# Forgejo CI/CD Workflows

This directory contains automated workflows for the Great Lakes Ice Report project.

## Workflows

### CI (ci.yml)
Runs on every push to main and on all pull requests. Includes:
- **Lint**: Checks code style with ESLint
- **Type Check**: Validates TypeScript types
- **Test**: Runs Jest tests on Node.js 18 and 20
- **Build**: Verifies all build outputs (backend, frontend, CSS)
- **Security**: Checks for hardcoded secrets and vulnerabilities
- **i18n Validation**: Ensures translation files are valid and complete

### Code Quality (code-quality.yml)
Runs on pull requests to analyze code quality:
- Complexity analysis
- Detection of console.log statements
- TODO/FIXME comment tracking
- Large file detection
- Import analysis and circular dependency checks

### Dependency Review (dependency-review.yml)
Triggered when package.json or package-lock.json changes:
- Identifies major version updates
- Security vulnerability scanning
- Bundle size impact analysis

### PR Labeler (pr-labeler.yml)
Automatically suggests labels based on:
- Changed file paths
- PR title and description keywords
- Type of changes (bug, feature, security, etc.)

### Release (release.yml)
Triggered on version tags (v*):
- Runs full test suite
- Builds the project
- Generates changelog
- Creates release archive

## Running Workflows Locally

You can test workflows locally using [act](https://github.com/nektos/act):

```bash
# Run all workflows
act

# Run specific workflow
act -W .forgejo/workflows/ci.yml

# Run specific job
act -j lint -W .forgejo/workflows/ci.yml
```

## Workflow Status Badges

Add these to your README:

```markdown
[![CI](https://git.deco.sh/deco/ice/actions/workflows/ci.yml/badge.svg)](https://git.deco.sh/deco/ice/actions/workflows/ci.yml)
[![Code Quality](https://git.deco.sh/deco/ice/actions/workflows/code-quality.yml/badge.svg)](https://git.deco.sh/deco/ice/actions/workflows/code-quality.yml)
```

## Best Practices

1. **Keep workflows fast**: Use caching and parallel jobs
2. **Fail fast**: Put quick checks (lint, type-check) before slow ones (tests)
3. **Be specific**: Use path filters to avoid unnecessary runs
4. **Cache dependencies**: Always use `actions/setup-node` with cache
5. **Security first**: Never commit secrets, always use repository secrets

## Troubleshooting

### Workflow not running?
- Check if Forgejo Actions is enabled in repository settings
- Verify workflow syntax with online YAML validators
- Check runner availability

### Tests failing in CI but passing locally?
- Ensure Node.js versions match
- Check for missing environment variables
- Verify database initialization in CI environment