|
| 1 | +# GitHub Actions CI/CD |
| 2 | + |
| 3 | +This directory contains GitHub Actions workflows for the sqlite-mcp-server project. |
| 4 | + |
| 5 | +## Workflows |
| 6 | + |
| 7 | +### `ci.yml` - Continuous Integration |
| 8 | + |
| 9 | +This workflow runs on: |
| 10 | +- Every push to `main` and `develop` branches |
| 11 | +- Every pull request targeting `main` and `develop` branches |
| 12 | +- Pull request events (opened, synchronize, reopened) |
| 13 | + |
| 14 | +#### Jobs |
| 15 | + |
| 16 | +1. **Test** - Runs tests across multiple Go versions |
| 17 | + - Go versions: 1.21, 1.22, 1.23 |
| 18 | + - Runs unit tests with race detection |
| 19 | + - Generates coverage reports |
| 20 | + - Uploads coverage to Codecov (only for Go 1.23) |
| 21 | + |
| 22 | +2. **Lint** - Code quality checks |
| 23 | + - Runs golangci-lint with comprehensive linting rules |
| 24 | + - Checks code formatting, style, and potential issues |
| 25 | + - Uses custom configuration from `.golangci.yml` |
| 26 | + |
| 27 | +3. **Integration Test** - End-to-end testing |
| 28 | + - Builds the server binary |
| 29 | + - Sets up test databases |
| 30 | + - Runs quick integration tests |
| 31 | + - Depends on test and lint jobs passing |
| 32 | + |
| 33 | +4. **Security** - Security scanning |
| 34 | + - Runs Gosec security scanner using `securego/gosec` action |
| 35 | + - Uploads SARIF results to GitHub Security tab |
| 36 | + - Scans Go code for common security vulnerabilities |
| 37 | + - Downloads dependencies before scanning |
| 38 | + |
| 39 | +5. **Status Check** - PR status summary |
| 40 | + - Summarizes all job results for PR requirements |
| 41 | + - Posts status comments on pull requests |
| 42 | + - Updates existing status comments instead of creating duplicates |
| 43 | + - Required for PR merges |
| 44 | + |
| 45 | +### `release.yml` - Automatic Tagging and Releases |
| 46 | + |
| 47 | +This workflow automatically creates tags and releases when code is merged to the `main` branch. |
| 48 | + |
| 49 | +#### Triggers |
| 50 | +- **Automatic**: Every push to `main` branch (after successful PR merge) |
| 51 | +- **Manual**: Workflow dispatch with version type selection |
| 52 | + |
| 53 | +#### Jobs |
| 54 | + |
| 55 | +1. **Check Changes** - Analyzes commits for release-worthy changes |
| 56 | + - Examines commit messages since last tag |
| 57 | + - Determines appropriate version bump (major/minor/patch) |
| 58 | + - Skips release if no significant changes |
| 59 | + |
| 60 | +2. **Create Tag** - Generates new version tag and GitHub release |
| 61 | + - Calculates semantic version based on commit analysis |
| 62 | + - Supports manual version override via workflow dispatch |
| 63 | + - Runs final tests before tagging |
| 64 | + - Generates automated changelog |
| 65 | + - Creates annotated Git tag |
| 66 | + |
| 67 | +3. **Build Release Assets** - Cross-platform binary compilation |
| 68 | + - Linux AMD64/ARM64 |
| 69 | + - macOS AMD64/ARM64 (Intel/Apple Silicon) |
| 70 | + - Windows AMD64 |
| 71 | + - Generates SHA256 checksums |
| 72 | + |
| 73 | +4. **Create GitHub Release** - Publishes release with assets |
| 74 | + - Uploads all platform binaries |
| 75 | + - Includes automated changelog |
| 76 | + - Links to full commit comparison |
| 77 | + |
| 78 | +5. **Notify** - Reports release status |
| 79 | + - Success/failure notifications |
| 80 | + - Links to new release |
| 81 | + |
| 82 | +#### Version Bump Logic |
| 83 | +- **Major** (`1.x.x`): Commits with `BREAKING`, `major`, `feat!`, `fix!` |
| 84 | +- **Minor** (`x.1.x`): Commits with `feat`, `feature` |
| 85 | +- **Patch** (`x.x.1`): All other changes (fixes, docs, etc.) |
| 86 | + |
| 87 | +## Manual Release |
| 88 | + |
| 89 | +You can manually trigger a release from the GitHub Actions tab: |
| 90 | + |
| 91 | +1. Go to **Actions** → **Release and Tagging** |
