name: CI on: push: branches: [ main, develop ] pull_request: branches: [ main, develop ] jobs: test: name: Run Tests runs-on: ubuntu-latest strategy: matrix: node-version: [18.x, 20.x] services: mongodb: image: mongo:7 ports: - 27017:27017 options: >- --health-cmd "mongosh --eval 'db.runCommand({ping:1})'" --health-interval 10s --health-timeout 5s --health-retries 5 steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup Node.js ${{ matrix.node-version }} uses: actions/setup-node@v4 with: node-version: ${{ matrix.node-version }} cache: 'npm' - name: Install dependencies run: npm ci - name: Run unit tests run: npm run test:unit env: NODE_ENV: test - name: Run integration tests run: npm run test:integration env: NODE_ENV: test MONGODB_URI: mongodb://localhost:27017/tractatus_test MONGODB_DB: tractatus_test JWT_SECRET: test_secret_for_ci ADMIN_EMAIL: admin@tractatus.test STRIPE_SECRET_KEY: sk_test_fake_for_ci_only lint: name: Lint Code runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: 20.x cache: 'npm' - name: Install dependencies run: npm ci - name: Run linter run: npm run lint continue-on-error: true csp-check: name: CSP Compliance Check runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: 20.x cache: 'npm' - name: Install dependencies run: npm ci - name: Check HTML files for CSP violations run: | echo "Checking for inline event handlers..." ! grep -r "onclick=" public/*.html ! grep -r "onchange=" public/*.html ! grep -r "onload=" public/*.html echo "Checking for inline scripts..." ! grep -r "