00b6d41c52
Bloc A - Code mort: - Suppression Studio (components, views, features) - Suppression gamification + services mock (projectService, storageService, gamificationService) - Mise à jour Sidebar, Navbar, locales Bloc B - Frontend: - Suppression modal.tsx deprecated, Modal.stories (doublon Dialog) - Feature flags: PLAYLIST_SEARCH, PLAYLIST_RECOMMENDATIONS, ROLE_MANAGEMENT = true - Suppression 19 tests orphelins, retrait exclusions vitest.config Bloc C - Backend: - Extraction routes_auth.go depuis router.go Bloc D - Rust: - Suppression security_legacy.rs (code mort, patterns déjà dans security/)
207 lines
4.7 KiB
YAML
207 lines
4.7 KiB
YAML
name: Veza CI/CD
|
|
|
|
on:
|
|
push:
|
|
branches: [ "main", "remediation/*", "feature/mvp-complete" ]
|
|
pull_request:
|
|
branches: [ "main", "feature/mvp-complete" ]
|
|
workflow_dispatch: # Allow manual trigger
|
|
|
|
jobs:
|
|
backend-go:
|
|
name: Backend (Go)
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v5
|
|
with:
|
|
go-version: '1.23'
|
|
cache: true
|
|
|
|
- name: Install dependencies
|
|
run: |
|
|
cd veza-backend-api
|
|
go mod download
|
|
|
|
- name: Run govulncheck
|
|
run: |
|
|
cd veza-backend-api
|
|
go install golang.org/x/vuln/cmd/govulncheck@latest
|
|
govulncheck ./...
|
|
|
|
- name: Vet
|
|
run: |
|
|
cd veza-backend-api
|
|
go vet ./...
|
|
|
|
- name: Lint
|
|
run: |
|
|
cd veza-backend-api
|
|
test -z "$(gofmt -l .)" || (echo "gofmt needed on:"; gofmt -l .; exit 1)
|
|
|
|
- name: Test
|
|
run: |
|
|
cd veza-backend-api
|
|
# Running tests excluding those that require DB connection for now
|
|
go test -v ./internal/handlers/... ./internal/services/... -short
|
|
|
|
- name: Build
|
|
run: |
|
|
cd veza-backend-api
|
|
go build -v ./...
|
|
|
|
rust-services:
|
|
name: Rust Services (Chat & Stream)
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Set up Rust
|
|
uses: dtolnay/rust-toolchain@stable
|
|
with:
|
|
components: rustfmt, clippy
|
|
|
|
- name: Cache Cargo registry
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: |
|
|
~/.cargo/registry
|
|
~/.cargo/git
|
|
target
|
|
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
|
|
|
|
- name: Check Formatting
|
|
run: cargo fmt --all -- --check
|
|
|
|
- name: Install cargo-audit
|
|
run: cargo install cargo-audit
|
|
|
|
- name: Auditing Chat Server
|
|
run: |
|
|
cd veza-chat-server
|
|
cargo audit
|
|
|
|
- name: Auditing Stream Server
|
|
run: |
|
|
cd veza-stream-server
|
|
cargo audit
|
|
|
|
- name: Build Chat Server
|
|
run: |
|
|
cd veza-chat-server
|
|
cargo check
|
|
cargo build --verbose
|
|
|
|
- name: Build Stream Server
|
|
# TODO(C7): fix stream-server compilation if this fails
|
|
run: |
|
|
cd veza-stream-server
|
|
cargo check
|
|
|
|
- name: Test Chat Server
|
|
run: |
|
|
cd veza-chat-server
|
|
cargo test --verbose
|
|
|
|
frontend:
|
|
name: Frontend (Web)
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Use Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '20'
|
|
cache: 'npm'
|
|
cache-dependency-path: package-lock.json
|
|
|
|
- name: Install Dependencies
|
|
run: npm ci
|
|
|
|
- name: Security audit (npm)
|
|
run: npm audit --audit-level=critical
|
|
|
|
- name: Cache Generated Types
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: apps/web/src/types/generated
|
|
key: ${{ runner.os }}-generated-types-${{ hashFiles('veza-backend-api/openapi.yaml') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-generated-types-
|
|
|
|
- name: Generate Types from OpenAPI
|
|
run: |
|
|
cd apps/web
|
|
chmod +x scripts/generate-types.sh
|
|
./scripts/generate-types.sh
|
|
continue-on-error: false
|
|
# This step ensures types are generated before typecheck
|
|
# If types don't match spec, CI will fail
|
|
# Cache keyed on openapi.yaml hash, so types regenerate when spec changes
|
|
|
|
- name: Lint
|
|
run: |
|
|
cd apps/web
|
|
npm run lint --if-present
|
|
|
|
- name: Format Check
|
|
run: |
|
|
cd apps/web
|
|
npm run format:check --if-present
|
|
|
|
- name: Type Check
|
|
run: |
|
|
cd apps/web
|
|
npm run typecheck
|
|
|
|
- name: Unit Tests
|
|
run: |
|
|
cd apps/web
|
|
npm run test -- --run
|
|
|
|
- name: Contrast Tests
|
|
run: |
|
|
cd apps/web
|
|
npm run test -- --run src/__tests__/contrast.test.ts
|
|
|
|
- name: Build
|
|
run: |
|
|
cd apps/web
|
|
npm run build
|
|
|
|
e2e:
|
|
name: E2E (Playwright)
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 45
|
|
defaults:
|
|
run:
|
|
working-directory: apps/web
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Set up Node
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '20'
|
|
cache: 'npm'
|
|
cache-dependency-path: package-lock.json
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
working-directory: .
|
|
|
|
- name: Install Playwright Browsers
|
|
run: npx playwright install --with-deps
|
|
|
|
- name: Run E2E tests
|
|
run: npx playwright test
|
|
|
|
- uses: actions/upload-artifact@v4
|
|
if: failure()
|
|
with:
|
|
name: playwright-report
|
|
path: apps/web/playwright-report/
|
|
retention-days: 7
|