anosatsuk124/VoiceRSSSummary
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add ci

Browse Source
This commit is contained in:
Satsuki Akiba
2025-06-12 09:00:16 +09:00
parent 4226d6ccd6
commit 18a3b5312e
6 changed files with 526 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

111
.github/workflows/ci.yml vendored Normal file
View File

@ -0,0 +1,111 @@
name: CI
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main ]
jobs:
lint-and-test:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Bun
uses: oven-sh/setup-bun@v1
with:
bun-version: latest
- name: Install dependencies
run: bun install
- name: Install admin panel dependencies
run: cd admin-panel && bun install
- name: Type check
run: bunx tsc --noEmit
- name: Lint
run: bun run lint
- name: Format check
run: bun run format:check
- name: Build frontend
run: bun run build:frontend
- name: Build admin panel
run: bun run build:admin
- name: Test build artifacts
run: |
ls -la frontend/dist/
ls -la admin-panel/dist/
echo "✅ Build artifacts created successfully"
docker-test:
runs-on: ubuntu-latest
needs: lint-and-test
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build Docker image (test only)
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64
push: false
tags: voice-rss-summary:test
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Test Docker image
run: |
echo "Testing Docker image functionality..."
# Create minimal test environment
mkdir -p test-data test-public
echo "# Test feed" > feed_urls.txt
echo "OPENAI_API_KEY=test" > .env
echo "VOICEVOX_HOST=http://localhost:50021" >> .env
# Run container for a short time to test startup
docker run --rm --name test-container \
-v "$(pwd)/feed_urls.txt:/app/feed_urls.txt:ro" \
-v "$(pwd)/.env:/app/.env:ro" \
-v "$(pwd)/test-public:/app/public" \
-v "$(pwd)/test-data:/app/data" \
voice-rss-summary:test \
timeout 30 bun run server.ts || true
echo "✅ Docker image test completed"
security-scan:
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
scan-ref: '.'
format: 'sarif'
output: 'trivy-results.sarif'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
if: always()
with:
sarif_file: 'trivy-results.sarif'

114
.github/workflows/docker-build.yml vendored Normal file
View File

@ -0,0 +1,114 @@
name: Build and Publish Docker Images
on:
push:
branches: [ main, develop ]
tags: [ 'v*' ]
pull_request:
branches: [ main ]
workflow_dispatch:
inputs:
platforms:
description: 'Platforms to build (comma-separated)'
required: false
default: 'linux/amd64,linux/arm64'
type: string
push_to_registry:
description: 'Push to registry'
required: false
default: true
type: boolean
env:
REGISTRY: ghcr.io
IMAGE_NAME_1: ${{ github.repository_owner }}/voice-rss-summary
IMAGE_NAME_2: ${{ github.repository_owner }}/voicersssummary
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME_1 }}
${{ env.REGISTRY }}/${{ env.IMAGE_NAME_2 }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=raw,value=latest,enable={{is_default_branch}}
- name: Determine platforms
id: platforms
run: |
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
echo "platforms=${{ github.event.inputs.platforms }}" >> $GITHUB_OUTPUT
elif [ "${{ github.event_name }}" = "pull_request" ]; then
echo "platforms=linux/amd64" >> $GITHUB_OUTPUT
else
echo "platforms=linux/amd64,linux/arm64" >> $GITHUB_OUTPUT
fi
- name: Determine push setting
id: push
run: |
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
echo "push=${{ github.event.inputs.push_to_registry }}" >> $GITHUB_OUTPUT
elif [ "${{ github.event_name }}" = "pull_request" ]; then
echo "push=false" >> $GITHUB_OUTPUT
else
echo "push=true" >> $GITHUB_OUTPUT
fi
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: ${{ steps.platforms.outputs.platforms }}
push: ${{ steps.push.outputs.push }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
BUILDKIT_INLINE_CACHE=1
- name: Generate summary
if: always()
run: |
echo "## Build Summary" >> $GITHUB_STEP_SUMMARY
echo "- **Event**: ${{ github.event_name }}" >> $GITHUB_STEP_SUMMARY
echo "- **Ref**: ${{ github.ref }}" >> $GITHUB_STEP_SUMMARY
echo "- **Platforms**: ${{ steps.platforms.outputs.platforms }}" >> $GITHUB_STEP_SUMMARY
echo "- **Push to registry**: ${{ steps.push.outputs.push }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### Images built:" >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
echo "${{ steps.meta.outputs.tags }}" >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY

