-
Notifications
You must be signed in to change notification settings - Fork 0
244 lines (216 loc) · 9.51 KB
/
code-quality.yml
File metadata and controls
244 lines (216 loc) · 9.51 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
name: Code Quality
on:
schedule:
# Run code quality checks daily at 2 AM UTC on Sundays
- cron: '0 2 * * 0'
workflow_dispatch:
push:
branches: [main]
paths:
- 'src/**'
- 'package.json'
- 'tsconfig.json'
- 'tsconfig.node.json'
- '.github/workflows/**'
jobs:
code-quality:
name: Code Quality Analysis
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout repository
uses: actions/checkout@v6
with:
fetch-depth: 0 # Full history for better analysis
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version-file: .nvmrc
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: 'Create .env file'
run: |
echo "${{ vars.ENV_CI }}" > .env
- name: Run ESLint with detailed output
run: |
echo "## ESLint Analysis" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
npm run lint -- --output-file eslint-output.txt || true
if [ -s eslint-output.txt ]; then
echo "### Issues Found:" >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
cat eslint-output.txt >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
else
echo "✅ No ESLint issues found" >> $GITHUB_STEP_SUMMARY
fi
- name: Check code formatting
run: |
echo "" >> $GITHUB_STEP_SUMMARY
echo "## Prettier Analysis" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
npm run format:check > prettier-output.txt 2>&1 || true
if [ $? -eq 0 ]; then
echo "✅ All files are properly formatted" >> $GITHUB_STEP_SUMMARY
else
echo "❌ Some files need formatting:" >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
cat prettier-output.txt >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
fi
- name: Run tests with detailed coverage
run: |
echo "" >> $GITHUB_STEP_SUMMARY
echo "## Test Coverage Analysis" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
npm run test:ci -- --coverage.reporter=json-summary
# Extract coverage summary
if [ -f coverage/coverage-summary.json ]; then
echo "### Coverage Summary:" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
# Use Node.js to parse JSON and create a table
node -e "
const fs = require('fs');
const coverage = JSON.parse(fs.readFileSync('coverage/coverage-summary.json', 'utf8'));
const total = coverage.total;
console.log('| Metric | Percentage | Covered/Total |');
console.log('|--------|------------|---------------|');
console.log(\`| Lines | \${total.lines.pct}% | \${total.lines.covered}/\${total.lines.total} |\`);
console.log(\`| Functions | \${total.functions.pct}% | \${total.functions.covered}/\${total.functions.total} |\`);
console.log(\`| Branches | \${total.branches.pct}% | \${total.branches.covered}/\${total.branches.total} |\`);
console.log(\`| Statements | \${total.statements.pct}% | \${total.statements.covered}/\${total.statements.total} |\`);
" >> $GITHUB_STEP_SUMMARY
fi
- name: Build check
run: |
echo "" >> $GITHUB_STEP_SUMMARY
echo "## Build" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
npm run build > tsc-output.txt 2>&1
if [ $? -eq 0 ]; then
echo "✅ Build successful" >> $GITHUB_STEP_SUMMARY
else
echo "❌ Build failed:" >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
cat tsc-output.txt >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
fi
- name: Security audit
run: |
echo "" >> $GITHUB_STEP_SUMMARY
echo "## Security Audit" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
npm audit --audit-level=moderate --omit=dev > security-output.txt 2>&1 || true
if grep -q "found 0 vulnerabilities" security-output.txt; then
echo "✅ No security vulnerabilities found" >> $GITHUB_STEP_SUMMARY
else
echo "⚠️ Security vulnerabilities detected:" >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
cat security-output.txt >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
fi
- name: Package analysis
run: |
echo "" >> $GITHUB_STEP_SUMMARY
echo "## Package Analysis" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
# Check for outdated packages
echo "### Outdated Packages:" >> $GITHUB_STEP_SUMMARY
npm outdated > outdated-output.txt 2>&1 || true
if [ -s outdated-output.txt ]; then
echo '```' >> $GITHUB_STEP_SUMMARY
cat outdated-output.txt >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
else
echo "✅ All packages are up to date" >> $GITHUB_STEP_SUMMARY
fi
- name: Install infrastructure dependencies
working-directory: ./infrastructure
run: npm ci
- name: Run infrastructure tests with detailed coverage
working-directory: ./infrastructure
run: |
echo "" >> $GITHUB_STEP_SUMMARY
echo "## Infrastructure Test Coverage Analysis" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
npm run test:coverage
# Extract coverage summary
if [ -f coverage/coverage-summary.json ]; then
echo "### Infrastructure Coverage Summary:" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
# Use Node.js to parse JSON and create a table
node -e "
const fs = require('fs');
const coverage = JSON.parse(fs.readFileSync('coverage/coverage-summary.json', 'utf8'));
const total = coverage.total;
console.log('| Metric | Percentage | Covered/Total |');
console.log('|--------|------------|---------------|');
console.log(\`| Lines | \${total.lines.pct}% | \${total.lines.covered}/\${total.lines.total} |\`);
console.log(\`| Functions | \${total.functions.pct}% | \${total.functions.covered}/\${total.functions.total} |\`);
console.log(\`| Branches | \${total.branches.pct}% | \${total.branches.covered}/\${total.branches.total} |\`);
console.log(\`| Statements | \${total.statements.pct}% | \${total.statements.covered}/\${total.statements.total} |\`);
" >> $GITHUB_STEP_SUMMARY
fi
- name: Infrastructure build check
working-directory: ./infrastructure
run: |
echo "" >> $GITHUB_STEP_SUMMARY
echo "## Infrastructure Build" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
npm run build > infra-tsc-output.txt 2>&1
if [ $? -eq 0 ]; then
echo "✅ Build successful" >> $GITHUB_STEP_SUMMARY
else
echo "❌ Build failed:" >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
cat infra-tsc-output.txt >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
fi
- name: Infrastructure security audit
working-directory: ./infrastructure
run: |
echo "" >> $GITHUB_STEP_SUMMARY
echo "## Infrastructure Security Audit" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
npm audit --audit-level=moderate --omit=dev > infra-security-output.txt 2>&1 || true
if grep -q "found 0 vulnerabilities" infra-security-output.txt; then
echo "✅ No security vulnerabilities found" >> $GITHUB_STEP_SUMMARY
else
echo "⚠️ Security vulnerabilities detected:" >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
cat infra-security-output.txt >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
fi
- name: Infrastructure package analysis
working-directory: ./infrastructure
run: |
echo "" >> $GITHUB_STEP_SUMMARY
echo "## Infrastructure Package Analysis" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
# Check for outdated packages
echo "### Outdated Packages:" >> $GITHUB_STEP_SUMMARY
npm outdated > infra-outdated-output.txt 2>&1 || true
if [ -s infra-outdated-output.txt ]; then
echo '```' >> $GITHUB_STEP_SUMMARY
cat infra-outdated-output.txt >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
else
echo "✅ All packages are up to date" >> $GITHUB_STEP_SUMMARY
fi
- name: Archive test results
if: always()
uses: actions/upload-artifact@v7
with:
name: test-results
path: |
coverage/
eslint-output.txt
prettier-output.txt
tsc-output.txt
security-output.txt
outdated-output.txt
infra-tsc-output.txt
infra-security-output.txt
infra-outdated-output.txt
retention-days: 7