| 92 | +2. Click **Run workflow** |
| 93 | +3. Choose: |
| 94 | + - **Version bump type**: `patch`, `minor`, or `major` |
| 95 | + - **Custom version**: Override with specific version (e.g., `v2.1.0`) |
| 96 | +4. Click **Run workflow** |
| 97 | + |
| 98 | +This is useful for: |
| 99 | +- Creating releases outside of the normal merge cycle |
| 100 | +- Fixing version numbering issues |
| 101 | +- Creating custom version numbers |
| 102 | + |
| 103 | +## Local Development |
| 104 | + |
| 105 | +You can run the same checks locally using the Makefile: |
| 106 | + |
| 107 | +```bash |
| 108 | +# Install golangci-lint and run all CI checks |
| 109 | +make ci-local |
| 110 | + |
| 111 | +# Run just the linter |
| 112 | +make lint |
| 113 | + |
| 114 | +# Run linter with auto-fix |
| 115 | +make lint-fix |
| 116 | + |
| 117 | +# Run tests with race detection |
| 118 | +make test-race |
| 119 | + |
| 120 | +# Generate coverage report |
| 121 | +make coverage |
| 122 | +``` |
| 123 | + |
| 124 | +## Configuration Files |
| 125 | + |
| 126 | +- `.golangci.yml` - golangci-lint configuration |
| 127 | + - Enables comprehensive set of linters |
| 128 | + - Customized rules for the project |
| 129 | + - Excludes certain checks for test files |
| 130 | + |
| 131 | +## Pull Request Features |
| 132 | + |
| 133 | +The CI workflow includes several PR-specific enhancements: |
| 134 | + |
| 135 | +### Automated Comments |
| 136 | +- **Test Results**: Comments with build and test status |
| 137 | +- **Status Summary**: Comprehensive status check with all job results |
| 138 | +- **Smart Updates**: Updates existing comments instead of creating duplicates |
| 139 | + |
| 140 | +### Status Checks |
| 141 | +- All jobs must pass for PR merge approval |
| 142 | +- Clear visual indicators for each job status |
| 143 | +- Links to detailed action logs |
| 144 | + |
| 145 | +### Security Integration |
| 146 | +- SARIF upload to GitHub Security tab |
| 147 | +- Security findings visible in PR conversations |
| 148 | +- Automated security scanning on every PR |
| 149 | + |
| 150 | +## Coverage Reports |
| 151 | + |
| 152 | +- Coverage reports are generated for each test run |
| 153 | +- Codecov integration provides detailed coverage tracking |
| 154 | +- HTML coverage reports are generated locally with `make coverage-html` |
| 155 | +- Coverage changes are tracked and reported on PRs |
| 156 | + |
| 157 | +## Troubleshooting |
| 158 | + |
| 159 | +### Common Issues |
| 160 | + |
| 161 | +**1. Security Action Not Found** |
| 162 | +- **Issue**: `Error: Unable to resolve action securecodewarrior/github-action-gosec` |
| 163 | +- **Solution**: Use `securego/gosec@master` instead (already fixed in current config) |
| 164 | + |
| 165 | +**2. golangci-lint Configuration Errors** |
| 166 | +- **Issue**: `additional properties 'skip-dirs', 'skip-files' not allowed` |
| 167 | +- **Solution**: Use `issues.exclude-dirs` and `issues.exclude-files` instead |
| 168 | + |
| 169 | +**3. Deprecated Linters** |
| 170 | +- **Issue**: Warnings about deprecated linters like `exportloopref`, `golint` |
| 171 | +- **Solution**: Remove from configuration (automatically disabled in modern versions) |
| 172 | + |
| 173 | +**4. Test Failures (RESOLVED)** |
| 174 | +- ✅ **Fixed**: `internal/mcp/server_test.go` - Updated to use proper MCP message structure |
| 175 | +- ⚠️ **Remaining**: `internal/mcp/resources/db_resources_test.go` may have database setup conflicts |
| 176 | +- CI now runs all tests without workarounds |
| 177 | + |
| 178 | +## Badge Status |
| 179 | + |
| 180 | +Add these badges to your README.md: |
| 181 | + |
| 182 | +```markdown |
| 183 | +[](https://github.com/nipunap/sqlite-mcp-server/actions/workflows/ci.yml) |
| 184 | +[](https://codecov.io/gh/nipunap/sqlite-mcp-server) |
| 185 | +``` |
0 commit comments