feat(versiebeheer): buildsites → build_sources.py (Fase 1b) #302
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| workflow_dispatch: | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| services: | |
| postgres: | |
| image: postgres:17 | |
| env: | |
| POSTGRES_USER: parassessment | |
| POSTGRES_PASSWORD: parassessment | |
| POSTGRES_DB: parassessment_test | |
| ports: | |
| - 5432:5432 | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 | |
| with: | |
| node-version: '22' | |
| - name: Enable corepack & pin pnpm | |
| run: | | |
| corepack enable | |
| corepack prepare pnpm@10.32.1+sha512.a706938f0e89ac1456b6563eab4edf1d1faf3368d1191fc5c59790e96dc918e4456ab2e67d613de1043d2e8c81f87303e6b40d4ffeca9df15ef1ad567348f2be --activate | |
| - name: Install dependencies | |
| run: pnpm install | |
| - name: CSP inline-style guard (#326) | |
| run: pnpm check:csp | |
| - name: Set up uv | |
| uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0 | |
| with: | |
| python-version: '3.14' | |
| enable-cache: true | |
| - name: Security audit (production dependencies) | |
| run: pnpm audit --prod --audit-level high | |
| - name: Generate assessment JSON sources | |
| run: | | |
| uv run --frozen python script/build_sources.py \ | |
| --manifest sources/manifest.yaml \ | |
| --sources-dir sources \ | |
| --schema schemas/assessment-definition.v2.schema.json \ | |
| --generated-dir sources/generated | |
| - name: Run Python pipeline tests | |
| run: uv run --frozen pytest script/tests -q | |
| - name: Type check backend | |
| run: cd apps/boekhouding-backend && npx tsc --noEmit | |
| - name: Type check frontend | |
| run: cd apps/boekhouding-frontend && npx vue-tsc --noEmit | |
| - name: Type check standalone form | |
| run: cd apps/standalone-form && npx vue-tsc --noEmit | |
| - name: Run backend tests | |
| env: | |
| TEST_DATABASE_URL: postgresql://parassessment:parassessment@localhost:5432/parassessment_test | |
| run: pnpm --filter boekhouding-backend test | |
| - name: Run coverage (alle workspaces) | |
| env: | |
| TEST_DATABASE_URL: postgresql://parassessment:parassessment@localhost:5432/parassessment_test | |
| run: pnpm -r --if-present test:coverage | |
| - name: Upload coverage reports | |
| if: always() | |
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 | |
| with: | |
| name: coverage-reports | |
| path: | | |
| packages/*/coverage | |
| apps/*/coverage | |
| if-no-files-found: ignore | |
| retention-days: 14 |