Skip to content

feat(#48): simplify analysis dashboard to core workflows #25

feat(#48): simplify analysis dashboard to core workflows

feat(#48): simplify analysis dashboard to core workflows #25

Workflow file for this run

name: CI
on:
pull_request:
branches:
- main
permissions:
contents: read
security-events: write
jobs:
lint-go:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: backend/go.mod
- name: Install golangci-lint
run: go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest
- name: Run golangci-lint
working-directory: backend
run: golangci-lint run --timeout=5m
lint-frontend:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: "20"
cache: "npm"
cache-dependency-path: frontend/package-lock.json
- working-directory: frontend
run: |
npm ci --legacy-peer-deps
npm run lint
test-go:
runs-on: ubuntu-latest
services:
postgres:
image: postgres:16-alpine
env:
POSTGRES_DB: remedyiq
POSTGRES_USER: remedyiq
POSTGRES_PASSWORD: remedyiq
ports:
- 5432:5432
options: >-
--health-cmd "pg_isready -U remedyiq"
--health-interval 10s
--health-timeout 5s
--health-retries 5
env:
POSTGRES_URL: postgres://remedyiq:remedyiq@localhost:5432/remedyiq?sslmode=disable
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: backend/go.mod
- name: Apply database migrations
env:
PGPASSWORD: remedyiq
run: |
for f in backend/migrations/*.up.sql; do
psql -h localhost -U remedyiq -d remedyiq -f "$f"
done
- working-directory: backend
run: go test -v -race -coverprofile=coverage.out ./...
build-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Build API image
run: docker build -f backend/Dockerfile --target api -t remedyiq/api:ci .
- name: Build Worker image
run: docker build -f backend/Dockerfile --target worker -t remedyiq/worker:ci .
- name: Build Frontend image
run: docker build -t remedyiq/frontend:ci ./frontend
- name: Scan API image with Trivy
uses: aquasecurity/trivy-action@master
with:
image-ref: remedyiq/api:ci
format: table
exit-code: 1
severity: HIGH,CRITICAL
trivyignores: .trivyignore
- name: Scan Worker image with Trivy
uses: aquasecurity/trivy-action@master
with:
image-ref: remedyiq/worker:ci
format: table
exit-code: 1
severity: HIGH,CRITICAL
trivyignores: .trivyignore
- name: Scan Frontend image with Trivy
uses: aquasecurity/trivy-action@master
with:
image-ref: remedyiq/frontend:ci
format: table
exit-code: 1
severity: HIGH,CRITICAL
trivyignores: .trivyignore
- name: Scan for secrets with Gitleaks
uses: gitleaks/gitleaks-action@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
helm-lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: azure/setup-helm@v4
with:
version: "v3.14.0"
- run: helm dependency update helm/remedyiq
- run: helm lint helm/remedyiq -f helm/remedyiq/values-staging.yaml
- run: helm lint helm/remedyiq -f helm/remedyiq/values-prod.yaml