Skip to content

Feature/qol improve #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
bubunyo merged 4 commits into from
Aug 9, 2025
Merged

Feature/qol improve #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
f6d354f
update read me
bubunyo Aug 9, 2025
2bf6fad
add quality of life improvments
bubunyo Aug 9, 2025
20439fa
pause security audits
bubunyo Aug 9, 2025
7a03dfe
pause security audits
bubunyo Aug 9, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
122 changes: 122 additions & 0 deletions .github/workflows/coverage.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,122 @@
name: Coverage

on:
push:
branches: [main, master]

jobs:
coverage:
runs-on: ubuntu-latest

services:
postgres:
image: postgres:15
env:
POSTGRES_DB: que_test
POSTGRES_USER: que_user
POSTGRES_PASSWORD: que_password
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 5432:5432

steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Use Node.js 20.x
uses: actions/setup-node@v4
with:
node-version: 20.x
cache: 'npm'

- name: Install dependencies
run: npm ci

- name: Set up database schema
run: |
PGPASSWORD=que_password psql -h localhost -U que_user -d que_test -f migrations/schema.sql
env:
PGPASSWORD: que_password

- name: Run tests with coverage
run: npm run test:coverage
env:
TEST_DB_HOST: localhost
TEST_DB_PORT: 5432
TEST_DB_NAME: que_test
TEST_DB_USER: que_user
TEST_DB_PASSWORD: que_password
TEST_DB_SSL: false

- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@v3
with:
file: ./coverage/lcov.info
flags: unittests
name: codecov-umbrella
fail_ci_if_error: false

- name: Generate coverage summary
id: coverage
run: |
coverage_percent=$(grep -o 'Lines.*[0-9]*\.[0-9]*%' coverage/lcov-report/index.html | grep -o '[0-9]*\.[0-9]*%' || echo "Unknown")
echo "coverage_percent=$coverage_percent" >> $GITHUB_OUTPUT

# Extract detailed coverage info
total_lines=$(grep -o 'Lines.*[0-9]*\/[0-9]*' coverage/lcov-report/index.html | grep -o '[0-9]*\/[0-9]*' | tail -1 || echo "0/0")
total_functions=$(grep -o 'Functions.*[0-9]*\/[0-9]*' coverage/lcov-report/index.html | grep -o '[0-9]*\/[0-9]*' | tail -1 || echo "0/0")
total_branches=$(grep -o 'Branches.*[0-9]*\/[0-9]*' coverage/lcov-report/index.html | grep -o '[0-9]*\/[0-9]*' | tail -1 || echo "0/0")

echo "total_lines=$total_lines" >> $GITHUB_OUTPUT
echo "total_functions=$total_functions" >> $GITHUB_OUTPUT
echo "total_branches=$total_branches" >> $GITHUB_OUTPUT

- name: Find existing coverage comment
if: github.event_name == 'pull_request'
uses: peter-evans/find-comment@v2
id: find-comment
with:
issue-number: ${{ github.event.pull_request.number }}
comment-author: 'github-actions[bot]'
body-includes: '## 📊 Coverage Report'

- name: Create or update coverage comment
if: github.event_name == 'pull_request'
uses: peter-evans/create-or-update-comment@v3
with:
comment-id: ${{ steps.find-comment.outputs.comment-id }}
issue-number: ${{ github.event.pull_request.number }}
edit-mode: replace
body: |
## 📊 Coverage Report

**Overall Coverage**: ${{ steps.coverage.outputs.coverage_percent }}

### Detailed Coverage
| Type | Coverage |
|------|----------|
| **Lines** | ${{ steps.coverage.outputs.total_lines }} |
| **Functions** | ${{ steps.coverage.outputs.total_functions }} |
| **Branches** | ${{ steps.coverage.outputs.total_branches }} |

### Files Tested
- ✅ `src/client.ts` - Job enqueueing and locking
- ✅ `src/worker.ts` - Job processing and error handling
- ✅ `src/job.ts` - Job instance methods
- ✅ `src/utils.ts` - Utility functions and retry logic
- ✅ `src/types.ts` - Type definitions

