This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| on: | |
| push: | |
| branches: [master, geliştirme] | |
| pull_request: | |
| branches: [master, geliştirme] | |
| jobs: | |
| # Type checking and linting | |
| quality-check: | |
| name: Code Quality & Type Check | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20.18.1' | |
| cache: 'npm' | |
| cache-dependency-path: platform/package-lock.json | |
| - name: Install dependencies | |
| working-directory: ./platform | |
| run: npm ci | |
| - name: TypeScript type check | |
| working-directory: ./platform | |
| run: npm run type-check | |
| - name: Lint check | |
| working-directory: ./platform | |
| run: npm run lint --if-present | |
| # Build verification | |
| build: | |
| name: Build Verification | |
| runs-on: ubuntu-latest | |
| needs: quality-check | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20.18.1' | |
| cache: 'npm' | |
| cache-dependency-path: platform/package-lock.json | |
| - name: Install dependencies | |
| working-directory: ./platform | |
| run: npm ci | |
| - name: Build application | |
| working-directory: ./platform | |
| run: npm run build | |
| env: | |
| NODE_ENV: production | |
| - name: Upload build artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: build-output | |
| path: platform/out/ | |
| retention-days: 7 | |
| # Security scanning | |
| security: | |
| name: Security Scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Run npm audit | |
| working-directory: ./platform | |
| run: npm audit --audit-level=high | |
| continue-on-error: true | |
| - name: Run Trivy vulnerability scanner | |
| uses: aquasecurity/trivy-action@master | |
| with: | |
| scan-type: 'fs' | |
| scan-ref: './platform' | |
| severity: 'HIGH,CRITICAL' | |
| # Performance testing | |
| lighthouse: | |
| name: Lighthouse Performance | |
| runs-on: ubuntu-latest | |
| needs: build | |
| if: github.event_name == 'pull_request' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20.18.1' | |
| - name: Install dependencies | |
| working-directory: ./platform | |
| run: npm ci | |
| - name: Build application | |
| working-directory: ./platform | |
| run: npm run build | |
| - name: Run Lighthouse CI | |
| uses: treosh/lighthouse-ci-action@v10 | |
| with: | |
| urls: | | |
| http://localhost:3000 | |
| http://localhost:3000/ai-music-detection | |
| http://localhost:3000/data-manipulation | |
| uploadArtifacts: true | |
| temporaryPublicStorage: true | |
| # Deploy to production | |
| deploy: | |
| name: Deploy to Production | |
| runs-on: ubuntu-latest | |
| needs: [quality-check, build, security] | |
| if: github.ref == 'refs/heads/master' && github.event_name == 'push' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Deploy to Netlify | |
| uses: nwtgck/[email protected] | |
| with: | |
| publish-dir: './platform/out' | |
| production-branch: master | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| deploy-message: 'Deploy from GitHub Actions' | |
| enable-pull-request-comment: true | |
| enable-commit-comment: true | |
| env: | |
| NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} | |
| NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }} | |
| timeout-minutes: 10 |