AcadeNice/Wiki
1
0
Fork 0
Code Issues Pull requests Releases Activity Actions
Wiki/.github/workflows/ci.yml
Corentin JOGUET d8e8bdefe5
Some checks are pending
CI / Lint bridge (Biome) (push) Waiting to run
Details
CI / Type-check bridge (push) Blocked by required conditions
Details
CI / Tests unit bridge (push) Blocked by required conditions
Details
CI / Tests integration bridge (push) Blocked by required conditions
Details
CI / Security scan (push) Waiting to run
Details
CI / Docker build + healthcheck (push) Blocked by required conditions
Details
ops(ci): fix docker-build job — setup .env BEFORE compose build 
- cp .env.example .env en step 1 (compose interpole les vars au build)
- Add `compose config` validation step
- Bump sleep 30 -> 60s (Docmost boot prend 45-60s sur runner)
- Bump logs --tail=200 (200 lignes au lieu de tout)
2026-05-07 12:29:35 +02:00

148 lines
3.9 KiB
YAML
Raw Blame History

name: CI
on:
push:
branches: [main, develop]
pull_request:
branches: [main]
workflow_dispatch:
permissions:
contents: read
security-events: write
jobs:
lint-bridge:
name: Lint bridge (Biome)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 22
cache: "npm"
cache-dependency-path: bridge/package-lock.json
- run: cd bridge && npm ci
- run: cd bridge && npx biome ci .
typecheck-bridge:
name: Type-check bridge
runs-on: ubuntu-latest
needs: lint-bridge
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 22
cache: "npm"
cache-dependency-path: bridge/package-lock.json
- run: cd bridge && npm ci
- run: cd bridge && npm run typecheck
test-bridge-unit:
name: Tests unit bridge
runs-on: ubuntu-latest
needs: typecheck-bridge
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 22
cache: "npm"
cache-dependency-path: bridge/package-lock.json
- run: cd bridge && npm ci
- run: cd bridge && npm run test:unit -- --coverage
- uses: actions/upload-artifact@v4
with:
name: coverage-unit
path: bridge/coverage/
test-bridge-integration:
name: Tests integration bridge
runs-on: ubuntu-latest
needs: typecheck-bridge
services:
postgres:
image: postgres:16-alpine
env:
POSTGRES_USER: test
POSTGRES_PASSWORD: test
POSTGRES_DB: testdb
ports:
- 5432:5432
options: >-
--health-cmd "pg_isready -U test"
--health-interval 5s
--health-timeout 3s
--health-retries 10
redis:
image: redis:7-alpine
ports:
- 6379:6379
options: >-
--health-cmd "redis-cli ping"
--health-interval 5s
--health-timeout 3s
--health-retries 10
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 22
cache: "npm"
cache-dependency-path: bridge/package-lock.json
- run: cd bridge && npm ci
- run: cd bridge && npm run test:integration
env:
DATABASE_URL: postgresql://test:test@localhost:5432/testdb
REDIS_URL: redis://localhost:6379
security-scan:
name: Security scan
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Secret scanning (TruffleHog)
uses: trufflesecurity/trufflehog@main
with:
path: ./
extra_args: --only-verified
- name: SAST (Semgrep)
uses: semgrep/semgrep-action@v1
with:
config: >-
p/javascript
p/typescript
p/security-audit
p/secrets
continue-on-error: true
- name: Dep audit (npm audit)
run: cd bridge && npm audit --audit-level=high
continue-on-error: false
docker-build:
name: Docker build + healthcheck
runs-on: ubuntu-latest
needs: [test-bridge-unit, test-bridge-integration, security-scan]
steps:
- uses: actions/checkout@v4
- name: Setup .env (avant compose pour interpolation)
run: cp .env.example .env
- name: Validate compose config
run: docker compose config > /dev/null
- name: Build images
run: docker compose build
- name: Up stack
run: docker compose up -d
- name: Wait for services (60s — Docmost boot lent)
run: sleep 60
- name: Healthcheck
run: ./scripts/healthcheck.sh
- name: Logs on failure
if: failure()
run: docker compose logs --tail=200
- name: Cleanup
if: always()
run: docker compose down -v
Reference in a new issue View git blame Copy permalink