ci: CICD (#32)

* ci: CICD

* test: ESLint v9

* ci: Remove Node v18

* test: Linting

* ci: Testing

* ci: Testing

* ci: Testing

Author: mauriciolauffer

.eslintignore

@@ -0,0 +1,15 @@
+name: Auto-assign Issue + PR
+
+on:
+  issues:
+    types: [opened]
+  pull_request:
+    types: [opened, edited, synchronize, reopened]
+
+permissions: read-all
+
+jobs:
+  auto-assign:
+    permissions:
+      issues: write
+    uses: mauriciolauffer/.github/.github/workflows/auto-assign.yml@main

.eslintrc.yaml

@@ -1,52 +1,14 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
-#
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
-name: "CodeQL"
+name: CodeQL
 
 on:
   push:
-    branches: [ master ]
+    branches: [master]
   pull_request:
 
 permissions: read-all
 
 jobs:
   analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
     permissions:
       security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [ 'javascript' ]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
-        # Learn more about CodeQL language support at https://git.io/codeql-language-support
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4
-      with:
-        persist-credentials: false
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+    uses: mauriciolauffer/.github/.github/workflows/codeql-analysis.yml@main

.github/FUNDING.yml

@@ -2,25 +2,15 @@ name: NPM Package Publish
 
 on:
   release:
-    types: [created]
+    types: [published]
+  workflow_dispatch:
 
 permissions: read-all
 
 jobs:
   publish:
-    runs-on: ubuntu-latest
     permissions:
       id-token: write
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-        with:
-          node-version: 20
-          registry-url: https://registry.npmjs.org
-          cache: npm
-      - run: npm i -g @ui5/cli --ignore-scripts
-      - run: npm ci --ignore-scripts
-      - run: npm run build
-      - run: npm publish --provenance
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_SECRET }}
+    uses: mauriciolauffer/.github/.github/workflows/npm-publish.yml@main
+    secrets:
+      NODE_AUTH_TOKEN: ${{ secrets.NPM_SECRET }}

.github/workflows/auto-assign.yml

@@ -3,17 +3,11 @@ on:
   push:
     branches: [master]
 
-permissions: read-all
-
 jobs:
   release:
-    runs-on: ubuntu-latest
     permissions:
       contents: write
       pull-requests: write
-    steps:
-      - uses: google-github-actions/release-please-action@v4
-        with:
-          token: ${{ secrets.GH_PAT }}
-          release-type: node
-          package-name: openui5-tour
+    uses: mauriciolauffer/.github/.github/workflows/release.yml@main
+    secrets:
+      GITHUB_PAT: ${{ secrets.GH_PAT }}

.github/workflows/codeql-analysis.yml

@@ -3,44 +3,18 @@ on:
   # Only the default branch is supported.
   branch_protection_rule:
   schedule:
-    - cron: '30 5 * * 1'
+    - cron: "10 5 * * 1"
   push:
-    branches: [ master ]
+    branches: [master]
 
 # Declare default permissions as read only.
 permissions: read-all
 
 jobs:
   analysis:
-    name: Scorecards analysis
-    runs-on: ubuntu-latest
     permissions:
-      # Needed to upload the results to code-scanning dashboard.
       security-events: write
       id-token: write
-
-    steps:
-      - name: "Checkout code"
-        uses: actions/checkout@v4
-        with:
-          persist-credentials: false
-
-      - name: "Run analysis"
-        uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
-        with:
-          results_file: results.sarif
-          results_format: sarif
-          # Read-only PAT token. To create it,
-          # follow the steps in https://github.com/ossf/scorecard-action#pat-token-creation.
-          repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
-          # Publish the results to enable scorecard badges. For more details, see
-          # https://github.com/ossf/scorecard-action#publishing-results.
-          # For private repositories, `publish_results` will automatically be set to `false`,
-          # regardless of the value entered here.
-          publish_results: true
-
-      # Upload the results to GitHub's code scanning dashboard.
-      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@v2
-        with:
-          sarif_file: results.sarif
+    uses: mauriciolauffer/.github/.github/workflows/scorecards-analysis.yml@main
+    secrets:
+      SCORECARD_READ_TOKEN: ${{ secrets.SCORECARD_READ_TOKEN }}

.github/workflows/npm-publish.yml

@@ -1,28 +1,35 @@
 name: test
 on:
   push:
-    branches: [ master ]
   pull_request:
+  schedule:
+    - cron: "35 1 * * *"
+
 
 permissions: read-all
 
 jobs:
   test:
     runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node-version: [20, 22]
     permissions:
       security-events: write
     steps:
     - uses: actions/checkout@v4
       with:
         persist-credentials: false
-    - uses: actions/setup-node@v4
+    - name: Use Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v4
       with:
+        node-version: ${{ matrix.node-version }}
         cache: npm
     - run: npm i -g @ui5/cli concurrently --ignore-scripts
-    - run: npm ci --ignore-scripts
+    - run: npm ci
     - run: npm run build
     - run: npm run lint:ci
-    - run: concurrently  --kill-others --success last "npm:start:dist" "npm:test:ci"
-    - uses: github/codeql-action/upload-sarif@v2
+    - run: npm run start:test
+    - uses: github/codeql-action/upload-sarif@v3
       with:
-        sarif_file: target/eslint.sarif
+        sarif_file: eslint.sarif

.github/workflows/release.yml

@@ -0,0 +1,36 @@
+import globals from "globals";
+import { defineConfig } from "eslint/config";
+import ui5Config from "eslint-config-mlauffer-ui5";
+import { configs as wdioConfigs } from "eslint-plugin-wdio";
+
+export default defineConfig([
+  {
+    name: "local-ignores",
+    ignores: [
+      "**/coverage/",
+      "**/dist/",
+      "**/gen/",
+      "**/resources/",
+      "**/thirdparty/"
+    ],
+  },
+  {
+    files: ["src/**/*.js", "test/**/*.js", "demo/**/*.js"],
+    extends: [ui5Config],
+  },
+  {
+    files: ["test/**/*.js"],
+    extends: [wdioConfigs["flat/recommended"]],
+    languageOptions: {
+      globals: {
+        ...globals.qunit,
+        ...globals.mocha,
+      },
+    },
+    rules: {
+      "jsdoc/require-jsdoc": "off",
+      "jsdoc/require-param": "off",
+      "jsdoc/require-returns": "off",
+    },
+  },
+]);