diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml index 52c41a0..16ecf92 100644 --- a/.github/workflows/package.yml +++ b/.github/workflows/package.yml @@ -1,112 +1,18 @@ -name: CI/CD Pipeline +name: Build and Push Docker Image on: - push: - branches: - - master - - main - paths-ignore: - - '**.md' - - 'LICENSE' - - '.gitignore' - - 'docs/**' - pull_request: - branches: - - master - - main release: types: [published] workflow_dispatch: -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }} - FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: 'true' - jobs: - quality-checks: - name: Code Quality & Security + build: + name: Build & Push Multi-Platform Docker Image runs-on: ubuntu-latest - steps: - - name: Checkout repository - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Setup Bun - uses: oven-sh/setup-bun@v2 - with: - bun-version: latest - - - name: Cache dependencies - uses: actions/cache@v4 - with: - path: | - ~/.bun/install/cache - node_modules - key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lock', '**/package.json') }} - restore-keys: | - ${{ runner.os }}-bun- - - - name: Install dependencies - run: bun install --frozen-lockfile - - - name: Run linter - run: bun run lint - - - name: Check code formatting - run: bunx prettier --check . - continue-on-error: true - - - name: Run tests - run: bun run test:all - - - name: Security audit - run: bun audit - continue-on-error: true - - build-test: - name: Build & Test - runs-on: ubuntu-latest - needs: quality-checks - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Setup Bun - uses: oven-sh/setup-bun@v2 - with: - bun-version: latest - - - name: Install dependencies - run: bun install --frozen-lockfile - - - name: Build project - run: | - PORT=5000 bun run start & - SERVER_PID=$! - sleep 10 - kill $SERVER_PID || true - - - name: Test API endpoints - run: | - PORT=5000 bun run start & - SERVER_PID=$! - sleep 10 - curl -f http://localhost:5000/ping || exit 1 - kill $SERVER_PID || true - - publish-docker: - name: Build & Push Docker Image - runs-on: ubuntu-latest - if: github.event_name == 'release' permissions: contents: read packages: write + steps: - name: Checkout repository uses: actions/checkout@v4 @@ -120,11 +26,11 @@ jobs: - name: Log in to the Container registry uses: docker/login-action@v3 with: - registry: ${{ env.REGISTRY }} + registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Extract metadata (tags, labels) for Docker + - name: Extract metadata for Docker id: meta uses: docker/metadata-action@v5 with: @@ -145,5 +51,3 @@ jobs: labels: ${{ steps.meta.outputs.labels }} cache-from: type=gha cache-to: type=gha,mode=max - - diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 36e6672..e1e54ea 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -8,11 +8,54 @@ on: paths-ignore: - '**.md' - '.gitignore' + pull_request: + branches: + - master + - main jobs: + quality-checks: + name: Code Quality & Security + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Setup Bun + uses: oven-sh/setup-bun@v2 + with: + bun-version: latest + + - name: Cache dependencies + uses: actions/cache@v4 + with: + path: | + ~/.bun/install/cache + node_modules + key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lock', '**/package.json') }} + restore-keys: | + ${{ runner.os }}-bun- + + - name: Install dependencies + run: bun install --frozen-lockfile + + - name: Run linter + run: bun run lint + + - name: Check code formatting + run: bunx prettier --check . + continue-on-error: true + + - name: Run tests + run: bun run test:all + release: name: Tag and Release runs-on: ubuntu-latest + needs: quality-checks + if: github.event_name == 'push' && (github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main') permissions: contents: write