Fixed all CI/CD workflow files to ensure checks pass after codebase cleanup.
Issue: Workflows referenced npm run init-db which was removed during codebase cleanup.
Files Updated:
.github/workflows/ci.yml- Removed init-db step from test and coverage jobs.github/workflows/test.yml- Removed init-db step
Reason: The project uses JSON file storage (data/*.json), not SQLite. The initDB.js script was legacy code from an earlier implementation and has been removed.
- ci.yml - Main CI pipeline with test, coverage, lint, and security jobs
- test.yml - Basic test runner
- coverage.yml - Test coverage enforcement (already correct)
- security.yml - Dependency audit (already correct)
- static-security.yml - ESLint security analysis (already correct)
- label-enforcement.yml - Label-based extended checks (already correct)
- codeql.yml - CodeQL security scanning (already correct)
Runs on: Pull requests and pushes to main/develop branches
Jobs:
- Test - Runs full Jest test suite
- Coverage - Enforces test coverage thresholds
- Lint - Runs ESLint with security plugins
- Security - Runs npm audit for critical vulnerabilities
- Status - Aggregates results and reports overall status
Simplified test runner for quick validation.
Enforces minimum 30% coverage threshold for:
- Branches
- Functions
- Lines
- Statements
- security.yml - npm audit for dependencies
- static-security.yml - ESLint security linting
- codeql.yml - GitHub CodeQL analysis
Triggers extended checks based on PR labels:
testinglabel → Extended test suite with strict coveragesecuritylabel → Extended security checks with zero warnings
All workflows use these environment variables:
env:
CI: true
MOCK_STELLAR: true
API_KEYS: test-key-1,test-key-2With all fixes applied:
- ✅ 89/89 tests passing
- ✅ All test suites passing (5/5)
- ✅ No database initialization required
- ✅ Mock Stellar service used in CI
To verify CI/CD passes locally:
# 1. Install dependencies
npm ci
# 2. Run tests
npm test
# 3. Run tests with coverage
npm run test:coverage:ci
# 4. Run linting
npm run lint:security -- --max-warnings=100
# 5. Run security audit
npm audit --audit-level=criticalSolution: ✅ Fixed - Removed from all workflows
Solution: ✅ Not applicable - Project uses JSON storage, tests create their own test data
Solution: Current coverage exceeds 30% threshold. If it drops, add tests to affected areas.
Solution: Fix ESLint warnings or adjust --max-warnings parameter (currently set to 100)
Solution: Update vulnerable dependencies or use npm audit fix
- ✅ Fail Fast - Tests run first, followed by coverage and linting
- ✅ Parallel Execution - Jobs run in parallel when possible
- ✅ Caching - npm cache is used to speed up builds
- ✅ Artifact Upload - Coverage reports are saved for 30 days
- ✅ Environment Isolation - Each job runs in a clean environment
- ✅ Security First - Multiple security checks at different levels
- ✅ Label-Based Triggers - Extended checks only when needed
- Push to
mainordevelopbranches - Pull requests to
mainordevelopbranches - Scheduled (CodeQL only - weekly on Wednesdays)
workflow_dispatch- Can be triggered manually from GitHub Actions UI
- Push changes to trigger CI/CD pipeline
- Monitor workflow runs in GitHub Actions tab
- Review any failures and address issues
- Merge when all checks pass ✅
- Review and update dependencies monthly
- Monitor security advisories
- Update Node.js version as needed (currently 18)
- Review and adjust coverage thresholds as codebase grows
- Ensure tests are added (maintain >30% coverage)
- Run
npm run lint:securitybefore committing - Add appropriate labels to PRs for extended checks
- Update workflows if new scripts are added
For CI/CD issues:
- Check workflow logs in GitHub Actions
- Review this document for common issues
- Verify local tests pass before pushing
- Check environment variables are set correctly