From 593d1e7d09861bfcab697bad44b867c0a918a530 Mon Sep 17 00:00:00 2001 From: Tboy123-emm Date: Tue, 26 May 2026 18:34:10 +0000 Subject: [PATCH] ci: fix duplicate frontend job and add all-tests gate for PR merges --- .github/workflows/ci.yml | 78 +++++++++++++++++++++++++--------------- 1 file changed, 49 insertions(+), 29 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 025d566..3c8488b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -33,6 +33,10 @@ jobs: working-directory: contracts run: make build + - name: Run contract tests + working-directory: contracts + run: cargo test + - name: Run contract tests with coverage working-directory: contracts run: | @@ -77,6 +81,10 @@ jobs: working-directory: backend run: npm ci + - name: Run tests + working-directory: backend + run: npm test + - name: Run tests with coverage working-directory: backend run: npm run test:coverage @@ -88,6 +96,17 @@ jobs: flags: backend token: ${{ secrets.CODECOV_TOKEN }} + - name: Dependency audit + working-directory: backend + run: npm audit --audit-level=high | tee audit-report.txt + + - name: Upload audit report + if: always() + uses: actions/upload-artifact@v4 + with: + name: backend-audit-report + path: backend/audit-report.txt + frontend: name: Node.js frontend runs-on: ubuntu-latest @@ -105,6 +124,10 @@ jobs: working-directory: frontend run: npm install --legacy-peer-deps + - name: Run tests + working-directory: frontend + run: npm test + - name: Run tests with coverage working-directory: frontend run: npm run test:coverage @@ -116,34 +139,6 @@ jobs: flags: frontend token: ${{ secrets.CODECOV_TOKEN }} - - name: Dependency audit - working-directory: backend - run: npm audit --audit-level=high | tee audit-report.txt - - - name: Upload audit report - if: always() - uses: actions/upload-artifact@v4 - with: - name: backend-audit-report - path: backend/audit-report.txt - - frontend: - name: Node.js frontend - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - name: Setup Node.js - uses: actions/setup-node@v4 - with: - node-version: 18 - cache: npm - cache-dependency-path: frontend/package-lock.json - - - name: Install dependencies - working-directory: frontend - run: npm ci - - name: Dependency audit working-directory: frontend run: npm audit --audit-level=high | tee audit-report.txt @@ -172,16 +167,21 @@ jobs: working-directory: python-service run: pip install -r requirements.txt - - name: Run tests with coverage + - name: Run tests working-directory: python-service run: pytest + - name: Run tests with coverage + working-directory: python-service + run: pytest --cov --cov-report=xml + - name: Upload Python Coverage to Codecov uses: codecov/codecov-action@v4 with: files: python-service/coverage.xml flags: python token: ${{ secrets.CODECOV_TOKEN }} + - name: Install pip-audit run: pip install pip-audit @@ -196,6 +196,26 @@ jobs: name: python-audit-report path: python-service/audit-report.txt + # Gate job: all test jobs must pass before a PR can be merged. + # Configure this job name ("All tests passed") as a required status check + # in Settings → Branches → Branch protection rules for `main`. + all-tests: + name: All tests passed + runs-on: ubuntu-latest + needs: [contract, backend, frontend, python] + if: always() + steps: + - name: Check all test jobs succeeded + run: | + if [[ "${{ needs.contract.result }}" != "success" || \ + "${{ needs.backend.result }}" != "success" || \ + "${{ needs.frontend.result }}" != "success" || \ + "${{ needs.python.result }}" != "success" ]]; then + echo "One or more test jobs failed." + exit 1 + fi + echo "All test jobs passed." + docker: name: Docker build validation runs-on: ubuntu-latest