Skip to content
ci

fix(ci): Resolve web dependencies action and ai-service lints #41

Sign in to view logs

fix(ci): Resolve web dependencies action and ai-service lints

fix(ci): Resolve web dependencies action and ai-service lints #41

Workflow file for this run

.github/workflows/ci.yml at 7c48d69
name: ci
on:
pull_request:
push:
branches: ["main", "master", "develop"]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: read
jobs:
web-lint:
runs-on: ubuntu-latest
timeout-minutes: 5
defaults:
run:
working-directory: apps/web
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-web
- name: ESLint Check
run: npm run lint
- name: Prettier Format Check
run: npm run format:check
api-format:
runs-on: ubuntu-latest
timeout-minutes: 5
defaults:
run:
working-directory: apps/api
steps:
- uses: actions/checkout@v4
- name: Setup Java
uses: actions/setup-java@v4
with:
distribution: "temurin"
java-version: "21"
cache: maven
- name: Spotless Check
run: mvn spotless:check
ai-format:
runs-on: ubuntu-latest
timeout-minutes: 5
defaults:
run:
working-directory: apps/ai-service
steps:
- uses: actions/checkout@v4
- name: Install uv
uses: astral-sh/setup-uv@v5
with:
version: "0.5.x"
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version-file: "apps/ai-service/.python-version"
- name: Ruff Check
run: uv run --group dev ruff check .
- name: Ruff Format Check
run: uv run --group dev ruff format --check .
web-test:
runs-on: ubuntu-latest
timeout-minutes: 10
defaults:
run:
working-directory: apps/web
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-web
- name: Unit tests
run: npm run test
web-typecheck:
runs-on: ubuntu-latest
timeout-minutes: 10
defaults:
run:
working-directory: apps/web
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-web
- name: Type check
run: npm run typecheck
web-build:
runs-on: ubuntu-latest
timeout-minutes: 10
defaults:
run:
working-directory: apps/web
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-web
- name: Build
run: npm run build
web-audit:
runs-on: ubuntu-latest
timeout-minutes: 10
defaults:
run:
working-directory: apps/web
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-web
- name: Prod dependency audit
run: npm audit --omit=dev --audit-level=high
api-compile:
runs-on: ubuntu-latest
timeout-minutes: 15
defaults:
run:
working-directory: apps/api
steps:
- uses: actions/checkout@v4
- name: Setup Java
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: "21"
cache: maven
- name: API compile
run: mvn -B -DskipTests compile
api-test:
runs-on: ubuntu-latest
timeout-minutes: 20
defaults:
run:
working-directory: apps/api
services:
postgres:
image: postgres:17
env:
POSTGRES_DB: edunexus_test
POSTGRES_USER: edunexus
POSTGRES_PASSWORD: edunexus
ports:
- 5432:5432
options: >-
--health-cmd "pg_isready -U edunexus -d edunexus_test"
--health-interval 10s
--health-timeout 5s
--health-retries 5
env:
CI_POSTGRES_HOST: 127.0.0.1
CI_POSTGRES_PORT: "5432"
CI_POSTGRES_DB: edunexus_test
CI_POSTGRES_USER: edunexus
CI_POSTGRES_PASSWORD: edunexus
steps:
- uses: actions/checkout@v4
- name: Setup Java
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: "21"
cache: maven
- name: Flyway migration smoke-test
run: >
mvn -B -DskipTests flyway:migrate
-Dflyway.url=jdbc:postgresql://${{ env.CI_POSTGRES_HOST }}:${{ env.CI_POSTGRES_PORT }}/${{ env.CI_POSTGRES_DB }}
-Dflyway.user=${{ env.CI_POSTGRES_USER }}
-Dflyway.password=${{ env.CI_POSTGRES_PASSWORD }}
-Dflyway.locations=filesystem:src/main/resources/db/migration
- name: API tests
run: mvn -B test
- name: Upload surefire reports
if: always()
uses: actions/upload-artifact@v4
with:
name: api-surefire-reports
path: apps/api/target/surefire-reports
if-no-files-found: ignore
ai-test:
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Install uv
run: python -m pip install --upgrade pip uv
- name: Sync dependencies with uv
run: uv sync --project apps/ai-service --python 3.12 --group dev
- name: Run pytest
run: uv run --project apps/ai-service --python 3.12 pytest -q
secrets-scan:
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Gitleaks scan
uses: gitleaks/gitleaks-action@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITLEAKS_CONFIG: .gitleaks.toml
GITLEAKS_ENABLE_COMMENTS: "false"
GITLEAKS_ENABLE_UPLOAD_ARTIFACT: "false"
- name: Upload gitleaks report
if: always()
uses: actions/upload-artifact@v4
with:
name: gitleaks-results
path: results.sarif
if-no-files-found: ignore