Skip to content
CI/CD Pipeline

fixed support and me too buttons. fixed some problems with analysis p… #115

Sign in to view logs

fixed support and me too buttons. fixed some problems with analysis p…

fixed support and me too buttons. fixed some problems with analysis p… #115

Workflow file for this run

.github/workflows/ci-cd.yml at 36c2d86
name: CI/CD Pipeline
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main ]
env:
NODE_VERSION: '18'
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
# Test Job
test:
name: Run Tests
runs-on: ubuntu-latest
services:
sqlserver:
image: mcr.microsoft.com/mssql/server:2022-latest
env:
SA_PASSWORD: YourPassword123!
ACCEPT_EULA: Y
MSSQL_PID: Express
options: >-
--health-cmd "/opt/mssql-tools/bin/sqlcmd -S localhost -U sa -P YourPassword123! -Q 'SELECT 1'"
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 1433:1433
redis:
image: redis:7
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 6379:6379
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'npm'
cache-dependency-path: |
backend/package-lock.json
frontend/package-lock.json
# Backend Tests
- name: Install backend dependencies
run: |
cd backend
npm ci
- name: Run backend linting
run: |
cd backend
npm run lint
- name: Setup test database
run: |
cd backend
# Create test database
docker exec $(docker ps -q --filter ancestor=mcr.microsoft.com/mssql/server:2022-latest) /opt/mssql-tools/bin/sqlcmd -S localhost -U sa -P YourPassword123! -Q "CREATE DATABASE worrybox_test"
# Push schema to database
npx prisma db push --force-reset
env:
DATABASE_URL: "sqlserver://localhost:1433;database=worrybox_test;user=sa;password=YourPassword123!;encrypt=false;trustServerCertificate=true"
- name: Run backend tests
run: |
cd backend
npm run test:fast
env:
NODE_ENV: test
DATABASE_URL: "sqlserver://localhost:1433;database=worrybox_test;user=sa;password=YourPassword123!;encrypt=false;trustServerCertificate=true"
JWT_SECRET: test-jwt-secret-key-for-testing-only
JWT_REFRESH_SECRET: test-refresh-secret-key-for-testing-only
OPENAI_API_KEY: test-openai-key
LEMONSQUEEZY_API_KEY: test-lemonsqueezy-key
LEMONSQUEEZY_STORE_ID: test-store-id
LEMONSQUEEZY_WEBHOOK_SECRET: test-webhook-secret
EMAIL_HOST: smtp.test.com
EMAIL_PORT: 587
EMAIL_USER: test@example.com
EMAIL_PASS: test-password
REDIS_URL: redis://localhost:6379
# Frontend Tests
- name: Install frontend dependencies
run: |
cd frontend
npm ci
- name: Run frontend linting
run: |
cd frontend
npm run lint
- name: Run frontend tests
run: |
cd frontend
npm run test -- --run
- name: Build frontend
run: |
cd frontend
npm run build
# Security Scan
security:
name: Security Scan
runs-on: ubuntu-latest
needs: test
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
scan-ref: '.'
format: 'sarif'
output: 'trivy-results.sarif'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
if: always()
with:
sarif_file: 'trivy-results.sarif'
# Build and Push Docker Images
build:
name: Build Docker Images
runs-on: ubuntu-latest
needs: [test, security]
if: github.ref == 'refs/heads/main'
permissions:
contents: read
packages: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Log in to Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata for backend
id: meta-backend
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-backend
tags: |
type=ref,event=branch
type=ref,event=pr
type=sha,prefix={{branch}}-
type=raw,value=latest,enable={{is_default_branch}}
- name: Build and push backend image
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile.backend
push: true
tags: ${{ steps.meta-backend.outputs.tags }}
labels: ${{ steps.meta-backend.outputs.labels }}
- name: Extract metadata for frontend
id: meta-frontend
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-frontend
tags: |
type=ref,event=branch
type=ref,event=pr
type=sha,prefix={{branch}}-
type=raw,value=latest,enable={{is_default_branch}}
- name: Build and push frontend image
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile.frontend
push: true
tags: ${{ steps.meta-frontend.outputs.tags }}
labels: ${{ steps.meta-frontend.outputs.labels }}
# Deploy to Production
deploy:
name: Deploy to Production
runs-on: ubuntu-latest
needs: build
if: github.ref == 'refs/heads/main'
environment: production
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Deploy to production server
uses: appleboy/ssh-action@v1.0.0
with:
host: ${{ secrets.PRODUCTION_HOST }}
username: ${{ secrets.PRODUCTION_USER }}
key: ${{ secrets.PRODUCTION_SSH_KEY }}
port: ${{ secrets.PRODUCTION_PORT || 22 }}
script: |
cd /opt/worrybox
git pull origin main
chmod +x scripts/deploy.sh
./scripts/deploy.sh
- name: Health Check
run: |
sleep 60
curl -f https://${{ secrets.PRODUCTION_DOMAIN }}/health || exit 1
echo "Production deployment successful!"
# Notify on Success/Failure
notify:
name: Notify Deployment Status
runs-on: ubuntu-latest
needs: [deploy]
if: always()
steps:
- name: Notify success
if: needs.deploy.result == 'success'
run: |
echo "✅ Deployment successful!"
# Add notification logic here (Slack, Discord, email, etc.)
- name: Notify failure
if: needs.deploy.result == 'failure'
run: |
echo "❌ Deployment failed!"
# Add notification logic here (Slack, Discord, email, etc.)