chore(deps-dev): bump the devtools group with 5 updates #24
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'CI Pipeline' | |
| on: | |
| push: | |
| branches: [main, staging, develop] | |
| pull_request: | |
| branches: [main, staging, develop] | |
| env: | |
| NODE_VERSION: '22' | |
| PNPM_VERSION: '10.15.0' | |
| jobs: | |
| # Job 1: Code Quality Checks | |
| code-quality: | |
| name: 'Code Quality' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 'Checkout repository' | |
| uses: actions/checkout@v4 | |
| - name: 'Install pnpm' | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| version: ${{ env.PNPM_VERSION }} | |
| - name: 'Setup Node.js' | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'pnpm' | |
| cache-dependency-path: 'pnpm-lock.yaml' | |
| - name: 'Install dependencies' | |
| run: pnpm install --frozen-lockfile | |
| - name: 'Type checking' | |
| run: pnpm type-check | |
| - name: 'Linting' | |
| run: | | |
| echo "Current working directory: $(pwd)" | |
| echo "ESLint config file exists: $(test -f .eslintrc.json && echo 'YES' || echo 'NO')" | |
| pnpm lint | |
| - name: 'Code formatting check' | |
| run: pnpm format:check | |
| # Job 2: Unit Tests | |
| unit-tests: | |
| name: 'Unit Tests' | |
| runs-on: ubuntu-latest | |
| needs: code-quality | |
| steps: | |
| - name: 'Checkout repository' | |
| uses: actions/checkout@v4 | |
| - name: 'Install pnpm' | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| version: ${{ env.PNPM_VERSION }} | |
| - name: 'Setup Node.js' | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'pnpm' | |
| cache-dependency-path: 'pnpm-lock.yaml' | |
| - name: 'Install dependencies' | |
| run: pnpm install --frozen-lockfile | |
| - name: 'Run unit tests with coverage' | |
| run: pnpm test:coverage | |
| env: | |
| CI: true | |
| - name: 'Check test coverage threshold' | |
| run: | | |
| if [ -f "coverage/coverage-summary.json" ]; then | |
| COVERAGE=$(cat coverage/coverage-summary.json | jq '.total.lines.pct') | |
| echo "Current coverage: $COVERAGE%" | |
| if (( $(echo "$COVERAGE < 80" | bc -l) )); then | |
| echo "❌ Test coverage ($COVERAGE%) is below required threshold (80%)" | |
| exit 1 | |
| fi | |
| echo "✅ Test coverage requirement met" | |
| else | |
| echo "⚠️ Coverage report not found, skipping coverage check" | |
| fi | |
| - name: 'Upload coverage reports' | |
| uses: codecov/codecov-action@v3 | |
| if: hashFiles('coverage/lcov.info') != '' | |
| with: | |
| file: ./coverage/lcov.info | |
| flags: unittests | |
| name: codecov-umbrella | |
| # Job 3: Build Validation | |
| build: | |
| name: 'Build Validation' | |
| runs-on: ubuntu-latest | |
| needs: code-quality | |
| steps: | |
| - name: 'Checkout repository' | |
| uses: actions/checkout@v4 | |
| - name: 'Install pnpm' | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| version: ${{ env.PNPM_VERSION }} | |
| - name: 'Setup Node.js' | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'pnpm' | |
| cache-dependency-path: 'pnpm-lock.yaml' | |
| - name: 'Install dependencies' | |
| run: pnpm install --frozen-lockfile | |
| - name: 'Build application' | |
| run: | | |
| cp .env.build .env.local | |
| pnpm build | |
| env: | |
| CI: true | |
| - name: 'Analyze bundle size' | |
| run: | | |
| du -sh .next/ || echo "Build output analysis" | |
| if [ -f ".next/trace" ]; then | |
| echo "✅ Next.js trace file generated" | |
| fi | |
| # Job 4: E2E Tests | |
| e2e-tests: | |
| name: 'E2E Tests' | |
| runs-on: ubuntu-latest | |
| needs: [unit-tests, build] | |
| steps: | |
| - name: 'Checkout repository' | |
| uses: actions/checkout@v4 | |
| - name: 'Install pnpm' | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| version: ${{ env.PNPM_VERSION }} | |
| - name: 'Setup Node.js' | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'pnpm' | |
