Add ci

.github/workflows/ci.yml

@@ -0,0 +1,111 @@
+name: CI
+
+on:
+  push:
+    branches: [ main, develop ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  lint-and-test:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Setup Bun
+      uses: oven-sh/setup-bun@v1
+      with:
+        bun-version: latest
+
+    - name: Install dependencies
+      run: bun install
+
+    - name: Install admin panel dependencies
+      run: cd admin-panel && bun install
+
+    - name: Type check
+      run: bunx tsc --noEmit
+
+    - name: Lint
+      run: bun run lint
+
+    - name: Format check
+      run: bun run format:check
+
+    - name: Build frontend
+      run: bun run build:frontend
+
+    - name: Build admin panel
+      run: bun run build:admin
+
+    - name: Test build artifacts
+      run: |
+        ls -la frontend/dist/
+        ls -la admin-panel/dist/
+        echo "✅ Build artifacts created successfully"
+
+  docker-test:
+    runs-on: ubuntu-latest
+    needs: lint-and-test
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
+    - name: Build Docker image (test only)
+      uses: docker/build-push-action@v5
+      with:
+        context: .
+        platforms: linux/amd64
+        push: false
+        tags: voice-rss-summary:test
+        cache-from: type=gha
+        cache-to: type=gha,mode=max
+
+    - name: Test Docker image
+      run: |
+        echo "Testing Docker image functionality..."
+        
+        # Create minimal test environment
+        mkdir -p test-data test-public
+        echo "# Test feed" > feed_urls.txt
+        echo "OPENAI_API_KEY=test" > .env
+        echo "VOICEVOX_HOST=http://localhost:50021" >> .env
+        
+        # Run container for a short time to test startup
+        docker run --rm --name test-container \
+          -v "$(pwd)/feed_urls.txt:/app/feed_urls.txt:ro" \
+          -v "$(pwd)/.env:/app/.env:ro" \
+          -v "$(pwd)/test-public:/app/public" \
+          -v "$(pwd)/test-data:/app/data" \
+          voice-rss-summary:test \
+          timeout 30 bun run server.ts || true
+        
+        echo "✅ Docker image test completed"
+
+  security-scan:
+    runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request'
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Run Trivy vulnerability scanner
+      uses: aquasecurity/trivy-action@master
+      with:
+        scan-type: 'fs'
+        scan-ref: '.'
+        format: 'sarif'
+        output: 'trivy-results.sarif'
+
+    - name: Upload Trivy scan results to GitHub Security tab
+      uses: github/codeql-action/upload-sarif@v2
+      if: always()
+      with:
+        sarif_file: 'trivy-results.sarif'