Skima/.github/workflows/quality.yml at main · henfrydls/Skima · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
name: Quality Pipeline

on:
  pull_request:
    branches: [ main, develop ]
  workflow_dispatch:

jobs:
  quality:
    strategy:
      fail-fast: false
      matrix:
        os: [ubuntu-latest, windows-latest, macos-latest]

    runs-on: ${{ matrix.os }}
    steps:
      - uses: actions/checkout@v4

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '20'
          cache: 'npm'

      - name: Install Root Dependencies
        run: npm install

      - name: Install Client Dependencies
        run: cd client && npm install

      - name: Install Server Dependencies
        run: cd server && npm install
        shell: bash

      # Linting
      - name: Lint Client
        run: npx eslint src/
        working-directory: ./client

      # Tests with Coverage
      - name: Run Client Tests with Coverage
        run: npx vitest run --coverage
        working-directory: ./client

      - name: Generate Prisma Client
        run: npx prisma generate
        working-directory: ./server

      - name: Setup Server Test Database
        run: npx prisma db push --skip-generate
        working-directory: ./server
        env:
          DATABASE_URL: file:./prisma/test.db

      - name: Run Server Tests with Coverage
        run: npx vitest run --coverage
        working-directory: ./server
        env:
          DATABASE_URL: file:./prisma/test.db

      # Build Check
      - name: Build Client
        run: npm run build
        working-directory: ./client

      # Upload Coverage Artifacts (only from Ubuntu to avoid duplicates)
      - name: Upload Client Coverage
        if: always() && matrix.os == 'ubuntu-latest'
        uses: actions/upload-artifact@v4
        with:
          name: client-coverage
          path: client/coverage/

      - name: Upload Server Coverage
        if: always() && matrix.os == 'ubuntu-latest'
        uses: actions/upload-artifact@v4
        with:
          name: server-coverage
          path: server/coverage/

      # Security Audit (only from Ubuntu to avoid duplicates)
      - name: Security Audit (Root)
        if: matrix.os == 'ubuntu-latest'
        run: npm audit --audit-level=high
        continue-on-error: true

      - name: Security Audit (Client)
        if: matrix.os == 'ubuntu-latest'
        run: npm audit --audit-level=high
        working-directory: ./client
        continue-on-error: true

      - name: Security Audit (Server)
        if: matrix.os == 'ubuntu-latest'
        run: npm audit --audit-level=high
        working-directory: ./server
        continue-on-error: true