### Test Summary
- **Total Test Suites**: 3
- **Total Tests**: 16
- **Database Integration**: PostgreSQL with advisory locks
- **Test Categories**: Unit tests, integration tests, error handling

📈 [View detailed coverage report on Codecov](https://codecov.io/gh/${{ github.repository }})

---
*Updated automatically by GitHub Actions*
96 changes: 96 additions & 0 deletions .github/workflows/pr-summary.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,96 @@
name: PR Summary

on:
pull_request:
types: [opened, synchronize, reopened]

jobs:
pr-summary:
runs-on: ubuntu-latest
needs: [] # Will depend on other workflows completing

steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Wait for other workflows
uses: lewagon/[email protected]
with:
ref: ${{ github.event.pull_request.head.sha }}
check-name: 'test'
repo-token: ${{ secrets.GITHUB_TOKEN }}
wait-interval: 10

- name: Get workflow run results
id: workflow-results
uses: actions/github-script@v7
with:
script: |
const { data: runs } = await github.rest.actions.listWorkflowRunsForRepo({
owner: context.repo.owner,
repo: context.repo.repo,
head_sha: context.payload.pull_request.head.sha,
});

const testRun = runs.workflow_runs.find(run => run.name === 'Test');
const securityRun = runs.workflow_runs.find(run => run.name === 'Security');

const testStatus = testRun ? testRun.conclusion : 'pending';
const securityStatus = securityRun ? securityRun.conclusion : 'pending';

core.setOutput('test_status', testStatus);
core.setOutput('security_status', securityStatus);

- name: Find existing summary comment
uses: peter-evans/find-comment@v2
id: find-summary
with:
issue-number: ${{ github.event.pull_request.number }}
comment-author: 'github-actions[bot]'
body-includes: '## 🎯 PR Summary Dashboard'

- name: Create or update PR summary
uses: peter-evans/create-or-update-comment@v3
with:
comment-id: ${{ steps.find-summary.outputs.comment-id }}
issue-number: ${{ github.event.pull_request.number }}
edit-mode: replace
body: |
## 🎯 PR Summary Dashboard

### 🔄 CI/CD Status
| Check | Status | Details |
|-------|--------|---------|
| **Tests** | ${{ steps.workflow-results.outputs.test_status == 'success' && '✅ Passed' || steps.workflow-results.outputs.test_status == 'failure' && '❌ Failed' || '🟡 Running' }} | Node.js 18.x, 20.x, 22.x |
| **Security** | ${{ steps.workflow-results.outputs.security_status == 'success' && '✅ Secure' || steps.workflow-results.outputs.security_status == 'failure' && '❌ Issues Found' || '🟡 Scanning' }} | Dependencies & vulnerabilities |
| **Build** | ${{ steps.workflow-results.outputs.test_status == 'success' && '✅ Built' || '🟡 Pending' }} | TypeScript compilation |
| **Package** | ${{ steps.workflow-results.outputs.test_status == 'success' && '✅ Ready' || '🟡 Pending' }} | npm pack verification |

### 📊 Key Metrics
- **Test Suites**: 3 (Client, Worker, Utils)
- **Total Tests**: 16
- **Database**: PostgreSQL with advisory locks
- **Node.js Versions**: 18.x, 20.x, 22.x tested

### 🚀 What's New in This PR
- Review the changes in the "Files changed" tab
- All tests must pass before merging
- Security scan ensures dependency safety
- Multi-version Node.js compatibility verified

### 📋 Merge Checklist
- [ ] All CI checks are passing ✅
- [ ] No security vulnerabilities detected 🔒
- [ ] Code review completed 👀
- [ ] Documentation updated (if needed) 📝

### 🔗 Quick Links
- [🧪 Test Details](https://github.com/${{ github.repository }}/actions/workflows/test.yml)
- [🔒 Security Report](https://github.com/${{ github.repository }}/actions/workflows/security.yml)
- [📊 Coverage Report](https://codecov.io/gh/${{ github.repository }})
- [🐳 Docker Setup](./DOCKER.md)

