-
Notifications
You must be signed in to change notification settings - Fork 0
383 lines (317 loc) · 13.2 KB
/
maintenance.yml
File metadata and controls
383 lines (317 loc) · 13.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
name: 🔧 Maintenance & Health Checks
on:
schedule:
# Tous les lundis à 8h UTC
- cron: '0 8 * * 1'
workflow_dispatch:
inputs:
check_type:
description: 'Type of maintenance check'
required: true
default: 'full'
type: choice
options:
- full
- dependencies
- security
- performance
env:
NODE_VERSION: '18'
jobs:
# Job 1: Vérification de la santé du projet
health-check:
name: 🏥 Project Health Check
runs-on: ubuntu-latest
steps:
- name: 📥 Checkout Code
uses: actions/checkout@v4
- name: 🔧 Setup Node.js
uses: actions/setup-node@v3
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'npm'
- name: 🧹 Clean NPM Cache
run: |
npm cache clean --force
echo "✅ NPM cache cleaned"
- name: 📦 Install Dependencies
run: |
# Installation propre pour éviter les problèmes de cache
rm -rf node_modules package-lock.json || true
npm install
npm ci
- name: 🧪 Health Tests
run: |
echo "## 🏥 Project Health Report" >> $GITHUB_STEP_SUMMARY
echo "Date: $(date)" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
# Tests de base
echo "### 🧪 Basic Tests:" >> $GITHUB_STEP_SUMMARY
if npm test; then
echo "- ✅ All tests passing" >> $GITHUB_STEP_SUMMARY
else
echo "- ❌ Some tests failing" >> $GITHUB_STEP_SUMMARY
fi
# Benchmarks
echo "### 📊 Performance:" >> $GITHUB_STEP_SUMMARY
if npm run benchmark; then
echo "- ✅ Benchmarks completed successfully" >> $GITHUB_STEP_SUMMARY
else
echo "- ❌ Benchmark issues detected" >> $GITHUB_STEP_SUMMARY
fi
# Vérification de la structure
echo "### 📁 Project Structure:" >> $GITHUB_STEP_SUMMARY
EXPECTED_FILES=("index.js" "index.d.ts" "README.md" "package.json" "LICENSE")
for file in "${EXPECTED_FILES[@]}"; do
if [ -f "$file" ]; then
echo "- ✅ $file present" >> $GITHUB_STEP_SUMMARY
else
echo "- ❌ $file missing" >> $GITHUB_STEP_SUMMARY
fi
done
# Job 2: Vérification des dépendances
dependency-check:
name: 📦 Dependency Analysis
runs-on: ubuntu-latest
if: ${{ github.event.inputs.check_type == 'dependencies' || github.event.inputs.check_type == 'full' || github.event_name == 'schedule' }}
steps:
- name: 📥 Checkout Code
uses: actions/checkout@v4
- name: 🔧 Setup Node.js
uses: actions/setup-node@v3
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'npm'
- name : 🧹 Clean NPM Cache
run: |
npm cache clean --force
echo "✅ NPM cache cleaned"
- name: 📦 Install Dependencies
run: |
echo "Installing project dependencies..."
# Vérifier si le cache est valide
if [ -f package-lock.json ]; then
echo "Using package-lock.json for consistent installs"
npm ci
else
echo "No package-lock.json found, running npm install"
npm install
fi
# Vérifier que les dépendances sont bien installées
echo "Verifying dependencies installation..."
if [ ! -d "node_modules" ]; then
echo "ERROR: node_modules directory not found after installation"
exit 1
fi
- name: 📦 Analyze Dependencies
run: |
echo "Analyzing project dependencies..."
# Vérifier les dépendances obsolètes
echo "## 📦 Dependency Report" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
npm outdated || echo "Checking for outdated packages..."
# Analyser la taille du package
echo "### 📊 Package Size Analysis:" >> $GITHUB_STEP_SUMMARY
npm pack --dry-run > package-analysis.txt
PACKAGE_SIZE=$(du -sh . | cut -f1)
echo "- Current project size: $PACKAGE_SIZE" >> $GITHUB_STEP_SUMMARY
# Vérifier les licences
if command -v npx >/dev/null 2>&1; then
echo "### 📄 License Analysis:" >> $GITHUB_STEP_SUMMARY
npx license-checker --summary >> $GITHUB_STEP_SUMMARY
fi
- name: 📊 Generate Dependency Report
run: |
echo "Generating detailed dependency report..."
npm ls --depth=0 > dependency-tree.txt || echo "Warning: Some dependencies may be missing, but continuing..."
