ci: add required ci.yml workflow (closes #46)#82
Conversation
|
Warning Rate limit exceeded
Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 1 minutes and 4 seconds. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
|
@don-petry — PR #82 is ready for review. Self-review passed: SHA-pinned actions, |
There was a problem hiding this comment.
Pull request overview
Adds the required GitHub Actions CI workflow (.github/workflows/ci.yml) to satisfy the org compliance requirement from issue #46, with separate backend (Go) and frontend (Node/Expo) gates that are conditionally run based on ecosystem detection.
Changes:
- Introduces a
CIworkflow triggered onpush/pull_requesttomain, withpermissions: {}and concurrency cancellation. - Adds an ecosystem-detection job that conditionally enables backend/frontend jobs.
- Implements Go (lint/build/gqlgen validate/tests/coverage) and Node (tsc/eslint/prettier/codegen/jest+coverage) gates with SHA-pinned actions.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| if find . -name 'go.mod' -not -path '*/vendor/*' | grep -q .; then | ||
| echo "go=true" >> "$GITHUB_OUTPUT" | ||
| else | ||
| echo "go=false" >> "$GITHUB_OUTPUT" | ||
| fi | ||
|
|
||
| if find . -name 'package.json' -not -path '*/node_modules/*' | grep -q .; then |
There was a problem hiding this comment.
Ecosystem detection currently returns just booleans based on finding any go.mod / package.json anywhere in the repo. This can trigger backend/frontend jobs even when the only match is in an unrelated subdirectory (and the downstream jobs run commands from repo root), causing CI failures. Consider restricting detection to the expected project roots (e.g., markets-api/go.mod, markets-app/package.json) or outputting the detected directory path and using it as working-directory in subsequent jobs.
| if find . -name 'go.mod' -not -path '*/vendor/*' | grep -q .; then | |
| echo "go=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "go=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| if find . -name 'package.json' -not -path '*/node_modules/*' | grep -q .; then | |
| if [ -f ./go.mod ]; then | |
| echo "go=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "go=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| if [ -f ./package.json ]; then |
| - uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 | ||
| with: | ||
| go-version-file: go.mod | ||
| cache: true | ||
|
|
||
| - name: Lint | ||
| uses: golangci/golangci-lint-action@55c2c1448f86e01eaae002a5a3a9624417608d84 # v6 | ||
|
|
||
| - name: Build | ||
| run: go build ./cmd/api/ | ||
|
|
||
| - name: Validate GraphQL schema | ||
| run: go run github.com/99designs/gqlgen validate |
There was a problem hiding this comment.
Backend job assumes the Go module is at repo root (go-version-file: go.mod) and runs go build ./cmd/api/ from repo root. Per repo docs, the backend is intended to live under markets-api/, so this will fail once that layout is present. Update the job to run in the backend module directory (e.g., set defaults.run.working-directory: markets-api and point go-version-file at markets-api/go.mod, or compute the module dir from detect outputs).
| - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 | ||
| with: | ||
| node-version: lts/* | ||
| cache: npm | ||
|
|
||
| - name: Install dependencies | ||
| run: npm ci | ||
|
|
||
| - name: Type check | ||
| run: npx tsc --noEmit | ||
|
|
||
| - name: Lint | ||
| run: npx eslint . --max-warnings 0 | ||
|
|
||
| - name: Format check | ||
| run: npx prettier --check . | ||
|
|
||
| - name: GraphQL codegen check | ||
| run: npx graphql-codegen --check | ||
|
|
There was a problem hiding this comment.
Frontend job runs npm ci / npx ... from repo root, but repo docs describe the Expo app under markets-app/. As written, CI will fail when markets-app/package.json exists because npm ci will be executed in the wrong directory (and setup-node caching will also use the wrong lockfile). Set working-directory: markets-app (and cache-dependency-path: markets-app/package-lock.json if using setup-node cache) or derive the app dir from detect outputs.
|
|
||
| - name: Coverage check (≥80% line) | ||
| run: | | ||
| go test ./... -short -count=1 -coverprofile=coverage.out |
There was a problem hiding this comment.
Coverage gate is described in coding-standards.md as go test -coverprofile=coverage.out (no -short). Currently the workflow runs coverage with go test ./... -short ... -coverprofile=coverage.out, which may under-measure coverage compared to the documented CI gate. Align the command with the documented standard (or update the doc/justification if -short is intentionally required).
| go test ./... -short -count=1 -coverprofile=coverage.out | |
| go test ./... -count=1 -coverprofile=coverage.out |
| - name: Test + coverage (≥80% branch and line) | ||
| run: npx jest --ci --coverage --coverageThreshold='{"global":{"lines":80,"branches":80}}' |
There was a problem hiding this comment.
--coverageThreshold argument includes backslashes: --coverageThreshold='{"global":{"lines":80,"branches":80}}'. In bash, backslashes inside single quotes are literal, so Jest receives a string containing backslashes (invalid JSON) and will likely error. Remove the backslashes so the JSON passed to Jest is {"global":{"lines":80,"branches":80}} without any extra escaping.
Adds the required CI pipeline (coding-standards.md §7) with:
- Ecosystem detection (Go / Node) so jobs skip gracefully on empty trees
- Backend: golangci-lint, go build, gqlgen validate, unit + integration tests, ≥80% line coverage
- Frontend: tsc, eslint, prettier, graphql-codegen check, jest ≥80% branch+line coverage
- SHA-pinned actions, permissions: {} + per-job least-privilege, concurrency cancel
Closes #46
Co-authored-by: don-petry <don-petry@users.noreply.github.com>
don-petry
force-pushed
the
claude/issue-46-20260408-2243
branch
from
f7a4368 to
51242cd
Compare
|
Summary
.github/workflows/ci.ymlto resolve the compliance finding (issue Compliance: missing-ci.yml #46)CI gates included
Backend (Go — runs when
go.modis detected):golangci-lintstatic analysisgo build ./cmd/api/gqlgen validate(GraphQL schema)go test ./... -short)go test -tags=integration ./...)Frontend (Node/Expo — runs when
package.jsonis detected):tsc --noEmittype checkeslint . --max-warnings 0prettier --checkgraphql-codegen --checkjest --ci --coveragewith ≥80% branch and line thresholdStandards compliance
permissions: {}at top level with per-job least-privilege scopes (contents: read)concurrencyblock:group: ci-${{ github.ref }},cancel-in-progress: truegh api(not guessed)push+pull_requesttomainCloses #46
Generated with Claude Code