Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add GitHub workflow for CI/CD #2

Merged
merged 3 commits into from
Dec 1, 2024

Conversation

tblakex01
Copy link
Owner

@tblakex01 tblakex01 commented Dec 1, 2024

Add GitHub workflow for CI/CD to continually test the code and security scan the repo.

  • src/github/index.ts

    • Add runTests function to run tests using GitHub Actions.
    • Add scanSecurity function to scan the repository for security vulnerabilities.
    • Update ListToolsRequestSchema handler to include the new tools run_tests and scan_security.
  • src/github/schemas.ts

    • Add RunTestsSchema for the run_tests tool.
    • Add ScanSecuritySchema for the scan_security tool.
  • src/github/package.json

    • Add dependencies for running tests (jest) and security scans (eslint).
  • .github/workflows/github-actions.yml

    • Create a new GitHub Actions workflow file to run tests and security scans on push and pull request events.

For more details, open the Copilot Workspace session.

Summary by Sourcery

Implement a CI/CD pipeline using GitHub Actions to automate testing and security scanning for the repository. Add new functions and schemas to support these operations and update the project dependencies accordingly.

New Features:

  • Introduce a GitHub Actions workflow to automate testing and security scanning on code pushes and pull requests.

Enhancements:

  • Add runTests and scanSecurity functions to trigger GitHub Actions workflows for testing and security scanning.
  • Update ListToolsRequestSchema handler to include new tools for running tests and scanning security.

Build:

  • Add jest and eslint as dependencies for testing and security scanning.

CI:

  • Create a GitHub Actions workflow file to run tests and security scans on push and pull request events.

Add GitHub workflow for CI/CD to continually test the code and security scan the repo.

* **src/github/index.ts**
  - Add `runTests` function to run tests using GitHub Actions.
  - Add `scanSecurity` function to scan the repository for security vulnerabilities.
  - Update `ListToolsRequestSchema` handler to include the new tools `run_tests` and `scan_security`.

* **src/github/schemas.ts**
  - Add `RunTestsSchema` for the `run_tests` tool.
  - Add `ScanSecuritySchema` for the `scan_security` tool.

* **src/github/package.json**
  - Add dependencies for running tests (`jest`) and security scans (`eslint`).

* **.github/workflows/github-actions.yml**
  - Create a new GitHub Actions workflow file to run tests and security scans on push and pull request events.

---

For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/tblakex01/mcpservers?shareId=XXXX-XXXX-XXXX-XXXX).
Copy link

sourcery-ai bot commented Dec 1, 2024

Reviewer's Guide by Sourcery

This PR implements a CI/CD pipeline using GitHub Actions. The implementation adds two new tools to trigger tests and security scans, along with the necessary GitHub workflow configuration. The changes include new API endpoints to trigger the workflows, schema definitions for the new tools, and package dependencies for testing and security scanning.

Sequence diagram for triggering GitHub Actions workflows

sequenceDiagram
    actor Developer
    participant Server
    participant GitHubAPI
    Developer->>Server: Request to run tests
    Server->>GitHubAPI: POST /repos/{owner}/{repo}/actions/workflows/run-tests.yml/dispatches
    GitHubAPI-->>Server: Response
    Server-->>Developer: Success/Failure
    Developer->>Server: Request to scan security
    Server->>GitHubAPI: POST /repos/{owner}/{repo}/actions/workflows/scan-security.yml/dispatches
    GitHubAPI-->>Server: Response
    Server-->>Developer: Success/Failure
Loading

Class diagram for new schemas in GitHub CI/CD

classDiagram
    class RunTestsSchema {
        +string branch
    }
    class ScanSecuritySchema {
        +string branch
    }
    class RepoParamsSchema {
        <<abstract>>
    }
    RunTestsSchema --|> RepoParamsSchema
    ScanSecuritySchema --|> RepoParamsSchema
Loading

File-Level Changes

Change Details Files
Implementation of new GitHub Actions workflow triggers
  • Added runTests function to trigger test workflow via GitHub API
  • Added scanSecurity function to trigger security scan workflow via GitHub API
  • Both functions use POST requests to dispatch workflow events
  • Added error handling for failed API requests
src/github/index.ts
Schema definitions for new tools
  • Added RunTestsSchema with optional branch parameter
  • Added ScanSecuritySchema with optional branch parameter
  • Added type exports for new schemas
src/github/schemas.ts
Tool registration in ListTools handler
  • Added run_tests tool with description and schema
  • Added scan_security tool with description and schema
  • Implemented tool handlers in CallToolRequestSchema
src/github/index.ts
GitHub Actions workflow configuration
  • Created workflow triggered on push and pull request to main branch
  • Configured run-tests job with Node.js setup and test execution
  • Configured scan-security job with Node.js setup and npm audit
.github/workflows/github-actions.yml
Package dependencies update
  • Added jest for testing
  • Added eslint for security scanning
src/github/package.json

Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time. You can also use
    this command to specify where the summary should be inserted.

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @tblakex01 - I've reviewed your changes - here's some feedback:

Overall Comments:

  • Consider documenting the required scopes for GITHUB_PERSONAL_ACCESS_TOKEN and implementing proper token security practices (e.g., using GITHUB_TOKEN for workflows where possible).
  • The security scanning could be enhanced beyond npm audit - consider adding ESLint security plugins or dedicated security scanning tools like Snyk or SonarQube.
Here's what I looked at during the review
  • 🟡 General issues: 2 issues found
  • 🟢 Security: all looks good
  • 🟢 Testing: all looks good
  • 🟢 Complexity: all looks good
  • 🟢 Documentation: all looks good

Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

@@ -780,6 +782,52 @@ async function generateAnalytics(
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion: Consider extracting common GitHub API call logic into a reusable function to avoid duplication

Both runTests and scanSecurity share very similar API call logic. Consider creating a helper function like triggerGitHubWorkflow(owner, repo, workflow, branch) to reduce duplication and make future maintenance easier.

async function triggerGitHubWorkflow(owner: string, repo: string, workflow: string, ref: string = "main"): Promise<Response> {
  return fetch(
    `https://api.github.com/repos/${owner}/${repo}/actions/workflows/${workflow}/dispatches`,
    {
      method: "POST",
      headers: {
        "Authorization": `token ${GITHUB_PERSONAL_ACCESS_TOKEN}`,
        "Accept": "application/vnd.github.v3+json",
        "User-Agent": "github-mcp-server",
        "Content-Type": "application/json"
      },
      body: JSON.stringify({ ref })
    }
  );
}

);

if (!response.ok) {
throw new Error(`GitHub API error: ${response.statusText}`);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion: Enhance error handling to include response body details

GitHub API often provides detailed error information in the response body. Consider extracting and including this information in the error message for better debugging.

Suggested change
throw new Error(`GitHub API error: ${response.statusText}`);
const errorBody = await response.text();
throw new Error(`GitHub API error: ${response.statusText} - ${errorBody}`);

* Add a `preinstall` script that runs `npm install` to ensure the `package-lock.json` is in sync with `package.json`
* **runTests**: Add a new function to run tests using GitHub Actions, with an optional `branch` parameter.
* **scanSecurity**: Add a new function to scan the repository for security vulnerabilities, with an optional `branch` parameter.
* **ListToolsRequestSchema**: Update the handler to include the new tools `run_tests` and `scan_security`, and pass the `branch` parameter to the respective functions.
@tblakex01 tblakex01 merged commit c167ecc into enhance-github-server Dec 1, 2024
9 of 20 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant