From fa401afecfdd682aa26ce68a579745d6a25f2b72 Mon Sep 17 00:00:00 2001 From: Chris Farhood Date: Thu, 26 Feb 2026 17:14:04 +0000 Subject: [PATCH] ci: overhaul CI and Release workflows Split CI into parallel lint/typecheck/test jobs with build gating on all three. Add JUnit test reporter for PR visibility. Bump Node 20 to 22. Replace inline npx commands with npm run scripts. Add CI gate and concurrency control to Release workflow. Harden tarball validation. Co-Authored-By: Claude Opus 4.6 --- .github/workflows/ci.yaml | 66 +++++++++++++++++++++++----------- .github/workflows/release.yaml | 40 +++++++++++++++------ 2 files changed, 75 insertions(+), 31 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index d84de21..9e57e30 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -7,31 +7,57 @@ on: branches: [main] jobs: - lint-and-test: + lint: runs-on: ubuntu-latest timeout-minutes: 10 - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Setup Node.js - uses: actions/setup-node@v4 + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: - node-version: '20' + node-version: '22' cache: 'npm' + - run: npm ci + - run: npm run lint - - name: Install dependencies - run: npm ci + typecheck: + runs-on: ubuntu-latest + timeout-minutes: 10 + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: '22' + cache: 'npm' + - run: npm ci + - run: npm run tsc - - name: Build plugin - run: npx @kinvolk/headlamp-plugin build + test: + runs-on: ubuntu-latest + timeout-minutes: 10 + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: '22' + cache: 'npm' + - run: npm ci + - run: npx vitest run --reporter=default --reporter=junit --outputFile=test-results.xml + - uses: dorny/test-reporter@v1 + if: always() + with: + name: Test Results + path: test-results.xml + reporter: java-junit - - name: Lint - run: npx eslint --ext .ts,.tsx src/ - - - name: Type-check - run: npx tsc --noEmit - - - name: Run unit tests - run: npm test + build: + runs-on: ubuntu-latest + timeout-minutes: 10 + needs: [lint, typecheck, test] + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: '22' + cache: 'npm' + - run: npm ci + - run: npm run build diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 9926d66..bf2ebdc 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -8,9 +8,28 @@ on: required: true type: string +concurrency: + group: release + cancel-in-progress: false + jobs: + ci: + runs-on: ubuntu-latest + timeout-minutes: 10 + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: '22' + cache: 'npm' + - run: npm ci + - run: npm run lint + - run: npm run tsc + - run: npm test + release: runs-on: ubuntu-latest + needs: [ci] permissions: contents: write steps: @@ -45,27 +64,26 @@ jobs: - name: Setup Node.js uses: actions/setup-node@v4 with: - node-version: '20' + node-version: '22' cache: 'npm' - name: Install dependencies run: npm ci - name: Build plugin - run: npx @kinvolk/headlamp-plugin build + run: npm run build - name: Package plugin run: npx @kinvolk/headlamp-plugin package - - name: Validate tarball name + - name: Validate tarball run: | EXPECTED="headlamp-tns-csi-plugin-${{ inputs.version }}.tar.gz" - ACTUAL=$(ls *.tar.gz) - if [ "$EXPECTED" != "$ACTUAL" ]; then - echo "::error::Tarball name mismatch! Expected: $EXPECTED, Got: $ACTUAL" + if [ ! -f "$EXPECTED" ]; then + echo "::error::Expected tarball not found: $EXPECTED" exit 1 fi - echo "✓ Tarball name validated: $ACTUAL" + echo "Tarball validated: $EXPECTED" - name: Compute checksum id: compute_checksum @@ -105,7 +123,7 @@ jobs: - name: Summary run: | - echo "✓ Version bumped to ${{ inputs.version }}" - echo "✓ Metadata updated with checksum sha256:${{ steps.compute_checksum.outputs.checksum }}" - echo "✓ Tag v${{ inputs.version }} created" - echo "✓ GitHub release published with tarball" + echo "Version bumped to ${{ inputs.version }}" + echo "Metadata updated with checksum sha256:${{ steps.compute_checksum.outputs.checksum }}" + echo "Tag v${{ inputs.version }} created" + echo "GitHub release published with tarball"