Refactor OpenRouter client, add UI helpers, and centralize errors #70
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| on: | |
| push: | |
| branches: [ main, develop ] | |
| pull_request: | |
| branches: [ main ] | |
| release: | |
| types: [ published ] | |
| env: | |
| NODE_VERSION: '20' | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| jobs: | |
| # Code quality and linting | |
| code-quality: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Run ESLint | |
| run: npm run lint | |
| - name: Type check | |
| run: npx tsc --noEmit | |
| # Unit and component tests | |
| test: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| node-version: ['18', '20', '22'] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Run unit tests | |
| run: npm run test | |
| env: | |
| # Provide empty env vars to prevent Redis connection attempts | |
| UPSTASH_REDIS_REST_URL: '' | |
| UPSTASH_REDIS_REST_TOKEN: '' | |
| - name: Upload test results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: test-results-node-${{ matrix.node-version }} | |
| path: | | |
| coverage/ | |
| test-results/ | |
| # E2E tests with Playwright | |
| e2e: | |
| runs-on: ubuntu-latest | |
| needs: [code-quality] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Install Playwright browsers | |
| run: npx playwright install --with-deps chromium | |
| - name: Build application | |
| run: npm run build | |
| env: | |
| UPSTASH_REDIS_REST_URL: '' | |
| UPSTASH_REDIS_REST_TOKEN: '' | |
| - name: Run E2E tests | |
| run: npm run test:e2e | |
| env: | |
| UPSTASH_REDIS_REST_URL: '' | |
| UPSTASH_REDIS_REST_TOKEN: '' | |
| - name: Upload Playwright report | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: playwright-report | |
| path: playwright-report/ | |
| # Build verification | |
| build: | |
| runs-on: ubuntu-latest | |
| needs: [code-quality, test] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Build production bundle | |
| run: npm run build | |
| env: | |
| UPSTASH_REDIS_REST_URL: '' | |
| UPSTASH_REDIS_REST_TOKEN: '' | |
| - name: Upload build artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: build | |
| path: .next/ | |
| # Security scanning | |
| security: | |
| runs-on: ubuntu-latest | |
| needs: [code-quality] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Run npm audit | |
| run: npm audit --audit-level=high | |
| continue-on-error: true | |
| - name: Check for known vulnerabilities | |
| run: npx better-npm-audit audit --level high | |
| continue-on-error: true | |
| # Docker build (on main branch only) | |
| docker: | |
| runs-on: ubuntu-latest | |
| needs: [build, test, e2e] | |
| if: github.ref == 'refs/heads/main' || github.event_name == 'release' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to Container Registry | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=sha,prefix={{branch}}- | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| - name: Build Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Run Docker security scan | |
| uses: aquasecurity/trivy-action@master | |
| with: | |
| image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }} | |
| format: 'sarif' | |
| output: 'trivy-results.sarif' | |
| continue-on-error: true | |
| - name: Upload Trivy scan results | |
| uses: github/codeql-action/upload-sarif@v2 | |
| if: always() | |
| with: | |
| sarif_file: 'trivy-results.sarif' | |
| continue-on-error: true | |
| # Deploy staging (on main branch) | |
| deploy-staging: | |
| runs-on: ubuntu-latest | |
| needs: [docker] | |
| if: github.ref == 'refs/heads/main' | |
| environment: staging | |
| steps: | |
| - name: Deploy to staging | |
| run: | | |
| echo "Deploying to staging environment..." | |
| echo "Image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:main-${{ github.sha }}" | |
| # Add actual deployment commands here (e.g., Vercel, Railway, etc.) | |
| # Deploy production (on release) | |
| deploy-production: | |
| runs-on: ubuntu-latest | |
| needs: [docker] | |
| if: github.event_name == 'release' | |
| environment: production | |
| steps: | |
| - name: Deploy to production | |
| run: | | |
| echo "Deploying to production environment..." | |
| echo "Image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name }}" | |
| # Add actual deployment commands here |