name: Build and Test YT2AI Bookmarklet on: push: branches: [ main, develop ] pull_request: branches: [ main ] jobs: build-and-test: runs-on: ubuntu-latest strategy: matrix: node-version: [16.x, 18.x, 20.x] steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup Node.js ${{ matrix.node-version }} uses: actions/setup-node@v4 with: node-version: ${{ matrix.node-version }} cache: 'npm' - name: Install dependencies run: npm ci - name: Run linting run: npm run lint - name: Check code formatting run: npm run format:check - name: Run tests run: npm run test:coverage - name: Build development version run: npm run build:dev - name: Build production version run: npm run build - name: Verify build artifacts run: | echo "Checking build artifacts..." ls -la dist/ echo "Production bookmarklet size:" stat -c%s dist/bookmarklet.min.js echo "Development bookmarklet size:" stat -c%s dist/bookmarklet-debug.js - name: Validate bookmarklet format run: | echo "Validating bookmarklet format..." if grep -q "^javascript:" dist/bookmarklet.min.js; then echo "✓ Production bookmarklet has correct javascript: prefix" else echo "✗ Production bookmarklet missing javascript: prefix" exit 1 fi if grep -q "^javascript:" dist/bookmarklet-debug.js; then echo "✓ Debug bookmarklet has correct javascript: prefix" else echo "✗ Debug bookmarklet missing javascript: prefix" exit 1 fi - name: Check bundle size limits run: | echo "Checking bundle size limits..." PROD_SIZE=$(stat -c%s dist/bookmarklet.min.js) MAX_SIZE=10240 # 10KB limit if [ $PROD_SIZE -le $MAX_SIZE ]; then echo "✓ Production bundle size OK: ${PROD_SIZE} bytes (limit: ${MAX_SIZE} bytes)" else echo "✗ Production bundle size too large: ${PROD_SIZE} bytes (limit: ${MAX_SIZE} bytes)" exit 1 fi - name: Upload build artifacts uses: actions/upload-artifact@v3 with: name: bookmarklet-builds-node-${{ matrix.node-version }} path: | dist/ coverage/ retention-days: 30 - name: Upload coverage to Codecov if: matrix.node-version == '18.x' uses: codecov/codecov-action@v3 with: file: ./coverage/lcov.info flags: unittests name: codecov-umbrella fail_ci_if_error: false release: needs: build-and-test runs-on: ubuntu-latest if: github.ref == 'refs/heads/main' && github.event_name == 'push' steps: - name: Checkout code uses: actions/checkout@v4 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '18.x' cache: 'npm' - name: Install dependencies run: npm ci - name: Build production version run: npm run build - name: Semantic Release env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | git config user.name "github-actions[bot]" git config user.email "github-actions[bot]@users.noreply.github.com" npm run release security-scan: runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '18.x' cache: 'npm' - name: Install dependencies run: npm ci - name: Run security audit run: npm audit --audit-level high - name: Build and scan with CodeQL uses: github/codeql-action/analyze@v2 with: languages: javascript