---
*This summary is automatically updated when CI completes*

<sub>Generated by [que-ts](https://github.com/${{ github.repository }}) CI/CD Pipeline</sub>
132 changes: 132 additions & 0 deletions .github/workflows/security.yml.bck
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,132 @@
name: Security

on:
push:
branches: [main, master]
pull_request:
branches: [main, master]
schedule:
# Run security scan weekly on Mondays at 9 AM UTC
- cron: '0 9 * * 1'

jobs:
security-audit:
runs-on: ubuntu-latest

steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Use Node.js 20.x
uses: actions/setup-node@v4
with:
node-version: 20.x
cache: 'npm'

- name: Install dependencies
run: npm ci

- name: Run npm audit
run: npm audit --audit-level=moderate

- name: Run npm audit fix (dry run)
run: npm audit fix --dry-run

- name: Generate security report
if: always()
id: security-report
run: |
# Run audit and capture output
audit_output=$(npm audit --json 2>/dev/null || echo '{"vulnerabilities": {}, "metadata": {"totalDependencies": 0}}')

# Parse audit results
vulnerabilities=$(echo "$audit_output" | jq -r '.metadata.vulnerabilities // 0')
total_deps=$(echo "$audit_output" | jq -r '.metadata.totalDependencies // 0')

# Check if any high/critical vulnerabilities
high_critical=$(echo "$audit_output" | jq -r '.vulnerabilities | to_entries[] | select(.value.severity == "high" or .value.severity == "critical") | length' | wc -l)

echo "vulnerabilities=$vulnerabilities" >> $GITHUB_OUTPUT
echo "total_deps=$total_deps" >> $GITHUB_OUTPUT
echo "high_critical=$high_critical" >> $GITHUB_OUTPUT

# Get audit summary if vulnerabilities exist
if [ "$vulnerabilities" -gt 0 ]; then
npm audit --audit-level=low > audit_summary.txt 2>&1 || echo "Audit completed with findings" > audit_summary.txt
else
echo "No vulnerabilities found" > audit_summary.txt
fi

- name: Comment PR - Security Results
if: github.event_name == 'pull_request'
uses: actions/github-script@v7
with:
script: |
const fs = require('fs');
const vulnerabilities = '${{ steps.security-report.outputs.vulnerabilities }}';
const totalDeps = '${{ steps.security-report.outputs.total_deps }}';
const highCritical = '${{ steps.security-report.outputs.high_critical }}';

let auditSummary = '';
try {
auditSummary = fs.readFileSync('audit_summary.txt', 'utf8');
} catch (error) {
auditSummary = 'Could not read audit summary';
}

const securityStatus = vulnerabilities === '0' ? '🟢 Secure' :
highCritical === '0' ? '🟡 Low Risk' : '🔴 High Risk';

const comment = `## 🔒 Security Scan Results

**Status**: ${securityStatus}
**Total Dependencies**: ${totalDeps}
**Vulnerabilities Found**: ${vulnerabilities}
**High/Critical Issues**: ${highCritical}

### Security Summary
${vulnerabilities === '0' ?
'✅ **No security vulnerabilities detected**\n✅ All dependencies are secure\n✅ No action required' :
`⚠️ **${vulnerabilities} vulnerabilities found**\n${highCritical === '0' ? '✅ No high/critical issues' : '❌ High/critical issues detected'}`
}

### Dependency Analysis
- **Runtime Dependencies**: PostgreSQL driver (pg)
- **Dev Dependencies**: TypeScript, Jest, ESLint
- **Security Tools**: npm audit, GitHub dependency review

${vulnerabilities !== '0' ?
'### Recommended Actions\n1. Review vulnerability details below\n2. Update affected dependencies\n3. Run `npm audit fix` to auto-resolve issues\n4. Test thoroughly after updates' :
''
}

<details>
<summary>📋 Detailed Audit Report</summary>

\`\`\`
${auditSummary.substring(0, 2000)}${auditSummary.length > 2000 ? '\n... (truncated)' : ''}
\`\`\`
</details>

---
*Security scan performed by GitHub Actions*`;

github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: comment
});

dependency-review:
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'

steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Dependency Review
uses: actions/dependency-review-action@v3
with:
fail-on-severity: moderate
Loading
Loading