This directory contains GitHub Actions workflows for CI/CD, testing, and deployment.
Trigger: Push/PR to main, develop branches Purpose: Automated testing, linting, security scanning, and Docker builds
Jobs:
- lint-and-test: Runs ESLint and unit tests for both client and server
- security-scan: Trivy vulnerability scanning and npm audit
- build-docker: Builds and pushes Docker images to GitHub Container Registry
- integration-test: Full stack testing with PostgreSQL
- deploy-staging: Automatic deployment to staging (develop branch)
- deploy-production: Automatic deployment to production (main branch)
Trigger: Manual dispatch or release publication Purpose: Controlled deployment to staging or production
Features:
- Environment selection (staging/production)
- Version specification
- AWS integration
- Rollback on failure
- Post-deployment validation
Trigger: Push/PR to main/master, scheduled weekly Purpose: REST API security scanning using 42Crunch
Requirements:
API_TOKENsecret must be configured- OpenAPI specification files must be present
Configure these in GitHub repository settings β Secrets and variables β Actions:
AWS_ACCESS_KEY_ID=your_aws_access_key
AWS_SECRET_ACCESS_KEY=your_aws_secret_keyAPI_TOKEN=your_42crunch_api_tokenConfigure these in GitHub repository settings β Secrets and variables β Actions β Variables:
AWS_REGION=us-east-1- Go to Settings β Environments
- Create
stagingandproductionenvironments - Configure protection rules:
- Staging: No restrictions (auto-deploy from develop)
- Production: Required reviewers, restrict to main branch
- Push to develop: Triggers CI β Build β Deploy to staging
- Push to main: Triggers CI β Build β Deploy to production
- Pull requests: Triggers CI β Tests and security scans
- Go to Actions tab in GitHub
- Select "Deploy Application" workflow
- Click "Run workflow"
- Choose environment and version
- Click "Run workflow"
- Check Actions tab for workflow status
- Review logs for each job
- Monitor deployment environments
- Check health endpoints post-deployment
Add these to your README.md:
[](https://github.com/yourusername/Tabsur/actions/workflows/ci.yml)
[](https://github.com/yourusername/Tabsur/actions/workflows/crunch42-analysis.yml)- Create new environment in repository settings
- Update
deploy.ymlworkflow - Add environment-specific configuration
Modify the deployment jobs in workflows to:
- Use your specific infrastructure (AWS ECS, Kubernetes, etc.)
- Add custom health checks
- Integrate with monitoring tools
- Configure notification systems
Update test jobs to:
- Add more test types (e2e, performance)
- Configure test databases
- Add code coverage requirements
- Integrate with external testing services
Solution: Ensure all required secrets are configured in repository settings
Solution: Check Dockerfile syntax and build context
Solution: Ensure consistent Node.js versions and environment variables
Solution:
- Verify API_TOKEN is correctly configured
- Ensure 42Crunch account is active
- Check OpenAPI files are present
Solution:
- Check AWS credentials and permissions
- Verify environment variables are set
- Review deployment logs for specific errors
- Check workflow logs in Actions tab
- Enable debug logging: Set
ACTIONS_RUNNER_DEBUGsecret totrue - Review individual job steps
- Check repository permissions and secrets
For workflow issues:
- Check this documentation
- Review GitHub Actions documentation
- Check repository issues
- Contact development team