Fix analyze_coalition_dynamics returning memberCount=0 for EP10 groups #1623
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test and Report | |
| on: | |
| push: | |
| branches: ["main"] | |
| pull_request: | |
| branches: ["main"] | |
| # Set default permissions to read-only | |
| permissions: read-all | |
| jobs: | |
| prepare: | |
| runs-on: ubuntu-latest | |
| # Only needs read permissions | |
| permissions: | |
| contents: read # Required to check out code | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 | |
| with: | |
| node-version: "25" | |
| cache: "npm" | |
| - name: Cache dependencies | |
| uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 | |
| with: | |
| path: ~/.npm | |
| key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.os }}-node- | |
| - name: Install dependencies | |
| run: npm install | |
| build-validation: | |
| needs: prepare | |
| runs-on: ubuntu-latest | |
| # Needs write permissions to upload artifacts | |
| permissions: | |
| contents: write # Required to check out code | |
| actions: read # Required to use GitHub actions | |
| id-token: write # Required for attestation | |
| pull-requests: write # Required to upload artifacts (implicit permission) | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 | |
| with: | |
| node-version: "25" | |
| cache: "npm" | |
| - name: Cache dependencies | |
| uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 | |
| with: | |
| path: ~/.npm | |
| key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.os }}-node- | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Cache build artifacts | |
| uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 | |
| with: | |
| path: dist | |
| key: ${{ runner.os }}-build-${{ hashFiles('**/package-lock.json') }}-${{ hashFiles('src/**/*') }} | |
| restore-keys: | | |
| ${{ runner.os }}-build-${{ hashFiles('**/package-lock.json') }}- | |
| ${{ runner.os }}-build- | |
| # TypeScript type checking | |
| - name: Type check | |
| run: npm run type-check | |
| # TypeScript type checking for test helpers (mockFactory.ts, assertions.ts) | |
| - name: Type check test helpers | |
| run: npm run type-check:helpers | |
| # Run linter | |
| - name: Lint | |
| run: npm run lint | |
| # Check for unused dependencies with knip | |
| - name: Check for unused dependencies | |
| run: npm run knip | |
| # Build the project (ensures dist/ output is valid) | |
| - name: Build | |
| run: npm run build | |
| # Verify package can be packed (catches prepublish issues before release) | |
| - name: Validate package | |
| run: npm pack --dry-run | |
| # Check licenses | |
| - name: Check licenses | |
| run: npm run test:licenses | |
| - name: Generate SBOM | |
| uses: anchore/sbom-action@e22c389904149dbc22b58101806040fa8d37a610 # v0.24.0 | |
| id: sbom | |
| with: | |
| format: spdx-json | |
| output-file: european-parliament-mcp-server.spdx.json | |
| artifact-name: european-parliament-mcp-server | |
| - name: Install SBOMQS | |
| run: | | |
| curl -LO https://github.com/interlynk-io/sbomqs/releases/download/v1.2.0/sbomqs-linux-amd64 | |
| sudo mv sbomqs-linux-amd64 /usr/local/bin/sbomqs | |
| sudo chmod a+x /usr/local/bin/sbomqs | |
| - name: Details SBOM Quality | |
| run: sbomqs score european-parliament-mcp-server.spdx.json --detailed | |
| - name: Check SBOM Quality | |
| run: | | |
| score=$(sbomqs score european-parliament-mcp-server.spdx.json --json | jq '.files[0].avg_score') | |
| echo "SBOM Score: $score/10" | |
| if (( $(echo "$score < 7.0" | bc -l) )); then | |
| echo "::error::SBOM quality score too low: $score" | |
| exit 1 | |
| fi | |
| - name: Upload build artifacts | |
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 | |
| with: | |
| name: build-output | |
| path: | | |
| dist | |
| european-parliament-mcp-server.spdx.json | |
| if-no-files-found: warn | |
| unit-tests: | |
| needs: [prepare, build-validation] | |
| runs-on: ubuntu-latest | |
| # Needs write permissions to upload artifacts | |
| permissions: | |
| contents: write # Required to check out code | |
| actions: read # Required to use GitHub actions | |
| checks: write # Required to upload artifacts (implicit permission) | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 | |
| with: | |
| node-version: "25" | |
| cache: "npm" | |
| - name: Cache dependencies | |
| uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 | |
| with: | |
| path: ~/.npm | |
| key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.os }}-node- | |
| - name: Install dependencies | |
| run: npm install | |
| - name: Run unit tests with coverage | |
| run: npm run test:coverage | |
| - name: Check coverage thresholds | |
| run: | | |
| # Extract coverage from report | |
| if [ -f "coverage/coverage-summary.json" ]; then | |
| COVERAGE=$(jq '.total.lines.pct' coverage/coverage-summary.json) | |
| echo "Current coverage: $COVERAGE%" | |
| # Convert coverage to integer (percentage * 100) for comparison | |
| COVERAGE_INT=$(awk -v c="$COVERAGE" 'BEGIN { printf "%d", c * 100 }') | |
| # Check if coverage meets requirements (80% minimum = 8000) | |
| if [ "$COVERAGE_INT" -lt 8000 ]; then | |
| echo "⚠️ Coverage $COVERAGE% is below required 80%" | |
| echo "::warning::Coverage $COVERAGE% is below required 80%" | |
| else | |
| echo "✅ Coverage $COVERAGE% meets requirement" | |
| fi | |
| else | |
| echo "⚠️ Coverage summary not found" | |
| fi | |
| continue-on-error: true | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v5.3.2 | |
| with: | |
| files: ./coverage/coverage-final.json | |
| fail_ci_if_error: false | |
| verbose: true | |
| continue-on-error: true | |
| - name: Upload coverage report | |
| if: always() | |
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 | |
| with: | |
| name: coverage-report | |
| path: coverage | |
| if-no-files-found: warn | |
| report: | |
| needs: [unit-tests] | |
| runs-on: ubuntu-latest | |
| if: always() | |
| # Needs write permissions to upload artifacts | |
| permissions: | |
| contents: write # Required to check out code | |
| actions: read # Required to use GitHub actions | |
| checks: write # Required to upload artifacts (implicit permission) | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0 | |
| with: | |
| egress-policy: audit | |
| - name: Download all artifacts | |
| uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 | |
| with: | |
| path: artifacts | |
| continue-on-error: true | |
| - name: Upload combined reports | |
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 | |
| with: | |
| name: test-reports | |
| path: | | |
| artifacts/coverage-report | |
| if-no-files-found: warn | |
| - name: Test summary | |
| run: | | |
| echo "## Test Summary" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "### Status" >> $GITHUB_STEP_SUMMARY | |
| echo "- ✅ Build validation: Passed" >> $GITHUB_STEP_SUMMARY | |
| echo "- ✅ Unit tests: Passed" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "### Note" >> $GITHUB_STEP_SUMMARY | |
| echo "Integration and E2E tests run in separate workflow: integration-tests.yml" >> $GITHUB_STEP_SUMMARY |