lattice/.github/workflows/ci.yml at main · forkzero/lattice · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
name: CI

on:
  push:
    branches: [main]
  pull_request:
    branches: [main]
  workflow_call:

env:
  CARGO_TERM_COLOR: always
  RUSTFLAGS: "-Dwarnings"

jobs:
  ci:
    name: Build, Test, Lint
    runs-on: ubuntu-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Install Rust toolchain
        uses: dtolnay/rust-toolchain@stable
        with:
          components: rustfmt, clippy

      - name: Cache cargo registry
        uses: actions/cache@v4
        with:
          path: |
            ~/.cargo/registry
            ~/.cargo/git
            target
          key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
          restore-keys: |
            ${{ runner.os }}-cargo-

      - name: Check formatting
        run: cargo fmt --all -- --check

      - name: Run clippy
        run: cargo clippy --all-targets --all-features -- -D warnings

      - name: Build
        run: cargo build --verbose

      - name: Run tests
        run: cargo test --verbose

      - name: Build release
        run: cargo build --release

      - name: Upload release binary
        uses: actions/upload-artifact@v4
        with:
          name: lattice-linux
          path: target/release/lattice

  # Validate lattice structure (self-describing)
  validate-lattice:
    name: Validate Lattice Structure
    runs-on: ubuntu-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Validate YAML syntax
        run: |
          # Install yaml validator
          npm install -g yaml-lint

          # Validate all lattice YAML files
          find .lattice -name "*.yaml" -exec yaml-lint {} \;

      - name: Check required fields
        run: |
          # Ensure all nodes have required fields
          for file in $(find .lattice/requirements .lattice/theses .lattice/sources -name "*.yaml"); do
            echo "Checking $file..."

            # Check for required fields using grep
            if ! grep -q "^id:" "$file"; then
              echo "ERROR: $file missing 'id' field"
              exit 1
            fi

            if ! grep -q "^title:" "$file"; then
              echo "ERROR: $file missing 'title' field"
              exit 1
            fi

            if ! grep -q "^status:" "$file"; then
              echo "ERROR: $file missing 'status' field"
              exit 1
            fi
          done

          echo "All lattice nodes have required fields"

  # Test CLI against actual lattice
  cli-smoke-test:
    name: CLI Smoke Test
    runs-on: ubuntu-latest
    needs: ci

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Download release binary
        uses: actions/download-artifact@v4
        with:
          name: lattice-linux
          path: bin

      - name: Smoke test - version
        run: chmod +x bin/lattice && bin/lattice --version

      - name: Smoke test - list requirements
        run: bin/lattice list requirements

      - name: Smoke test - list theses
        run: bin/lattice list theses

      - name: Smoke test - list sources
        run: bin/lattice list sources

      - name: Smoke test - get requirement
        run: bin/lattice get REQ-CICD-001

      - name: Smoke test - drift check
        run: bin/lattice drift

      - name: Smoke test - export overview
        run: bin/lattice export --audience overview

      - name: Smoke test - export contributor
        run: bin/lattice export --audience contributor

  # End-to-end integration test (full CLI workflow from scratch)
  e2e-test:
    name: E2E Integration Test
    runs-on: ubuntu-latest
    needs: ci

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Download release binary
        uses: actions/download-artifact@v4
        with:
          name: lattice-linux
          path: bin

      - name: Run e2e tests
        run: |
          chmod +x bin/lattice
          export PATH="$PWD/bin:$PATH"
          bash tests/docker/e2e-test.sh

  # Code coverage measurement
  coverage:
    name: Code Coverage
    runs-on: ubuntu-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Install Rust toolchain
        uses: dtolnay/rust-toolchain@stable

      - name: Cache cargo
        uses: actions/cache@v4
        with:
          path: |
            ~/.cargo/registry
            ~/.cargo/git
            target
          key: ${{ runner.os }}-cargo-coverage-${{ hashFiles('**/Cargo.lock') }}

      - name: Install cargo-tarpaulin
        uses: taiki-e/install-action@v2
        with:
          tool: cargo-tarpaulin

      - name: Run coverage with threshold
        run: cargo tarpaulin --fail-under 40 --out Html --output-dir coverage

      - name: Upload coverage artifact
        uses: actions/upload-artifact@v4
        if: always()
        with:
          name: coverage-report
          path: coverage/