bump version #14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # .github/workflows/ci.yml | ||
| name: CI | ||
| on: | ||
| push: | ||
| branches: [ main, develop ] | ||
| pull_request: | ||
| branches: [ main, develop ] | ||
| jobs: | ||
| test: | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| matrix: | ||
| node-version: [16.x, 18.x, 20.x] | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - name: Use Node.js ${{ matrix.node-version }} | ||
| uses: actions/setup-node@v4 | ||
| with: | ||
| node-version: ${{ matrix.node-version }} | ||
| cache: 'npm' | ||
| - name: Install dependencies | ||
| run: npm ci --legacy-peer-deps | ||
| - name: Run linting | ||
| run: npm run lint | ||
| - name: Run type checking | ||
| run: npm run type-check | ||
| - name: Run unit tests | ||
| run: npm run test:unit | ||
| - name: Run build | ||
| run: npm run build | ||
| - name: Check build outputs | ||
| run: | | ||
| ls -la dist/ | ||
| test -f dist/index.js | ||
| test -f dist/index.mjs | ||
| test -f dist/index.d.ts | ||
| - name: Test import (CommonJS) | ||
| run: node -e "const { default: OstrichDB } = require('./dist/index.js'); console.log('✅ CommonJS import successful:', typeof OstrichDB);" | ||
| - name: Test import (ESM) | ||
| run: node -e "import('./dist/index.mjs').then(mod => console.log('✅ ESM import successful:', typeof mod.default));" | ||
| - name: Test package functionality | ||
| run: | | ||
| node -e " | ||
| const { default: OstrichDB, OstrichDBInstance } = require('./dist/index.js'); | ||
| const db = new OstrichDB({ baseUrl: 'http://localhost:8042' }); | ||
| const project = db.project('test'); | ||
| console.log('✅ Package functionality verified'); | ||
| " | ||
| # Integration tests - only run if OstrichDB server is available | ||
| integration-tests: | ||
| runs-on: ubuntu-latest | ||
| needs: test | ||
| # Only run on main branch or when explicitly requested | ||
| if: github.ref == 'refs/heads/main' || contains(github.event.head_commit.message, '[run-integration]') | ||
| services: | ||
| ostrichdb: | ||
| image: archetype/ostrichdb:latest | ||
| ports: | ||
| - 8042:8042 | ||
| options: >- | ||
| --health-cmd "curl -f http://localhost:8042/health || exit 1" | ||
| --health-interval 30s | ||
| --health-timeout 10s | ||
| --health-retries 5 | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - name: Use Node.js 18 | ||
| uses: actions/setup-node@v4 | ||
| with: | ||
| node-version: 18 | ||
| cache: 'npm' | ||
| - name: Install dependencies | ||
| run: npm ci --legacy-peer-deps | ||
| - name: Wait for OstrichDB | ||
| run: | | ||
| echo "Waiting for OstrichDB to be ready..." | ||
| timeout 60s sh -c 'until curl -f http://localhost:8042/health; do echo "Waiting..."; sleep 2; done' | ||
| echo "OstrichDB is ready!" | ||
| - name: Run integration tests | ||
| run: npm run test:integration | ||
| env: | ||
| OSTRICHDB_URL: http://localhost:8042 | ||
| TEST_JWT_TOKEN: ${{ secrets.TEST_JWT_TOKEN || 'eyJhbGciOiAiUlMyNTYiLCAidHlwIjogIkpXVCJ9.eyJzdWIiOiAidGVzdF91c2VyXzEyMzQ1IiwgImVtYWlsIjogInRlc3RAZXhhbXBsZS5jb20iLCAiZ2l2ZW5fbmFtZSI6ICJUZXN0IiwgImZhbWlseV9uYW1lIjogIlVzZXIiLCAiaXNzIjogImh0dHBzOi8veW91cmFwcC5raW5kZS5jb20iLCAiYXVkIjogWyJ5b3VyLWFwaSJdLCAiZXhwIjogOTk5OTk5OTk5OSwgImlhdCI6IDE2NDA5MDg4MDB9.fake_signature' }} | ||
| RUN_INTEGRATION_TESTS: true | ||
| # Security audit - allow to fail without blocking the pipeline | ||
| security: | ||
| runs-on: ubuntu-latest | ||
| continue-on-error: true | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - name: Use Node.js 18 | ||
| uses: actions/setup-node@v4 | ||
| with: | ||
| node-version: 18 | ||
| cache: 'npm' | ||
| - name: Install dependencies | ||
| run: npm ci --legacy-peer-deps | ||
| - name: Run security audit (moderate) | ||
| run: npm audit --audit-level moderate || echo "⚠️ Security audit found moderate issues" | ||
| - name: Run security audit (high) | ||
| run: npm audit --audit-level high || echo "⚠️ Security audit found high issues" | ||
| - name: Check for known vulnerabilities | ||
| run: | | ||
| echo "🔍 Checking for critical vulnerabilities..." | ||
| npm audit --audit-level critical || echo "⚠️ Critical vulnerabilities found - review before production" | ||
| # Code quality checks | ||
| quality: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - name: Use Node.js 18 | ||
| uses: actions/setup-node@v4 | ||
| with: | ||
| node-version: 18 | ||
| cache: 'npm' | ||
| - name: Install dependencies | ||
| run: npm ci --legacy-peer-deps | ||
| - name: Run tests with coverage | ||
| run: npm run test:coverage | ||
| - name: Upload coverage to Codecov | ||
| uses: codecov/codecov-action@v3 | ||
| with: | ||
| file: ./coverage/lcov.info | ||
| flags: unittests | ||
| name: codecov-umbrella | ||
| fail_ci_if_error: false | ||
| - name: Check package size | ||
| run: | | ||
| npm pack --dry-run | ||
| echo "📦 Package contents verified" | ||
