json" . 2>/dev/null; then
            echo "::error::Adobe client_secret pattern found in source"
            FOUND=1
          fi
          # Adobe IMS access tokens
          if grep -rE "eyJ[A-Za-z0-9_-]{50,}" --include="*.ts" --include="*.js" . 2>/dev/null; then
            echo "::warning::Potential Adobe access token found"
          fi
          exit $FOUND

  integration-tests:
    needs: [unit-tests, secret-scan]
    runs-on: ubuntu-latest
    # Only run on main branch (uses real API credentials)
    if: github.ref == 'refs/heads/main'
    env:
      ADOBE_CLIENT_ID: ${{ secrets.ADOBE_CLIENT_ID }}
      ADOBE_CLIENT_SECRET: ${{ secrets.ADOBE_CLIENT_SECRET }}
      ADOBE_SCOPES: ${{ secrets.ADOBE_SCOPES }}
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: '20'
          cache: 'npm'
      - run: npm ci

      - name: Verify Adobe OAuth credentials
        run: |
          HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" -X POST \
            'https://ims-na1.adobelogin.com/ims/token/v3' \
            -d "client_id=${ADOBE_CLIENT_ID}&client_secret=${ADOBE_CLIENT_SECRET}&grant_type=client_credentials&scope=${ADOBE_SCOPES}")
          if [ "$HTTP_CODE" != "200" ]; then
            echo "::error::Adobe OAuth token generation failed (HTTP $HTTP_CODE)"
            exit 1
          fi
          echo "Adobe credentials verified"

      - name: Run integration tests
        run: npm run test:integration
        timeout-minutes: 5

Step 3: Write CI-Friendly Integration Tests

// tests/integration/adobe-api.test.ts
import { describe, it, expect } from 'vitest';
import { getAccessToken } from '../../src/adobe/client';

const hasCredentials = !!(
  process.env.ADOBE_CLIENT_ID && process.env.ADOBE_CLIENT_SECRET
);

describe.skipIf(!hasCredentials)('Adobe API Integration', () => {
  it('should generate valid OAuth access token', async () => {
    const token = await getAccessToken();
    expect(token).toBeTruthy();
    expect(token.length).toBeGreaterThan(100);
  }, 10_000);

  it('should call Firefly API health endpoint', async () => {
    const token = await getAccessToken();
    const response = await fetch('https://firefly-api.adobe.io/v3/images/generate', {
      method: 'POST',
      headers: {
        'Authorization': `Bearer ${token}`,
        'x-api-key': process.env.ADOBE_CLIENT_ID!,
        'Content-Type': 'application/json',
      },
      body: JSON.stringify({
        prompt: 'solid blue square',
        n: 1,
        size: { width: 512, height: 512 },
      }),
    });

    // 200 = success, 429 = rate limited (acceptable in CI)
    expect([200, 429]).toContain(response.status);
  }, 30_000);
});

Step 4: Release Workflow with Adobe Validation

# .github/workflows/release.yml
on:
  push:
    tags: ['v*']

jobs:
  release:
    runs-on: ubuntu-latest
    env:
      ADOBE_CLIENT_ID: ${{ secrets.ADOBE_CLIENT_ID_PROD }}
      ADOBE_CLIENT_SECRET: ${{ secrets.ADOBE_CLIENT_SECRET_PROD }}
      ADOBE_SCOPES: ${{ secrets.ADOBE_SCOPES }}
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with: { node-version: '20' }
      - run: npm ci
      - run: npm test
      - name: Verify Adobe production credentials
        run: npm run test:integration
      - run: npm run build
      - run: npm publish

Output

  • Unit test pipeline (no credentials needed)
  • Secret scanning for Adobe credential patterns
  • Integration tests with real API (main branch only)
  • Release workflow with credential validation gate

Error Handling

IssueCauseSolution
invalid_client in CIWrong secret valueRe-set with gh secret set
Integration test 429Rate limitedAccept 429 as valid CI result
Secret scan false positiveTest fixture dataExclude test directories from scan
Timeout on Firefly testAPI latencyIncrease vitest timeout to 30s

Resources

Next Steps

For deployment patterns, see adobe-deploy-integration.

> related_skills --same-repo

> fathom-cost-tuning

Optimize Fathom API usage and plan selection. Trigger with phrases like "fathom cost", "fathom pricing", "fathom plan".

> fathom-core-workflow-b

Sync Fathom meeting data to CRM and build automated follow-up workflows. Use when integrating Fathom with Salesforce, HubSpot, or custom CRMs, or creating automated post-meeting email summaries. Trigger with phrases like "fathom crm sync", "fathom salesforce", "fathom follow-up", "fathom post-meeting workflow".

> fathom-core-workflow-a

Build a meeting analytics pipeline with Fathom transcripts and summaries. Use when extracting insights from meetings, building CRM sync, or creating automated meeting follow-up workflows. Trigger with phrases like "fathom analytics", "fathom meeting pipeline", "fathom transcript analysis", "fathom action items sync".

> fathom-common-errors

Diagnose and fix Fathom API errors including auth failures and missing data. Use when API calls fail, transcripts are empty, or webhooks are not firing. Trigger with phrases like "fathom error", "fathom not working", "fathom api failure", "fix fathom".

┌ stats

installs/wk0
░░░░░░░░░░
github stars1.7K
██████████
first seenMar 23, 2026
└────────────

┌ repo

jeremylongshore/claude-code-plugins-plus-skills
by jeremylongshore
└────────────