wylab/claude-hub
1
0
Fork 0
forked from claude-did-this/claude-hub
Code Issues 1 Pull Requests Activity
Files
2a3327e0384473409248587a0de4a671903d0b92
claude-hub/.github/workflows/ci.yml
Jonathan Flatt 2a3327e038 feat: Add comprehensive CI/CD pipeline with automated PR reviews 
- Add GitHub Actions workflows for CI, security scanning, and deployment
- Implement automated PR review system triggered by successful check suites
- Add ESLint and Prettier for code quality and formatting
- Configure Dependabot for automated dependency updates
- Add comprehensive test coverage for check suite webhook events
- Include Docker builds and container registry publishing
- Add security scanning with CodeQL, npm audit, and TruffleHog
- Create PR and issue templates for better collaboration
- Add comprehensive CI/CD documentation

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-05-21 03:42:09 +00:00

226 lines
5.6 KiB
YAML
Raw Blame History

name: CI Pipeline
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main, develop ]
env:
NODE_VERSION: '20'
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
test:
name: Test & Lint
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Run linter
run: npm run lint || echo "No lint script found, skipping"
- name: Run unit tests
run: npm run test:unit
env:
NODE_ENV: test
BOT_USERNAME: '@TestBot'
GITHUB_WEBHOOK_SECRET: 'test-secret'
GITHUB_TOKEN: 'test-token'
- name: Run integration tests
run: npm run test:integration
env:
NODE_ENV: test
BOT_USERNAME: '@TestBot'
GITHUB_WEBHOOK_SECRET: 'test-secret'
GITHUB_TOKEN: 'test-token'
- name: Run e2e tests
run: npm run test:e2e
env:
NODE_ENV: test
BOT_USERNAME: '@TestBot'
GITHUB_WEBHOOK_SECRET: 'test-secret'
GITHUB_TOKEN: 'test-token'
- name: Generate test coverage
run: npm run test:coverage
env:
NODE_ENV: test
BOT_USERNAME: '@TestBot'
GITHUB_WEBHOOK_SECRET: 'test-secret'
GITHUB_TOKEN: 'test-token'
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v4
with:
file: ./coverage/lcov.info
flags: unittests
name: codecov-umbrella
fail_ci_if_error: false
security:
name: Security Scan
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Run npm audit
run: npm audit --audit-level=moderate
- name: Run security scan with Snyk
uses: snyk/actions/node@master
continue-on-error: true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --severity-threshold=high
docker:
name: Docker Build & Test
runs-on: ubuntu-latest
needs: [test]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build main Docker image
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
push: false
tags: claude-github-webhook:test
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Build Claude Code Docker image
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile.claudecode
push: false
tags: claude-code-runner:test
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Test Docker containers
run: |
# Test main container starts correctly
docker run --name test-webhook -d -p 3003:3003 \
-e NODE_ENV=test \
-e BOT_USERNAME=@TestBot \
-e GITHUB_WEBHOOK_SECRET=test-secret \
-e GITHUB_TOKEN=test-token \
claude-github-webhook:test
# Wait for container to start
sleep 10
# Test health endpoint
curl -f http://localhost:3003/health || exit 1
# Cleanup
docker stop test-webhook
docker rm test-webhook
build-and-push:
name: Build & Push Images
runs-on: ubuntu-latest
needs: [test, security, docker]
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
permissions:
contents: read
packages: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=sha,prefix={{branch}}-
type=raw,value=latest,enable={{is_default_branch}}
- name: Build and push main image
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Build and push Claude Code image
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile.claudecode
push: true
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-claudecode:latest
cache-from: type=gha
cache-to: type=gha,mode=max
deploy:
name: Deploy to Staging
runs-on: ubuntu-latest
needs: [build-and-push]
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
environment: staging
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Deploy notification
run: |
echo "🚀 Deployment to staging would happen here"
echo "Image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest"
# Add actual deployment logic here (e.g., update Kubernetes, docker-compose, etc.)
Reference in New Issue View Git Blame Copy Permalink