cleanup #143
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Regular workflow | |
| name: 'CI' | |
| on: | |
| push: | |
| branches-ignore: | |
| - gh-pages | |
| paths-ignore: | |
| - '**/*.md' | |
| - '.github/workflows/release-ci.yml' | |
| - '.github/workflows/codeql-analysis.yml' | |
| - '.github/workflows/mutation.yml' | |
| - '.github/workflows/dependabot.yml' | |
| pull_request: | |
| branches-ignore: | |
| - gh-pages | |
| paths-ignore: | |
| - '**/*.md' | |
| - '.github/workflows/release-ci.yml' | |
| - '.github/workflows/codeql-analysis.yml' | |
| - '.github/workflows/mutation.yml' | |
| - '.github/workflows/dependabot.yml' | |
| # Avoid overlapping runs and cancel in-progress runs on newer commits | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| # Reduce default permissions for security | |
| permissions: | |
| contents: write | |
| jobs: | |
| # Shell script linting | |
| shellcheck: | |
| runs-on: ubuntu-22.04 | |
| needs: [] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Run ShellCheck | |
| run: shellcheck -s sh server/*.sh | |
| # Build (produce production artifacts) | |
| build: | |
| runs-on: ubuntu-22.04 | |
| needs: [] | |
| defaults: | |
| run: | |
| working-directory: react | |
| strategy: | |
| matrix: | |
| node-version: [22.x] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/actions/common-setup | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| - name: Build | |
| run: npm run build | |
| - name: Upload build artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: react-build | |
| path: ./react/build/ | |
| # Audit & Lint | |
| audit_lint: | |
| runs-on: ubuntu-22.04 | |
| needs: [build] | |
| defaults: | |
| run: | |
| working-directory: react | |
| strategy: | |
| matrix: | |
| node-version: [22.x] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/actions/common-setup | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| - name: Audit | |
| run: npm run audit | |
| - name: Scan for suspicious code | |
| run: npm run suspicious | |
| - name: ESLint | |
| run: npm run lint | |
| # Analyze | |
| analyze: | |
| runs-on: ubuntu-22.04 | |
| needs: [build] | |
| defaults: | |
| run: | |
| working-directory: react | |
| strategy: | |
| matrix: | |
| node-version: [22.x] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/actions/common-setup | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| - name: Analyze bundle | |
| run: npm run analyze | |
| - name: Upload bundle analysis report | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: reports-visualizer | |
| path: ./react/reports/visualizer/stats.html | |
| # Unit tests + coverage | |
| unit_tests: | |
| runs-on: ubuntu-22.04 | |
| needs: [build, shellcheck] | |
| defaults: | |
| run: | |
| working-directory: react | |
| strategy: | |
| matrix: | |
| node-version: [22.x] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/actions/common-setup | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| - name: Run unit tests with coverage | |
| run: npm run test:CI | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v5 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| file: ./react/reports/coverage/coverage-final.json | |
| - name: Upload coverage reports | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: reports-coverage | |
| path: ./react/reports/coverage/ | |
| # Duplication analysis | |
| duplication: | |
| if: github.ref == 'refs/heads/main' | |
| runs-on: ubuntu-22.04 | |
| needs: [build] | |
| defaults: | |
| run: | |
| working-directory: react | |
| strategy: | |
| matrix: | |
| node-version: [22.x] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/actions/common-setup | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| - name: Run duplication analysis | |
| run: npm run duplication | |
| - name: Upload duplication HTML report | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: reports-duplication | |
| path: ./react/reports/duplication/html/ | |
| # Playwright E2E | |
| e2e: | |
| runs-on: ubuntu-22.04 | |
| needs: [unit_tests, audit_lint] | |
| defaults: | |
| run: | |
| working-directory: react | |
| strategy: | |
| matrix: | |
| node-version: [22.x] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download build artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: react-build | |
| path: ./react/build | |
| - uses: ./.github/actions/common-setup | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| - name: Install Playwright | |
| run: npx playwright install --with-deps | |
| - name: Run Playwright tests | |
| run: npx playwright test | |
| - name: Upload playwright reports | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: reports-playwright | |
| path: ./react/reports/playwright/ | |
| # Deploy reports to GitHub Pages under /reports/ | |
| deploy_reports: | |
| if: github.ref == 'refs/heads/main' | |
| runs-on: ubuntu-22.04 | |
| needs: [e2e, duplication, analyze] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: gh-pages | |
| - name: Download coverage reports | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: reports-coverage | |
| path: reports/coverage | |
| - name: Download playwright reports | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: reports-playwright | |
| path: reports/playwright | |
| - name: Download duplication report | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: reports-duplication | |
| path: reports/duplication | |
| - name: Download visualizer report | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: reports-visualizer | |
| path: reports/visualizer | |
| - name: Commit and push reports | |
| run: | | |
| git config --global user.name "${GITHUB_ACTOR}" | |
| git config --global user.email "${GITHUB_ACTOR}@users.noreply.github.com" | |
| touch .nojekyll | |
| git add .nojekyll reports/ | |
| git commit -m "Update reports" || echo "No changes to commit" | |
| git status | |
| git push origin gh-pages | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |