name: Crawlful Hub CI/CD Pipeline on: push: branches: - main - develop - 'release/*' pull_request: branches: - main - develop env: NODE_VERSION: '18.x' NODE_OPTIONS: '--max-old-space-size=4096' jobs: lint: name: Lint & Type Check runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' cache-dependency-path: '**/package-lock.json' - name: Install dependencies run: | npm ci cd server && npm ci cd ../dashboard && npm ci cd ../extension && npm ci - name: Run ESLint run: npm run lint --if-present - name: Run TypeScript check run: | cd server && npx tsc --noEmit --skipLibCheck cd ../dashboard && npx tsc --noEmit --skipLibCheck test: name: Unit Tests runs-on: ubuntu-latest needs: lint steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' - name: Install dependencies run: | npm ci cd server && npm ci - name: Run tests run: cd server && npm test --if-present env: NODE_ENV: test DB_HOST: localhost REDIS_HOST: localhost build: name: Build runs-on: ubuntu-latest needs: test steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' - name: Install dependencies run: | npm ci cd server && npm ci cd ../dashboard && npm ci cd ../extension && npm ci - name: Build server run: cd server && npm run build --if-present - name: Build dashboard run: cd dashboard && npm run build --if-present - name: Build extension run: cd extension && npm run build --if-present - name: Upload artifacts uses: actions/upload-artifact@v4 with: name: build-artifacts path: | server/dist dashboard/dist extension/dist retention-days: 7 security-scan: name: Security Scan runs-on: ubuntu-latest needs: lint steps: - name: Checkout code uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@master with: scan-type: 'fs' scan-ref: '.' format: 'table' exit-code: '0' ignore-unfixed: true severity: 'CRITICAL,HIGH' - name: Run npm audit run: | npm audit --audit-level=high || true cd server && npm audit --audit-level=high || true continue-on-error: true deploy-staging: name: Deploy to Staging runs-on: ubuntu-latest needs: [build, security-scan] if: github.ref == 'refs/heads/develop' environment: name: staging url: https://staging.crawlful-hub.com steps: - name: Checkout code uses: actions/checkout@v4 - name: Download artifacts uses: actions/download-artifact@v4 with: name: build-artifacts - name: Deploy to staging run: | echo "Deploying to staging environment..." echo "This is a placeholder for actual deployment steps" env: DEPLOY_ENV: staging deploy-production: name: Deploy to Production runs-on: ubuntu-latest needs: [build, security-scan] if: github.ref == 'refs/heads/main' environment: name: production url: https://crawlful-hub.com steps: - name: Checkout code uses: actions/checkout@v4 - name: Download artifacts uses: actions/download-artifact@v4 with: name: build-artifacts - name: Deploy to production run: | echo "Deploying to production environment..." echo "This is a placeholder for actual deployment steps" env: DEPLOY_ENV: production - name: Notify deployment run: | echo "Production deployment completed" echo "Version: ${{ github.sha }}" notify: name: Notify runs-on: ubuntu-latest needs: [deploy-staging, deploy-production] if: always() steps: - name: Send notification run: | echo "Pipeline completed with status: ${{ job.status }}" echo "Branch: ${{ github.ref_name }}" echo "Commit: ${{ github.sha }}"