Chris Farhood
78f5074818
Implements comprehensive workflow redesign addressing: - Non-deterministic builds → Fixed with consistent Node version and npm ci - Manual checksum management → Automated in publish workflow - Multiple artifact locations → Single source of truth (GitHub releases) - Individual file releases → Single tarball artifact - Artifact Hub mismatches → No rebuild risk, use released tarball Key improvements: - CI workflow: faster builds with npm cache, artifact verification - Publish workflow: deterministic builds, automatic checksum calculation, auto-commit of metadata updates, single tarball release - Branch protection: require PR review and passing CI before merge - Release process: simplified from manual to 5-minute automated workflow Documentation: - GIT_WORKFLOW.md: branching strategy, commit conventions, release process - RELEASE_GUIDE.md: detailed step-by-step release instructions - RELEASE_QUICK_REFERENCE.md: copy-paste commands for quick releases - CI_CD_DESIGN.md: technical architecture and design decisions - GITHUB_SETUP_CHECKLIST.md: repository configuration guide - WORKFLOW_OPTIMIZATION_SUMMARY.md: executive summary of changes Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
58 lines
1.4 KiB
YAML
58 lines
1.4 KiB
YAML
name: CI
|
|
|
|
on:
|
|
push:
|
|
branches: [ main ]
|
|
pull_request:
|
|
branches: [ main ]
|
|
|
|
jobs:
|
|
test:
|
|
runs-on: local-ubuntu-latest
|
|
timeout-minutes: 10
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '20'
|
|
cache: 'npm'
|
|
cache-dependency-path: headlamp-sealed-secrets/package-lock.json
|
|
|
|
- name: Install dependencies
|
|
working-directory: ./headlamp-sealed-secrets
|
|
run: npm ci
|
|
|
|
- name: Run type check
|
|
working-directory: ./headlamp-sealed-secrets
|
|
run: npm run tsc
|
|
|
|
- name: Run linter
|
|
working-directory: ./headlamp-sealed-secrets
|
|
run: npm run lint
|
|
|
|
- name: Build plugin
|
|
working-directory: ./headlamp-sealed-secrets
|
|
run: npm run build
|
|
|
|
- name: Verify build artifacts
|
|
working-directory: ./headlamp-sealed-secrets
|
|
run: |
|
|
if [ ! -d "dist" ] || [ -z "$(ls -A dist)" ]; then
|
|
echo "Error: dist directory is empty or missing"
|
|
exit 1
|
|
fi
|
|
echo "Build artifacts verified successfully"
|
|
ls -lh dist/
|
|
|
|
- name: Upload build artifact (for inspection)
|
|
uses: actions/upload-artifact@v4
|
|
if: always()
|
|
with:
|
|
name: plugin-dist
|
|
path: headlamp-sealed-secrets/dist/
|
|
retention-days: 7
|