ghndrx/k8s-game-2048
1
0
Fork 0
mirror of https://github.com/ghndrx/k8s-game-2048.git synced 2026-02-10 06:45:07 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
82fc2a6691fc7e28bed4738806ec8e521166de69
k8s-game-2048/.github/workflows/pr-validation.yml
Greg 82fc2a6691 feat: Complete PII cleanup and fully automatic pipeline 
🧹 PII Cleanup & Security:
- Remove all hardcoded domains (darknex.us, hndrx.co)
- Remove all hardcoded emails (admin@ references)
- Replace all personal info with environment variables
- Repository now 100% generic and reusable

🚀 Fully Automatic Pipeline:
- Pipeline now runs automatically develop → staging → production
- No manual intervention required for production promotions
- Auto-promotion triggers after successful tests
- All workflows use commit-specific image tags

🔧 Environment Variables:
- All manifests use ${VARIABLE_NAME} syntax
- All scripts source from .env file
- GitHub Actions use secrets for sensitive data
- Complete .env.example template provided

📚 Documentation:
- New comprehensive WORKFLOWS.md with pipeline details
- New PIPELINE_QUICK_REFERENCE.md for quick reference
- Updated all docs to use generic placeholders
- Added security/privacy section to README

🔐 Security Enhancements:
- Updated .gitignore for all sensitive files
- Created PII verification script (verify-pii-removal.sh)
- Created cleanup automation script (cleanup-pii.sh)
- Repository verified PII-free and production-ready

BREAKING: Repository now requires .env configuration
- Copy .env.example to .env and configure for your environment
- Set GitHub repository secrets for CI/CD workflows
- All deployments now use environment-specific configuration
2025-07-01 17:30:26 -07:00

110 lines
2.9 KiB
YAML
Raw Blame History

name: Pull Request Validation
on:
pull_request:
branches: [ develop, staging, master ]
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${GITHUB_REPOSITORY}
jobs:
validate:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
pull-requests: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: '18'
cache: 'npm'
cache-dependency-path: tests/package.json
- name: Install Playwright dependencies
run: |
cd tests
npm install
npx playwright install --with-deps
- name: Start local server
run: |
npm start &
sleep 5
curl -f http://localhost:8080/ || exit 1
env:
CI: true
- name: Run Playwright tests locally
run: |
cd tests
BASE_URL=http://localhost:8080 npx playwright test
env:
CI: true
- name: Build Docker image
uses: docker/build-push-action@v5
with:
context: .
push: false
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:pr-${{ github.event.number }}
- name: Validate Kubernetes manifests
run: |
# Install kubeval for validation
curl -L https://github.com/instrumenta/kubeval/releases/latest/download/kubeval-linux-amd64.tar.gz | tar xz
sudo mv kubeval /usr/local/bin
# Validate all manifests
kubeval manifests/dev/*.yml
kubeval manifests/staging/*.yml
kubeval manifests/prod/*.yml
- name: Upload PR test results
uses: actions/upload-artifact@v4
if: always()
with:
name: pr-test-results-${{ github.event.number }}
path: |
tests/playwright-report/
tests/test-results/
retention-days: 7
- name: Comment PR with test results
uses: actions/github-script@v7
if: always()
with:
script: |
const { owner, repo } = context.repo;
const issue_number = context.payload.pull_request.number;
const comment = `## 🧪 PR Validation Results
**Tests Status**: ${{ job.status == 'success' && '✅ Passed' || '❌ Failed' }}
**Commit**: ${{ github.event.pull_request.head.sha }}
### Test Summary:
- ✅ Local server started successfully
- ✅ Playwright tests executed
- ✅ Docker image built
- ✅ Kubernetes manifests validated
### Artifacts:
- Test results and screenshots are available in the workflow artifacts
${{ job.status == 'success' && '🚀 Ready for merge!' || '⚠️ Please check the failed tests and fix issues before merging.' }}
`;
await github.rest.issues.createComment({
owner,
repo,
issue_number,
body: comment
});
Reference in New Issue View Git Blame Copy Permalink