Skip to content

chore(ci): add CI workflow and Dependabot hardening#82

Merged
pparage merged 7 commits into
devfrom
feat/ci-hardening
Jun 12, 2026
Merged

chore(ci): add CI workflow and Dependabot hardening#82
pparage merged 7 commits into
devfrom
feat/ci-hardening

Conversation

@t0kubetsu

@t0kubetsu t0kubetsu commented Jun 9, 2026

Copy link
Copy Markdown
Contributor

Summary

  • npm/github-actions Dependabot (CI already covered by schema-and-operators.yml)

Closes #81

Changes

  • .github/workflows/ci.yml — CI pipeline running in a containerised Debian/Python/Node image
  • .github/dependabot.yml — automated dependency updates

Test plan

  • CI runs green on this PR
  • Dependabot alerts enabled in repo settings

t0kubetsu added 7 commits June 9, 2026 10:16
@t0kubetsu
chore(ci): add CI workflow and Dependabot hardening
4c3d56d 
- CI runs inside containerised Debian/Python/Node images (not bare ubuntu-latest)
- Dependabot enabled for package ecosystem + github-actions
@t0kubetsu
fix(ci): install datamodel-code-generator before pydantic drift check
02cc923 
generate-pydantic.sh calls datamodel-codegen which was not installed,
causing the regeneration step to fail with command not found.
@t0kubetsu
fix(ci): guard pytest overlay step — skip when tests/overlay/ not yet…
9754b1c 
… created
@t0kubetsu
fix(ci): guard cross-compare PY_OUT against missing app.overlay module
79ed21b 
app.overlay is not yet implemented in range42-backend-api; catch the
ModuleNotFoundError and emit __PY_UNAVAILABLE__ so the step skips
gracefully instead of hard-failing.
@t0kubetsu
ci(workflow): bump Node to 24, fix branch triggers and ref injection
34a9d8e 
- node-version: 20 → 24 (matches Dockerfile and package.json engines)
- push trigger: feature/** → feat/**, fix/** (matches actual branch naming)
- backend-api checkout ref: replaced dynamic github.base_ref || github.ref_name
  with hardcoded dev to eliminate ref injection risk
@t0kubetsu
chore(ci): bump actions/checkout, setup-node, setup-python to v6
3e7da56
@t0kubetsu
fix(ci): normalize JSON through jq -c before cross-compare
3937918 
Python json.dumps adds spaces after : and , while TypeScript
JSON.stringify is compact; string comparison failed on identical data.
@pparage pparage merged commit 869721a into dev Jun 12, 2026
2 checks passed
@pparage pparage deleted the feat/ci-hardening branch June 12, 2026 09:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@t0kubetsu @pparage