CI/CD Pipeline #310

Workflow file for this run

	name: CI/CD Pipeline

	on:
	push:
	branches: [main, develop]
	pull_request:
	branches: [main, develop]
	types: [opened, synchronize, reopened]
	# Run tests on schedule (daily at 2 AM UTC)
	schedule:
	- cron: '0 2 * * *'

	env:
	NODE_VERSION: '18'
	CACHE_VERSION: v1

	jobs:
	# Job 1: Lint code
	lint:
	name: Lint Code
	runs-on: ubuntu-latest
	permissions:
	contents: read

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: ${{ env.NODE_VERSION }}

	- name: Install dependencies
	run: npm ci

	- name: Run linter
	run: npm run lint

	# Job 2: Type checking
	typecheck:
	name: Type Check
	runs-on: ubuntu-latest
	permissions:
	contents: read

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: ${{ env.NODE_VERSION }}

	- name: Install dependencies
	run: npm ci

	- name: Run type checking
	run: npm run typecheck

	# Job 3: Unit tests
	unit-tests:
	name: Unit Tests
	runs-on: ubuntu-latest
	permissions:
	contents: read
	checks: write
	pull-requests: write

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: ${{ env.NODE_VERSION }}

	- name: Install dependencies
	run: npm ci

	- name: Run unit tests
	run: npm run test:unit

	- name: Generate coverage report
	run: npm run test:coverage

	- name: Upload coverage to Codecov
	uses: codecov/codecov-action@v3
	with:
	files: ./coverage/coverage-final.json
	flags: unittests
	name: codecov-umbrella
	fail_ci_if_error: false

	# Job 4: Build check
	build:
	name: Build Check
	runs-on: ubuntu-latest
	permissions:
	contents: read

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: ${{ env.NODE_VERSION }}

	- name: Install dependencies
	run: npm ci

	- name: Build application
	run: npm run build

	# Job 5: Security checks (optional but recommended)
	security:
	name: Security Scan
	runs-on: ubuntu-latest
	permissions:
	contents: read
	security-events: write

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@master
	with:
	scan-type: 'fs'
	scan-ref: '.'
	format: 'sarif'
	output: 'trivy-results.sarif'
	severity: 'CRITICAL,HIGH'

	- name: Upload Trivy results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@v2
	if: always()
	with:
	sarif_file: 'trivy-results.sarif'

	# Job 6: Integration tests (optional, runs on success of other jobs)
	integration-tests:
	name: Integration Tests
	runs-on: ubuntu-latest
	needs: [lint, typecheck, unit-tests, build]
	permissions:
	contents: read

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: ${{ env.NODE_VERSION }}

	- name: Install dependencies
	run: npm ci

	- name: Run integration tests
	run: npm run test:integration \|\| true

	# Job 7: Status check (final job that must pass)
	ci-status:
	name: CI Status Check
	runs-on: ubuntu-latest
	needs: [lint, typecheck, unit-tests, build]
	if: always()

	steps:
	- name: Check CI status
	run: \|
	if [[ "${{ needs.lint.result }}" == "failure" \|\|
	"${{ needs.typecheck.result }}" == "failure" \|\|
	"${{ needs.unit-tests.result }}" == "failure" \|\|
	"${{ needs.build.result }}" == "failure" ]]; then
	echo "❌ CI Pipeline Failed"
	exit 1
	fi
	echo "✅ CI Pipeline Passed"

	# Job 8: Comment on PR with results
	pr-comment:
	name: Comment PR with Results
	runs-on: ubuntu-latest
	needs: [lint, typecheck, unit-tests, build]
	if: github.event_name == 'pull_request' && always()
	permissions:
	pull-requests: write

	steps:
	- name: Comment PR
	uses: actions/github-script@v7
	with:
	github-token: ${{ secrets.GITHUB_TOKEN }}
	script: \|
	const lint = '${{ needs.lint.result }}' === 'success' ? '✅' : '❌';
	const typecheck = '${{ needs.typecheck.result }}' === 'success' ? '✅' : '❌';
	const tests = '${{ needs.unit-tests.result }}' === 'success' ? '✅' : '❌';
	const build = '${{ needs.build.result }}' === 'success' ? '✅' : '❌';

	const body = `## CI/CD Pipeline Results

	\| Check \| Status \|
	\|-------\|--------\|
	\| Linting \| ${lint} \|
	\| Type Checking \| ${typecheck} \|
	\| Unit Tests \| ${tests} \|
	\| Build \| ${build} \|

	[View full workflow](${context.payload.pull_request.html_url}/checks)`;

	github.rest.issues.createComment({
	issue_number: context.issue.number,
	owner: context.repo.owner,
	repo: context.repo.repo,
	body: body
	});

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

CI/CD Pipeline #310

Workflow file

CI/CD Pipeline #310

Uh oh!

Workflow file for this run