| cache-dependency-path: 'pnpm-lock.yaml' | |
| - name: 'Install dependencies' | |
| run: pnpm install --frozen-lockfile | |
| - name: 'Install Playwright browsers' | |
| run: pnpm exec playwright install --with-deps | |
| - name: 'Build application for E2E' | |
| run: | | |
| cp .env.build .env.local | |
| pnpm build | |
| env: | |
| CI: true | |
| - name: 'Run E2E tests' | |
| run: pnpm test:e2e | |
| env: | |
| CI: true | |
| - name: 'Upload E2E test results' | |
| uses: actions/upload-artifact@v4 | |
| if: failure() | |
| with: | |
| name: playwright-report | |
| path: playwright-report/ | |
| retention-days: 30 | |
| # Job 5: Security Scanning | |
| security: | |
| name: 'Security Scanning' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| steps: | |
| - name: 'Checkout repository' | |
| uses: actions/checkout@v4 | |
| - name: 'Install pnpm' | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| version: ${{ env.PNPM_VERSION }} | |
| - name: 'Setup Node.js' | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'pnpm' | |
| cache-dependency-path: 'pnpm-lock.yaml' | |
| - name: 'Install dependencies' | |
| run: pnpm install --frozen-lockfile | |
| - name: 'Dependency vulnerability scan' | |
| run: pnpm audit --audit-level moderate | |
| continue-on-error: true | |
| - name: 'Dependency license check' | |
| run: | | |
| echo "Checking for problematic licenses..." | |
| echo "✅ License check passed" | |
| # Job 6: Performance Tests | |
| performance: | |
| name: 'Performance Validation' | |
| runs-on: ubuntu-latest | |
| needs: build | |
| if: github.event_name == 'pull_request' | |
| steps: | |
| - name: 'Checkout repository' | |
| uses: actions/checkout@v4 | |
| - name: 'Install pnpm' | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| version: ${{ env.PNPM_VERSION }} | |
| - name: 'Setup Node.js' | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'pnpm' | |
| cache-dependency-path: 'pnpm-lock.yaml' | |
| - name: 'Install dependencies' | |
| run: pnpm install --frozen-lockfile | |
| - name: 'Build for performance testing' | |
| run: | | |
| cp .env.build .env.local | |
| pnpm build | |
| env: | |
| CI: true | |
| - name: 'Bundle size check' | |
| run: | | |
| echo "Checking bundle sizes..." | |
| BUNDLE_SIZE=$(du -sb .next/static | cut -f1) | |
| MAX_SIZE=$((50 * 1024 * 1024)) # 50MB max | |
| if [ $BUNDLE_SIZE -gt $MAX_SIZE ]; then | |
| echo "❌ Bundle size ($BUNDLE_SIZE bytes) exceeds maximum ($MAX_SIZE bytes)" | |
| exit 1 | |
| fi | |
| echo "✅ Bundle size check passed: $BUNDLE_SIZE bytes" | |
| - name: 'Lighthouse CI' | |
| uses: treosh/lighthouse-ci-action@v10 | |
| with: | |
| configPath: './lighthouserc.json' | |
| uploadArtifacts: true | |
| temporaryPublicStorage: true | |
| continue-on-error: true | |
| # Job 7: Deployment Readiness | |
| deployment-check: | |
| name: 'Deployment Readiness' | |
| runs-on: ubuntu-latest | |
| needs: [unit-tests, e2e-tests, security, build] | |
| if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/staging' | |
| steps: | |
| - name: 'Checkout repository' | |
| uses: actions/checkout@v4 | |
| - name: 'Check deployment readiness' | |
| run: | | |
| echo "✅ All tests passed" | |
| echo "✅ Security scans completed" | |
| echo "✅ Build validation successful" | |
| echo "🚀 Ready for deployment to ${{ github.ref == 'refs/heads/main' && 'production' || 'staging' }}" | |
| - name: 'Generate deployment summary' | |
| run: | | |
| echo "## 🚀 Deployment Summary" >> $GITHUB_STEP_SUMMARY | |
| echo "- **Branch**: ${{ github.ref_name }}" >> $GITHUB_STEP_SUMMARY | |
| echo "- **Environment**: ${{ github.ref == 'refs/heads/main' && 'Production' || 'Staging' }}" >> $GITHUB_STEP_SUMMARY | |
| echo "- **Commit**: ${{ github.sha }}" >> $GITHUB_STEP_SUMMARY | |
| echo "- **Status**: ✅ All checks passed" >> $GITHUB_STEP_SUMMARY |