name: Code Quality Check on: push: branches: [ main, develop ] pull_request: branches: [ main, develop ] jobs: frontend-check: name: Frontend Code Quality runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '20' cache: 'npm' cache-dependency-path: frontend/platform_web/package-lock.json - name: Install dependencies (platform_web) working-directory: frontend/platform_web run: npm ci - name: Run ESLint (platform_web) working-directory: frontend/platform_web run: npm run lint - name: Run TypeScript check (platform_web) working-directory: frontend/platform_web run: npm run typecheck - name: Build (platform_web) working-directory: frontend/platform_web run: npm run build - name: Install dependencies (merchant_web) working-directory: frontend/merchant_web run: npm ci - name: Run ESLint (merchant_web) working-directory: frontend/merchant_web run: npm run lint - name: Run TypeScript check (merchant_web) working-directory: frontend/merchant_web run: npm run typecheck - name: Build (merchant_web) working-directory: frontend/merchant_web run: npm run build backend-check: name: Backend Code Quality runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Setup Java uses: actions/setup-java@v4 with: java-version: '17' distribution: 'temurin' cache: maven - name: Run SpotBugs working-directory: services/api-gateway run: mvn spotbugs:check - name: Run PMD working-directory: services/api-gateway run: mvn pmd:check - name: Run Checkstyle working-directory: services/api-gateway run: mvn checkstyle:check - name: Run Tests with JaCoCo working-directory: services/api-gateway run: mvn test jacoco:report - name: Build working-directory: services/api-gateway run: mvn package -DskipTests flutter-check: name: Flutter Code Quality runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Setup Flutter uses: subosito/flutter-action@v2 with: flutter-version: '3.24.0' channel: 'stable' - name: Get dependencies (user_app) working-directory: frontend/user_app run: flutter pub get - name: Run analysis (user_app) working-directory: frontend/user_app run: flutter analyze --fatal-infos - name: Run tests (user_app) working-directory: frontend/user_app run: flutter test --coverage - name: Get dependencies (rider_app) working-directory: frontend/rider_app run: flutter pub get - name: Run analysis (rider_app) working-directory: frontend/rider_app run: flutter analyze --fatal-infos - name: Run tests (rider_app) working-directory: frontend/rider_app run: flutter test --coverage security-check: name: Security Check runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@master with: scan-type: 'fs' scan-ref: '.' severity: 'CRITICAL,HIGH' exit-code: '1' ignore-unfixed: true - name: Check for secrets uses: trufflesecurity/trufflehog@main with: path: ./ base: ${{ github.event.repository.default_branch }} extra_args: --only-verified dependency-check: name: Dependency Security Check runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '20' - name: Run npm audit (platform_web) working-directory: frontend/platform_web run: npm audit --audit-level=high continue-on-error: true - name: Run npm audit (merchant_web) working-directory: frontend/merchant_web run: npm audit --audit-level=high continue-on-error: true - name: Run npm audit (official_website) working-directory: frontend/official_website run: npm audit --audit-level=high continue-on-error: true - name: Setup Java uses: actions/setup-java@v4 with: java-version: '17' distribution: 'temurin' cache: maven - name: Run OWASP Dependency Check working-directory: services/api-gateway run: mvn org.owasp:dependency-check-maven:check continue-on-error: true