simplicio-dev-cli/.github/workflows/dod.yml at master · wesleysimplicio/simplicio-dev-cli · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
# DoD gate — valida Definition of Done em todo PR antes do merge
# Verifica: coverage >= 80%, evidência Playwright presente, conventional commit,
# referência a task no body, ADR linkado se houver mudanças em architecture/
#
# Design note: este arquivo é o TEMPLATE de DoD gate que o starter copia para
# repositórios consumidores. O próprio repo `wesleysimplicio/llm-project-mapper`
# pula este job via `if: github.repository != ...` porque não tem suite Vitest
# com `coverage-summary.json`. O DoD do starter é validado por
# `scaffold-self-check.yml` (structure + CLI smoke + npm pack + shellcheck +
# PSScriptAnalyzer + unit tests cross-platform).

name: DoD Gate

on:
  pull_request:
    types: [opened, synchronize, reopened, edited]
    branches:
      - main
      - develop

concurrency:
  group: dod-${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

permissions:
  contents: read
  pull-requests: read

jobs:
  dod-check:
    name: Definition of Done
    runs-on: ubuntu-latest
    if: github.repository != 'wesleysimplicio/llm-project-mapper'
    timeout-minutes: 15
    steps:
      - name: Checkout
        uses: actions/checkout@v6
        with:
          fetch-depth: 0

      - name: Setup Node.js
        uses: actions/setup-node@v6
        with:
          node-version: 22
          cache: npm

      - name: Install dependencies
        run: npm ci

      # Roda testes com coverage para gerar relatório
      - name: Run unit tests with coverage
        run: npm test -- --coverage

      # Bloqueia se coverage < 80%
      - name: Check coverage threshold (>=80%)
        run: |
          set -euo pipefail
          if [ ! -f coverage/coverage-summary.json ]; then
            echo "::error::coverage/coverage-summary.json não encontrado. Configure o reporter json-summary no test runner."
            exit 1
          fi
          PCT=$(node -e "const c=require('./coverage/coverage-summary.json');console.log(c.total.lines.pct)")
          echo "Coverage de linhas: ${PCT}%"
          awk -v p="$PCT" 'BEGIN { if (p+0 < 80) { print "::error::Coverage abaixo de 80% (atual: " p "%)"; exit 1 } }'

      # Instala browsers e roda Playwright para gerar evidências
      - name: Install Playwright browsers
        run: npx playwright install --with-deps

      - name: Run Playwright tests
        run: npx playwright test

      # Bloqueia se evidência Playwright (junit ou test-results) não existe
      - name: Verify Playwright evidence
        run: |
          set -euo pipefail
          if [ ! -d test-results ] && [ ! -f test-results/results.xml ] && [ ! -f test-results/results.json ]; then
            echo "::error::Evidência Playwright ausente. Rode 'npx playwright test' e gere artifacts em test-results/."
            exit 1
          fi
          echo "Evidência Playwright OK em test-results/"

      # Lint do título do PR seguindo conventional commits
      - name: Validate PR title (conventional commit)
        env:
          PR_TITLE: ${{ github.event.pull_request.title }}
        run: |
          set -euo pipefail
          echo "$PR_TITLE" | npx --yes commitlint --extends @commitlint/config-conventional || {
            echo "::error::Título do PR não segue Conventional Commits (ex: feat: ..., fix: ..., chore: ...)."
            exit 1
          }

      # Verifica se PR body referencia uma task (#NNN, task-NNN.md, etc.)
      - name: Check task reference in PR body
        env:
          PR_BODY: ${{ github.event.pull_request.body }}
        run: |
          set -euo pipefail
          if [ -z "${PR_BODY:-}" ]; then
            echo "::error::PR body vazio. Inclua referência à task (ex: 'Closes #42' ou link para .specs/sprints/.../task.md)."
            exit 1
          fi
          if ! echo "$PR_BODY" | grep -Eq '(#[0-9]+|task-?[0-9]+\.md|\.specs/sprints/.+\.task\.md)'; then
            echo "::error::PR body deve referenciar uma task (#NNN, task-NNN.md ou link em .specs/sprints/)."
            exit 1
          fi

      # Se mexeu em architecture/, exige ADR linkado no body
      - name: Require ADR link when architecture changes
        env:
          PR_BODY: ${{ github.event.pull_request.body }}
          BASE_SHA: ${{ github.event.pull_request.base.sha }}
          HEAD_SHA: ${{ github.event.pull_request.head.sha }}
        run: |
          set -euo pipefail
          CHANGED=$(git diff --name-only "$BASE_SHA" "$HEAD_SHA" || true)
          if echo "$CHANGED" | grep -Eq '^\.specs/architecture/|^architecture/'; then
            echo "Mudanças detectadas em architecture/. Verificando ADR linkado..."
            if ! echo "${PR_BODY:-}" | grep -Eq '(ADR-[0-9]+|adr-[0-9]+)'; then
              echo "::error::Mudanças em architecture/ exigem ADR linkado no PR body (ex: ADR-001, ADR-042)."
              exit 1
            fi
          fi