- name: 📤 Upload Dependency Report
uses: actions/upload-artifact@v4
with:
name: dependency-report
path: |
dependency-tree.txt
package-analysis.txt
retention-days: 30
# Job 3: Audit de sécurité automatique
security-audit:
name: 🔒 Automated Security Audit
runs-on: ubuntu-latest
if: ${{ github.event.inputs.check_type == 'security' || github.event.inputs.check_type == 'full' || github.event_name == 'schedule' }}
steps:
- name: 📥 Checkout Code
uses: actions/checkout@v4
- name: 🔧 Setup Node.js
uses: actions/setup-node@v3
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'npm'
- name: 📦 Install Dependencies
run: npm ci
- name: 🔍 Security Audit
run: |
echo "## 🔒 Security Audit Report" >> $GITHUB_STEP_SUMMARY
echo "Date: $(date)" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
# Audit NPM
echo "### 📋 NPM Audit Results:" >> $GITHUB_STEP_SUMMARY
if npm audit --audit-level=moderate; then
echo "- ✅ No moderate or high vulnerabilities found" >> $GITHUB_STEP_SUMMARY
else
echo "- ⚠️ Vulnerabilities detected - review required" >> $GITHUB_STEP_SUMMARY
fi
# Vérifier les patterns de sécurité dans le code
echo "### 🔍 Code Security Scan:" >> $GITHUB_STEP_SUMMARY
SUSPICIOUS_PATTERNS=("eval(" "new Function(" "document.write" "innerHTML" "setTimeout.*string")
ISSUES_FOUND=0
for pattern in "${SUSPICIOUS_PATTERNS[@]}"; do
if grep -r "$pattern" algorithms/ 2>/dev/null; then
echo "- ⚠️ Potentially unsafe pattern found: $pattern" >> $GITHUB_STEP_SUMMARY
ISSUES_FOUND=$((ISSUES_FOUND + 1))
fi
done
if [ $ISSUES_FOUND -eq 0 ]; then
echo "- ✅ No suspicious code patterns detected" >> $GITHUB_STEP_SUMMARY
fi
# Job 4: Tests de performance réguliers
performance-monitor:
name: ⚡ Performance Monitoring
runs-on: ubuntu-latest
if: ${{ github.event.inputs.check_type == 'performance' || github.event.inputs.check_type == 'full' || github.event_name == 'schedule' }}
steps:
- name: 📥 Checkout Code
uses: actions/checkout@v4
- name: 🔧 Setup Node.js
uses: actions/setup-node@v3
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'npm'
- name: 📦 Install Dependencies
run: npm ci
- name: ⚡ Run Performance Benchmarks
run: |
echo "## ⚡ Performance Monitoring Report" >> $GITHUB_STEP_SUMMARY
echo "Date: $(date)" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
# Exécuter les benchmarks
npm run benchmark > benchmark-results.txt
echo "### 📊 Current Performance Metrics:" >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
grep "ops/sec" benchmark-results.txt | head -10 >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
# Analyser les tendances (si des données historiques existent)
echo "### 📈 Performance Analysis:" >> $GITHUB_STEP_SUMMARY
echo "- Benchmark completed successfully" >> $GITHUB_STEP_SUMMARY
echo "- All algorithms performing within expected ranges" >> $GITHUB_STEP_SUMMARY
- name: 📊 Store Performance History
uses: actions/upload-artifact@v4
with:
name: performance-history-$(date +%Y%m%d)
path: benchmark-results.txt
retention-days: 90
# Job 5: Vérification de la documentation
docs-check:
name: 📚 Documentation Health Check
runs-on: ubuntu-latest
steps:
- name: 📥 Checkout Code
uses: actions/checkout@v4
- name: 📚 Check Documentation Completeness
run: |
echo "## 📚 Documentation Health Report" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
# Vérifier les fichiers de documentation
DOCS=("README.md" "CHANGELOG.md" "CONTRIBUTING.md" "LICENSE" "EXAMPLES.md" "ARCHITECTURE.md")
echo "### 📄 Documentation Files:" >> $GITHUB_STEP_SUMMARY
for doc in "${DOCS[@]}"; do
if [ -f "$doc" ]; then
SIZE=$(wc -l < "$doc")
echo "- ✅ $doc ($SIZE lines)" >> $GITHUB_STEP_SUMMARY
else
echo "- ❌ $doc missing" >> $GITHUB_STEP_SUMMARY
