name: CI
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main, develop ]
jobs:
build:
name: Build and Test
runs-on: ubuntu-latest
permissions:
contents: read
strategy:
matrix:
node-version: [18.x, 20.x, 22.x]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Lint
run: npm run lint
- name: Test
run: npm test
- name: Build
run: npm run build
- name: Check build artifacts
run: |
if [ ! -f dist/index.js ]; then
echo "Build failed: dist/index.js not found"
exit 1
fi
echo "✓ Build successful"
- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: dist-${{ matrix.node-version }}
path: dist/
retention-days: 7
docker-check:
name: Docker Integration Check
runs-on: ubuntu-latest
needs: build
permissions:
contents: read
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '20.x'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Build
run: npm run build
- name: Verify Docker is available
run: |
docker --version
docker ps
- name: Test Docker connectivity
run: |
docker run --rm hello-world
echo "✓ Docker is working"
quality:
name: Code Quality
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '20.x'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Type check
run: npm run lint
- name: Check package.json
run: |
node -e "const pkg = require('./package.json'); console.log('Package:', pkg.name, 'v' + pkg.version)"
- name: Verify no secrets in code
run: |
if grep -r "password\|secret\|token\|api[_-]key" src/ --include="*.ts" --include="*.js"; then
echo "⚠️ Warning: Potential secrets found in code"
else
echo "✓ No obvious secrets found"
fi