138
.github/workflows/release.yml vendored Normal file
View File

@ -0,0 +1,138 @@
name: Release
on:
push:
tags:
- 'v*'
workflow_dispatch:
inputs:
tag:
description: 'Tag to release'
required: true
type: string
env:
REGISTRY: ghcr.io
jobs:
create-release:
runs-on: ubuntu-latest
permissions:
contents: write
packages: read
outputs:
upload_url: ${{ steps.create_release.outputs.upload_url }}
release_id: ${{ steps.create_release.outputs.id }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Get tag
id: get_tag
run: |
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
echo "tag=${{ github.event.inputs.tag }}" >> $GITHUB_OUTPUT
else
echo "tag=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
fi
- name: Generate changelog
id: changelog
run: |
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
PREVIOUS_TAG=$(git describe --tags --abbrev=0 "${{ github.event.inputs.tag }}^" 2>/dev/null || echo "")
else
PREVIOUS_TAG=$(git describe --tags --abbrev=0 HEAD^ 2>/dev/null || echo "")
fi
if [ -n "$PREVIOUS_TAG" ]; then
echo "## Changes since $PREVIOUS_TAG" > changelog.md
git log --pretty=format:"- %s (%h)" "$PREVIOUS_TAG"..HEAD >> changelog.md
else
echo "## Initial Release" > changelog.md
echo "First release of Voice RSS Summary" >> changelog.md
fi
echo "" >> changelog.md
echo "## Docker Images" >> changelog.md
echo "- \`ghcr.io/${{ github.repository_owner }}/voice-rss-summary:${{ steps.get_tag.outputs.tag }}\`" >> changelog.md
echo "- \`ghcr.io/${{ github.repository_owner }}/voicersssummary:${{ steps.get_tag.outputs.tag }}\`" >> changelog.md
echo "" >> changelog.md
echo "## Usage" >> changelog.md
echo "\`\`\`bash" >> changelog.md
echo "# Pull and run the latest image" >> changelog.md
echo "docker run -p 3000:3000 -p 3001:3001 ghcr.io/${{ github.repository_owner }}/voice-rss-summary:${{ steps.get_tag.outputs.tag }}" >> changelog.md
echo "" >> changelog.md
echo "# Or clone the repository and run locally" >> changelog.md
echo "git clone https://github.com/${{ github.repository }}.git" >> changelog.md
echo "cd VoiceRSSSummary" >> changelog.md
echo "git checkout ${{ steps.get_tag.outputs.tag }}" >> changelog.md
echo "./run-docker.sh container-name ${{ steps.get_tag.outputs.tag }} --from-ghcr" >> changelog.md
echo "\`\`\`" >> changelog.md
- name: Create Release
id: create_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ steps.get_tag.outputs.tag }}
release_name: Release ${{ steps.get_tag.outputs.tag }}
body_path: changelog.md
draft: false
prerelease: ${{ contains(steps.get_tag.outputs.tag, '-') }}
wait-for-docker:
runs-on: ubuntu-latest
needs: create-release
permissions:
packages: read
steps:
- name: Get tag
id: get_tag
run: |
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
echo "tag=${{ github.event.inputs.tag }}" >> $GITHUB_OUTPUT
else
echo "tag=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
fi
- name: Wait for Docker images
run: |
echo "Waiting for Docker images to be available..."
TAG="${{ steps.get_tag.outputs.tag }}"
for i in {1..30}; do
echo "Attempt $i: Checking if images are available..."
if docker manifest inspect ghcr.io/${{ github.repository_owner }}/voice-rss-summary:${TAG} >/dev/null 2>&1; then
echo "✅ Docker images are available!"
exit 0
fi
echo "Images not yet available, waiting 30 seconds..."
sleep 30
done
echo "❌ Timeout waiting for Docker images"
exit 1
- name: Test Docker image
run: |
TAG="${{ steps.get_tag.outputs.tag }}"
echo "Testing Docker image: ghcr.io/${{ github.repository_owner }}/voice-rss-summary:${TAG}"
# Pull the image
docker pull ghcr.io/${{ github.repository_owner }}/voice-rss-summary:${TAG}
# Run a quick test
docker run --rm --name test-container \
ghcr.io/${{ github.repository_owner }}/voice-rss-summary:${TAG} \
timeout 10 bun --version || true
echo "✅ Docker image test completed"