simon/svelte-5-static-shadcn-template
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: ci
Some checks failed
CI / test (push) Failing after 22s
Details
CI / security (push) Failing after 26s
Details
CI / docker-build (push) Has been skipped
Details

Browse Source
This commit is contained in:
Simon Malm
2025-08-14 14:35:24 +02:00
parent 788d500821
commit b21f334701
11 changed files with 181 additions and 274 deletions
Download Patch File Download Diff File Expand all files Collapse all files

148
.github/workflows/ci.yml vendored
View File

@@ -10,10 +10,6 @@ jobs:
test:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [20, 22]
steps:
- name: Checkout code
uses: actions/checkout@v4
@@ -23,85 +19,22 @@ jobs:
with:
bun-version: '1.2.20'
- name: Verify Bun installation
run: bun --version
- name: Cache dependencies
uses: actions/cache@v4
- name: Setup Nushell
uses: hustcer/setup-nu@v3
with:
path: |
~/.bun/install/cache
node_modules
key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lock') }}
restore-keys: |
${{ runner.os }}-bun-
version: '0.99'
- name: Setup Just
uses: extractions/setup-just@v2
- name: Install dependencies
run: bun install --frozen-lockfile
- name: Run linting
run: bun run lint
- name: Run type checking
run: bun run check
- name: Run unit tests
run: bun run test:unit --run
run: just install
- name: Install Playwright browsers
run: bunx playwright install --with-deps
run: just install-browsers
- name: Run E2E tests
run: bun run test:e2e
- name: Upload test results
uses: actions/upload-artifact@v4
if: failure()
with:
name: test-results-${{ matrix.node-version }}
path: |
test-results/
playwright-report/
retention-days: 30
build:
runs-on: ubuntu-latest
needs: test
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Bun
uses: oven-sh/setup-bun@v2
with:
bun-version: '1.2.20'
- name: Verify Bun installation
run: bun --version
- name: Cache dependencies
uses: actions/cache@v4
with:
path: |
~/.bun/install/cache
node_modules
key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lock') }}
restore-keys: |
${{ runner.os }}-bun-
- name: Install dependencies
run: bun install --frozen-lockfile
- name: Build application
run: bun run build
- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: build-files
path: build/
retention-days: 7
- name: Run CI pipeline
run: just ci
security:
runs-on: ubuntu-latest
@@ -115,20 +48,63 @@ jobs:
with:
bun-version: '1.2.20'
- name: Verify Bun installation
run: bun --version
- name: Setup Nushell
uses: hustcer/setup-nu@v3
with:
version: '0.99'
- name: Setup Just
uses: extractions/setup-just@v2
- name: Install dependencies
run: bun install --frozen-lockfile
run: just install
- name: Run security audit
run: bun audit
run: just audit
continue-on-error: true
- name: Run CodeQL Analysis
uses: github/codeql-action/init@v3
- name: Run Semgrep security scan
uses: semgrep/semgrep-action@v1
with:
languages: javascript
config: >-
p/security-audit
p/secrets
p/owasp-top-ten
p/javascript
p/typescript
generateSarif: '1'
# Token only needed for Semgrep Cloud features (optional)
env:
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
continue-on-error: true
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
docker-build:
runs-on: ubuntu-latest
needs: [test, security]
if: github.ref == 'refs/heads/master'
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Log in to Container Registry
uses: docker/login-action@v2
with:
registry: ${{ vars.DOCKER_REGISTRY }}
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push Docker image
uses: docker/build-push-action@v4
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: |
${{ vars.DOCKER_REGISTRY }}/${{ vars.DOCKER_REPOSITORY }}:latest
${{ vars.DOCKER_REGISTRY }}/${{ vars.DOCKER_REPOSITORY }}:${{ github.sha }}
cache-from: type=gha
cache-to: type=gha,mode=max