arc-frp/.forgejo/workflows/test.yml

name: Test and Lint

on:
  push:
    branches: [ main, develop ]
  pull_request:
    branches: [ main ]

jobs:
  test-app:
    runs-on: ubuntu-latest
    defaults:
      run:
        working-directory: ./app

    steps:
    - name: Checkout repository
      uses: actions/checkout@v4

    - name: Setup Node.js
      uses: actions/setup-node@v4
      with:
        node-version: '20'
        cache: 'npm'
        cache-dependency-path: './app/package-lock.json'

    - name: Install dependencies
      run: npm ci

    - name: Type check
      run: npx tsc --noEmit

    - name: Build application
      run: npm run build

    - name: Run tests (if available)
      run: npm test --if-present
      continue-on-error: true

  test-node:
    runs-on: ubuntu-latest
    defaults:
      run:
        working-directory: ./node

    steps:
    - name: Checkout repository
      uses: actions/checkout@v4

    - name: Setup Bun
      uses: oven-sh/setup-bun@v1
      with:
        bun-version: latest

    - name: Install dependencies
      run: bun install

    - name: Type check
      run: bunx tsc --noEmit

    - name: Build application
      run: bun run build

    - name: Run tests (if available)
      run: bun test --if-present
      continue-on-error: true

  lint-dockerfiles:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout repository
      uses: actions/checkout@v4

    - name: Lint App Dockerfile
      uses: hadolint/hadolint-action@v3.1.0
      with:
        dockerfile: ./app/Dockerfile
        failure-threshold: warning

    - name: Lint Node Dockerfile
      uses: hadolint/hadolint-action@v3.1.0
      with:
        dockerfile: ./node/Dockerfile
        failure-threshold: warning

  security-scan:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout repository
      uses: actions/checkout@v4

    - name: Run Trivy vulnerability scanner
      uses: aquasecurity/trivy-action@master
      with:
        scan-type: 'fs'
        scan-ref: '.'
        format: 'sarif'
        output: 'trivy-results.sarif'

    - name: Upload Trivy scan results
      uses: github/codeql-action/upload-sarif@v2
      if: always()
      with:
        sarif_file: 'trivy-results.sarif'
First 2025-07-03 15:50:13 -04:00			`name: Test and Lint`

			`on:`
			`push:`
			`branches: [ main, develop ]`
			`pull_request:`
			`branches: [ main ]`

			`jobs:`
			`test-app:`
			`runs-on: ubuntu-latest`
			`defaults:`
			`run:`
			`working-directory: ./app`

			`steps:`
			`- name: Checkout repository`
			`uses: actions/checkout@v4`

			`- name: Setup Node.js`
			`uses: actions/setup-node@v4`
			`with:`
			`node-version: '20'`
			`cache: 'npm'`
			`cache-dependency-path: './app/package-lock.json'`

			`- name: Install dependencies`
			`run: npm ci`

			`- name: Type check`
			`run: npx tsc --noEmit`

			`- name: Build application`
			`run: npm run build`

			`- name: Run tests (if available)`
			`run: npm test --if-present`
			`continue-on-error: true`

			`test-node:`
			`runs-on: ubuntu-latest`
			`defaults:`
			`run:`
			`working-directory: ./node`

			`steps:`
			`- name: Checkout repository`
			`uses: actions/checkout@v4`

			`- name: Setup Bun`
			`uses: oven-sh/setup-bun@v1`
			`with:`
			`bun-version: latest`

			`- name: Install dependencies`
			`run: bun install`

			`- name: Type check`
			`run: bunx tsc --noEmit`

			`- name: Build application`
			`run: bun run build`

			`- name: Run tests (if available)`
			`run: bun test --if-present`
			`continue-on-error: true`

			`lint-dockerfiles:`
			`runs-on: ubuntu-latest`
			`steps:`
			`- name: Checkout repository`
			`uses: actions/checkout@v4`

			`- name: Lint App Dockerfile`
			`uses: hadolint/hadolint-action@v3.1.0`
			`with:`
			`dockerfile: ./app/Dockerfile`
			`failure-threshold: warning`

			`- name: Lint Node Dockerfile`
			`uses: hadolint/hadolint-action@v3.1.0`
			`with:`
			`dockerfile: ./node/Dockerfile`
			`failure-threshold: warning`

			`security-scan:`
			`runs-on: ubuntu-latest`
			`steps:`
			`- name: Checkout repository`
			`uses: actions/checkout@v4`

			`- name: Run Trivy vulnerability scanner`
			`uses: aquasecurity/trivy-action@master`
			`with:`
			`scan-type: 'fs'`
			`scan-ref: '.'`
			`format: 'sarif'`
			`output: 'trivy-results.sarif'`

			`- name: Upload Trivy scan results`
			`uses: github/codeql-action/upload-sarif@v2`
			`if: always()`
			`with:`
			`sarif_file: 'trivy-results.sarif'`