feat: add lint and build GitHub Actions for pull requests#13
Conversation
|
Important Review skippedBot user detected. To trigger a single review, invoke the You can disable this status message by setting the Note Other AI code review bot(s) detectedCodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review. WalkthroughTwo new GitHub Actions workflows are introduced: one for building the application on pull requests, executing setup, dependency installation, Prisma client generation, and web app build; another for linting, performing checkout, environment setup, caching, dependency installation, and lint script execution. Changes
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~3 minutes
Poem
Pre-merge checks and finishing touches✅ Passed checks (3 passed)
Comment |
Co-authored-by: SimonLoir <17649337+SimonLoir@users.noreply.github.com>
Co-authored-by: SimonLoir <17649337+SimonLoir@users.noreply.github.com>
Co-authored-by: SimonLoir <17649337+SimonLoir@users.noreply.github.com>
SimonLoir
changed the title
|
@coderabbitai review |
✅ Actions performedReview triggered.
|
There was a problem hiding this comment.
Pull Request Overview
This PR adds CI automation for pull requests by introducing two separate GitHub Actions workflows: one for linting and one for building the web application.
- Adds lint workflow to run
pnpm linton all monorepo packages via Turbo - Adds build workflow that generates Prisma client and builds the web app with necessary environment variables
- Both workflows use pnpm 9.0.0 with store caching and trigger on pull requests to main
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
.github/workflows/lint.yml |
Runs linting checks across all monorepo packages |
.github/workflows/build.yml |
Builds the web app with Prisma client generation and required environment variables |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| - name: Setup Node.js | ||
| uses: actions/setup-node@v4.1.0 | ||
| with: | ||
| node-version: '20' |
There was a problem hiding this comment.
The Node.js version specified (20) does not meet the project's minimum requirement. According to package.json, the project requires node >= 24.8.0, but this workflow uses Node.js 20. Update to Node.js 24 or higher to match the project requirements.
| node-version: '20' | |
| node-version: '24.8.0' |
There was a problem hiding this comment.
Updated to Node.js 24.8.0 in commit ad4eb1c
| - name: Setup Node.js | ||
| uses: actions/setup-node@v4.1.0 | ||
| with: | ||
| node-version: '20' |
There was a problem hiding this comment.
The Node.js version specified (20) does not meet the project's minimum requirement. According to package.json, the project requires node >= 24.8.0, but this workflow uses Node.js 20. Update to Node.js 24 or higher to match the project requirements.
| node-version: '20' | |
| node-version: '24.8.0' |
There was a problem hiding this comment.
Updated to Node.js 24.8.0 in commit ad4eb1c
| # CI-only placeholder values for build testing | ||
| # These are not real credentials and are safe for public repositories |
There was a problem hiding this comment.
[nitpick] The comments suggest these are placeholder values safe for public repositories, but they are being used for actual build testing. Consider adding a comment that explains these values are only used to satisfy build-time validation and are not used for runtime operations or actual connections.
| # CI-only placeholder values for build testing | |
| # These are not real credentials and are safe for public repositories | |
| # CI-only placeholder values for build testing. | |
| # These values are only used to satisfy build-time validation in CI and are not used for runtime operations or actual connections. | |
| # They are not real credentials and are safe for public repositories. |
There was a problem hiding this comment.
Improved the comment to clarify these values are only for build-time validation in commit ad4eb1c
| - name: Install pnpm | ||
| uses: pnpm/action-setup@v4.0.0 | ||
| with: | ||
| version: 9.0.0 | ||
|
|
||
| - name: Get pnpm store directory | ||
| id: pnpm-cache | ||
| shell: bash | ||
| run: | | ||
| echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT | ||
|
|
||
| - name: Setup pnpm cache | ||
| uses: actions/cache@v4.1.2 | ||
| with: | ||
| path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} | ||
| key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-pnpm-store- | ||
|
|
There was a problem hiding this comment.
[nitpick] This pnpm cache setup code is duplicated across both lint.yml and build.yml workflows. Consider extracting these steps into a reusable composite action or workflow to reduce duplication and ensure consistency across workflows.
| - name: Install pnpm | |
| uses: pnpm/action-setup@v4.0.0 | |
| with: | |
| version: 9.0.0 | |
| - name: Get pnpm store directory | |
| id: pnpm-cache | |
| shell: bash | |
| run: | | |
| echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT | |
| - name: Setup pnpm cache | |
| uses: actions/cache@v4.1.2 | |
| with: | |
| path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} | |
| key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pnpm-store- | |
| - name: Setup pnpm cache | |
| uses: ./.github/actions/setup-pnpm-cache | |
| with: | |
| pnpm-version: 9.0.0 |
|
@copilot there is an error: Error: This request has been automatically failed because it uses a deprecated version of |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (2)
.github/workflows/lint.yml (1)
1-45: Workflow structure and steps look good.The lint workflow is well-structured with proper caching, pinned action versions, and read-only permissions. However, note that the environment setup (checkout, Node.js, pnpm, cache) is duplicated across both the lint and build workflows.
Consider extracting the common setup into a reusable workflow to reduce duplication and improve maintainability. Both workflows could call a shared setup step, reducing maintenance burden if versions or caching strategies need to be updated.
Example structure:
# .github/workflows/setup-pnpm.yml name: Setup pnpm on: workflow_call: jobs: setup: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4.2.2 # ... rest of setup ...Then in lint.yml and build.yml:
jobs: lint: uses: ./.github/workflows/setup-pnpm.yml(This is optional and can be deferred.)
.github/workflows/build.yml (1)
49-58: Use GitHub Secrets for environment variables to align with best practices (optional improvement).The hardcoded placeholder credentials are already well-documented with clear comments explaining they are CI-only and non-functional. This approach is acceptable for testing. However, using clearly named dummy values documented as placeholders aligns with best practices.
To improve:
- Store credentials in GitHub repository secrets and reference with
${{ secrets.SECRET_NAME }}instead of hardcoding- This eliminates potential static analysis warnings and makes credential management more explicit
The current approach is safe and works for CI testing. Migrating to GitHub Secrets would be a best-practice improvement but is not required.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (2)
.github/workflows/build.yml(1 hunks).github/workflows/lint.yml(1 hunks)
🧰 Additional context used
🪛 Checkov (3.2.334)
.github/workflows/build.yml
[medium] 52-53: Basic Auth Credentials
(CKV_SECRET_4)
🔇 Additional comments (1)
.github/workflows/build.yml (1)
44-48: Verification confirms both packages exist in the monorepo.The workflow correctly targets valid packages:
@repo/dbexists as a scoped packagewebexists as a workspace packageBoth pnpm filter commands will resolve correctly.
Co-authored-by: SimonLoir <17649337+SimonLoir@users.noreply.github.com>
Add lint and build GitHub Actions checks for pull requests in 2 different actions
This PR adds two separate GitHub Actions workflows for pull requests:
Completed:
.github/workflows/lint.yml- Workflow to run lint checks on all code for pull requests.github/workflows/build.yml- Workflow to build the apps/web app specifically for pull requestsImplementation details:
pnpm lintwhich uses Turbo to lint all packagespnpm --filter web buildto specifically build only the apps/web app (per requirement)permissions: contents: readfor securityBoth workflows have been tested locally and follow GitHub Actions security best practices.
Original prompt
💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.
Summary by CodeRabbit