-
Notifications
You must be signed in to change notification settings - Fork 11
135 lines (111 loc) · 3.55 KB
/
Copy pathci.yml
File metadata and controls
135 lines (111 loc) · 3.55 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: CI
on:
push:
branches: ['*']
pull_request:
branches: [main, master]
permissions:
contents: read
concurrency:
group: ci-${{ github.ref }}
cancel-in-progress: true
env:
NODE_VERSION: '24'
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
jobs:
check:
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'npm'
- run: npm ci
- name: Security audit
# Fail CI on moderate+ advisories — no continue-on-error
run: npm audit --audit-level=moderate
- name: Build server (required for svelte-check)
run: npm run build:server
- name: Generate SvelteKit types
run: npx svelte-kit sync
- name: Type check
run: npm run check
- name: Build
run: npm run build
- name: Run unit tests with coverage
run: npm run test:unit:coverage
- name: Smoke test — start server and verify health
env:
PORT: '3099'
GITHUB_CLIENT_ID: smoke-test-id
SESSION_SECRET: smoke-test-secret-min-32-chars-long
NODE_ENV: production
SESSION_STORE_PATH: /tmp/ci-sessions
SETTINGS_STORE_PATH: /tmp/ci-settings
CHAT_STATE_PATH: /tmp/ci-chat-state
PUSH_STORE_PATH: /tmp/ci-push
run: |
node server.js &
SERVER_PID=$!
# Wait for server to be ready (max 15s)
for i in $(seq 1 30); do
if curl -sf http://localhost:3099/health > /dev/null 2>&1; then
echo "✅ Server is healthy"
curl -s http://localhost:3099/health | jq .
kill $SERVER_PID 2>/dev/null || true
exit 0
fi
sleep 0.5
done
echo "❌ Server failed to start within 15s"
kill $SERVER_PID 2>/dev/null || true
exit 1
e2e:
needs: check
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'npm'
- run: npm ci
- name: Build
run: npm run build
- name: Install Playwright browsers
run: npx playwright install --with-deps chromium
- name: Run Playwright tests
run: npx playwright test --project=desktop
env:
PORT: '3001'
GITHUB_CLIENT_ID: test-client-id
SESSION_SECRET: test-secret-for-playwright-min-32
NODE_ENV: development
- name: Upload Playwright report
if: failure()
uses: actions/upload-artifact@v4
with:
name: playwright-report
path: playwright-report/
retention-days: 7
commit-lint:
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
timeout-minutes: 2
steps:
- name: Check PR title follows conventional commits
env:
PR_TITLE: ${{ github.event.pull_request.title }}
run: |
pattern='^(feat|fix|docs|style|refactor|perf|test|build|ci|chore|revert)(\(.+\))?!?: .+'
if [[ ! "$PR_TITLE" =~ $pattern ]]; then
echo "❌ PR title does not follow Conventional Commits format"
echo "Expected: type(scope): description"
echo "Examples: feat: add new feature, fix(auth): resolve login bug"
echo "Got: $PR_TITLE"
exit 1
fi
echo "✅ PR title follows Conventional Commits format"