name: CI on: push: branches: [main, develop] pull_request: branches: [main, develop] jobs: test: runs-on: ubuntu-latest strategy: matrix: node-version: [20, 22] steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup Bun uses: oven-sh/setup-bun@v2 with: bun-version: latest - name: Cache dependencies uses: actions/cache@v4 with: path: | ~/.bun/install/cache node_modules key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lock') }} restore-keys: | ${{ runner.os }}-bun- - name: Install dependencies run: bun install --frozen-lockfile - name: Run linting run: bun run lint - name: Run type checking run: bun run check - name: Run unit tests run: bun run test:unit --run - name: Install Playwright browsers run: bunx playwright install --with-deps - name: Run E2E tests run: bun run test:e2e - name: Upload test results uses: actions/upload-artifact@v4 if: failure() with: name: test-results-${{ matrix.node-version }} path: | test-results/ playwright-report/ retention-days: 30 build: runs-on: ubuntu-latest needs: test steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup Bun uses: oven-sh/setup-bun@v2 with: bun-version: latest - name: Cache dependencies uses: actions/cache@v4 with: path: | ~/.bun/install/cache node_modules key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lock') }} restore-keys: | ${{ runner.os }}-bun- - name: Install dependencies run: bun install --frozen-lockfile - name: Build application run: bun run build - name: Upload build artifacts uses: actions/upload-artifact@v4 with: name: build-files path: build/ retention-days: 7 security: runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup Bun uses: oven-sh/setup-bun@v2 with: bun-version: latest - name: Install dependencies run: bun install --frozen-lockfile - name: Run security audit run: bun audit continue-on-error: true - name: Run CodeQL Analysis uses: github/codeql-action/init@v3 with: languages: javascript - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3