Runs npm ci + npm run build on every push to lotus and on PRs. Marks commit as failed if the build breaks — gives early feedback before the webhook deploy script also catches it. Source map upload skipped in CI (deploy script handles that). npm audit runs informational-only (continue-on-error) since known vulns require upstream fixes. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Lotus Bot
@@ -0,0 +1,36 @@
|
|||||||
|
name: CI
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches: [lotus]
|
||||||
|
pull_request:
|
||||||
|
branches: [lotus]
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
build:
|
||||||
|
name: Build check
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Setup Node.js
|
||||||
|
uses: actions/setup-node@v4
|
||||||
|
with:
|
||||||
|
node-version-file: ".node-version"
|
||||||
|
cache: npm
|
||||||
|
|
||||||
|
- name: Install dependencies
|
||||||
|
run: npm ci
|
||||||
|
|
||||||
|
- name: Build
|
||||||
|
run: npm run build
|
||||||
|
env:
|
||||||
|
NODE_OPTIONS: "--max_old_space_size=4096"
|
||||||
|
# No auth token — skip source map upload in CI (done by deploy script)
|
||||||
|
SENTRY_AUTH_TOKEN: ""
|
||||||
|
|
||||||
|
- name: Audit (high/critical only)
|
||||||
|
run: npm audit --audit-level=high
|
||||||
|
# Informational — don't fail the build on existing known vulns
|
||||||
|
continue-on-error: true
|
||||||
Reference in New Issue
Block a user