feat: StringRay Framework v1.0.5 - Enterprise Production Release #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| on: | |
| push: | |
| branches: [ master, main ] | |
| pull_request: | |
| branches: [ master, main ] | |
| release: | |
| types: [ published ] | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| node-version: [18.x, 20.x] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm run ci-install | |
| - name: Run TypeScript type checking | |
| run: npm run typecheck | |
| - name: Run linting | |
| run: npm run lint | |
| - name: Build project | |
| run: npm run build:all | |
| - name: Run tests | |
| run: npm test | |
| - name: Run security audit | |
| run: npm audit --audit-level moderate | |
| continue-on-error: true | |
| build-and-test: | |
| runs-on: ubuntu-latest | |
| needs: test | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20.x' | |
| cache: 'npm' | |
| registry-url: 'https://registry.npmjs.org' | |
| - name: Install dependencies | |
| run: npm run ci-install | |
| - name: Build for production | |
| run: npm run build:all | |
| - name: Run comprehensive tests | |
| run: npm run test:all | |
| - name: Generate coverage report | |
| run: npm run test:coverage | |
| - name: Package validation | |
| run: npm pack --dry-run | |
| security-scan: | |
| runs-on: ubuntu-latest | |
| needs: build-and-test | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20.x' | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm run ci-install | |
| - name: Run security audit | |
| run: npm audit --audit-level high | |
| - name: CodeQL Analysis | |
| uses: github/codeql-action/init@v3 | |
| with: | |
| languages: javascript | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v3 | |
| publish: | |
| runs-on: ubuntu-latest | |
| needs: [test, build-and-test, security-scan] | |
| if: github.event_name == 'release' && github.event.action == 'published' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20.x' | |
| cache: 'npm' | |
| registry-url: 'https://registry.npmjs.org' | |
| - name: Install dependencies | |
| run: npm run ci-install | |
| - name: Build for production | |
| run: npm run build:all | |
| - name: Run final tests | |
| run: npm test | |
| - name: Publish to npm | |
| run: npm publish --tag latest | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} |