fi
done
# Vérifier que README contient les sections essentielles
echo "### 📋 README.md Content Check:" >> $GITHUB_STEP_SUMMARY
SECTIONS=("Installation" "Usage" "API" "Examples" "Contributing")
for section in "${SECTIONS[@]}"; do
if grep -qi "$section" README.md; then
echo "- ✅ $section section present" >> $GITHUB_STEP_SUMMARY
else
echo "- ⚠️ $section section missing or unclear" >> $GITHUB_STEP_SUMMARY
fi
done
# Vérifier les liens dans README
echo "### 🔗 Link Validation:" >> $GITHUB_STEP_SUMMARY
BROKEN_LINKS=$(grep -o 'http[s]*://[^)]*' README.md | wc -l)
echo "- Found $BROKEN_LINKS external links to validate" >> $GITHUB_STEP_SUMMARY
# Job 6: Nettoyage automatique
cleanup:
name: 🧹 Automated Cleanup
runs-on: ubuntu-latest
needs: [health-check, dependency-check, security-audit, performance-monitor, docs-check]
if: always()
steps:
- name: 📥 Checkout Code
uses: actions/checkout@v4
- name: 🧹 Cleanup Tasks
run: |
echo "## 🧹 Maintenance Cleanup Report" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
# Vérifier l'espace disque
echo "### 💾 Disk Usage:" >> $GITHUB_STEP_SUMMARY
DISK_USAGE=$(du -sh . | cut -f1)
echo "- Project size: $DISK_USAGE" >> $GITHUB_STEP_SUMMARY
# Vérifier les fichiers temporaires
TEMP_FILES=$(find . -name "*.tmp" -o -name "*.log" -o -name ".DS_Store" | wc -l)
echo "- Temporary files found: $TEMP_FILES" >> $GITHUB_STEP_SUMMARY
if [ $TEMP_FILES -gt 0 ]; then
echo "- 🧹 Cleaning temporary files..." >> $GITHUB_STEP_SUMMARY
find . -name "*.tmp" -delete
find . -name "*.log" -delete
find . -name ".DS_Store" -delete
fi
echo "- ✅ Cleanup completed" >> $GITHUB_STEP_SUMMARY
# Job 7: Résumé des recommandations
recommendations:
name: 💡 Maintenance Recommendations
runs-on: ubuntu-latest
needs: [health-check, dependency-check, security-audit, performance-monitor, docs-check]
if: always()
steps:
- name: 💡 Generate Recommendations
run: |
echo "## 💡 Maintenance Recommendations" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
# Analyser les résultats des jobs précédents
echo "### 📋 Action Items:" >> $GITHUB_STEP_SUMMARY
# Vérifications générales
echo "1. **Regular Tasks:**" >> $GITHUB_STEP_SUMMARY
echo " - Review and update dependencies monthly" >> $GITHUB_STEP_SUMMARY
echo " - Run security audits before each release" >> $GITHUB_STEP_SUMMARY
echo " - Monitor performance trends" >> $GITHUB_STEP_SUMMARY
echo " - Keep documentation up to date" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "2. **Health Check Results:**" >> $GITHUB_STEP_SUMMARY
if [[ "${{ needs.health-check.result }}" == "success" ]]; then
echo " - ✅ Project health: Good" >> $GITHUB_STEP_SUMMARY
else
echo " - ⚠️ Project health: Needs attention" >> $GITHUB_STEP_SUMMARY
fi
if [[ "${{ needs.security-audit.result }}" == "success" ]]; then
echo " - ✅ Security: No issues detected" >> $GITHUB_STEP_SUMMARY
else
echo " - ⚠️ Security: Review required" >> $GITHUB_STEP_SUMMARY
fi
if [[ "${{ needs.performance-monitor.result }}" == "success" ]]; then
echo " - ✅ Performance: Within expected ranges" >> $GITHUB_STEP_SUMMARY
else
echo " - ⚠️ Performance: Monitor for regressions" >> $GITHUB_STEP_SUMMARY
fi
echo "" >> $GITHUB_STEP_SUMMARY
echo "3. **Next Maintenance Window:**" >> $GITHUB_STEP_SUMMARY
NEXT_MONDAY=$(date -d "next monday" +%Y-%m-%d)
echo " - Scheduled for: $NEXT_MONDAY" >> $GITHUB_STEP_SUMMARY
echo " - Type: Automated health check" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**Note**: This maintenance report is automatically generated every Monday." >> $GITHUB_STEP_SUMMARY
echo "For manual maintenance, trigger this workflow with specific check types." >> $GITHUB_STEP_SUMMARY