Daniel Volz
2d9cd0ad1a
test.yml: Use dorny/paths-filter to detect changed paths. Backend tests only run when backend/**, biome.json, or the workflow itself changes. Frontend build only runs when frontend/**, biome.json, or the workflow changes. Jobs skipped via job-level 'if:' are treated as passed by GitHub required checks. codeql.yml: Only run on push/PR when JS/TS source files, package files, or CodeQL config changes. Weekly schedule and manual dispatch remain unfiltered.
116 lines
3.0 KiB
YAML
116 lines
3.0 KiB
YAML
name: Test
|
|
|
|
on:
|
|
pull_request:
|
|
branches: [main]
|
|
|
|
# Minimal permissions for security
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
# =============================================================================
|
|
# Detect which paths changed to skip unnecessary jobs
|
|
# =============================================================================
|
|
changes:
|
|
name: Detect Changes
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
pull-requests: read
|
|
outputs:
|
|
backend: ${{ steps.filter.outputs.backend }}
|
|
frontend: ${{ steps.filter.outputs.frontend }}
|
|
steps:
|
|
- uses: dorny/paths-filter@v3
|
|
id: filter
|
|
with:
|
|
filters: |
|
|
backend:
|
|
- 'backend/**'
|
|
- 'biome.json'
|
|
- '.github/workflows/test.yml'
|
|
frontend:
|
|
- 'frontend/**'
|
|
- 'biome.json'
|
|
- '.github/workflows/test.yml'
|
|
|
|
# =============================================================================
|
|
# Backend Tests (skipped if no backend-related files changed)
|
|
# =============================================================================
|
|
backend-test:
|
|
name: Backend Tests
|
|
needs: changes
|
|
if: needs.changes.outputs.backend == 'true'
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
defaults:
|
|
run:
|
|
working-directory: backend
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '22'
|
|
cache: 'npm'
|
|
cache-dependency-path: backend/package-lock.json
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: Lint
|
|
run: npm run lint
|
|
|
|
- name: TypeScript type check
|
|
run: npx tsc --noEmit
|
|
|
|
- name: Run tests with coverage
|
|
run: npm run test:coverage
|
|
|
|
- name: Upload coverage report
|
|
uses: actions/upload-artifact@v4
|
|
if: always()
|
|
with:
|
|
name: backend-coverage
|
|
path: backend/coverage/
|
|
retention-days: 7
|
|
|
|
# =============================================================================
|
|
# Frontend Build Validation (skipped if no frontend-related files changed)
|
|
# =============================================================================
|
|
frontend-build:
|
|
name: Frontend Build
|
|
needs: changes
|
|
if: needs.changes.outputs.frontend == 'true'
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
defaults:
|
|
run:
|
|
working-directory: frontend
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '22'
|
|
cache: 'npm'
|
|
cache-dependency-path: frontend/package-lock.json
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: Lint
|
|
run: npm run lint
|
|
|
|
- name: TypeScript type check & build
|
|
run: npm run build
|