-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add GitHub workflow for CI/CD #2
Conversation
Add GitHub workflow for CI/CD to continually test the code and security scan the repo. * **src/github/index.ts** - Add `runTests` function to run tests using GitHub Actions. - Add `scanSecurity` function to scan the repository for security vulnerabilities. - Update `ListToolsRequestSchema` handler to include the new tools `run_tests` and `scan_security`. * **src/github/schemas.ts** - Add `RunTestsSchema` for the `run_tests` tool. - Add `ScanSecuritySchema` for the `scan_security` tool. * **src/github/package.json** - Add dependencies for running tests (`jest`) and security scans (`eslint`). * **.github/workflows/github-actions.yml** - Create a new GitHub Actions workflow file to run tests and security scans on push and pull request events. --- For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/tblakex01/mcpservers?shareId=XXXX-XXXX-XXXX-XXXX).
Reviewer's Guide by SourceryThis PR implements a CI/CD pipeline using GitHub Actions. The implementation adds two new tools to trigger tests and security scans, along with the necessary GitHub workflow configuration. The changes include new API endpoints to trigger the workflows, schema definitions for the new tools, and package dependencies for testing and security scanning. Sequence diagram for triggering GitHub Actions workflowssequenceDiagram
actor Developer
participant Server
participant GitHubAPI
Developer->>Server: Request to run tests
Server->>GitHubAPI: POST /repos/{owner}/{repo}/actions/workflows/run-tests.yml/dispatches
GitHubAPI-->>Server: Response
Server-->>Developer: Success/Failure
Developer->>Server: Request to scan security
Server->>GitHubAPI: POST /repos/{owner}/{repo}/actions/workflows/scan-security.yml/dispatches
GitHubAPI-->>Server: Response
Server-->>Developer: Success/Failure
Class diagram for new schemas in GitHub CI/CDclassDiagram
class RunTestsSchema {
+string branch
}
class ScanSecuritySchema {
+string branch
}
class RepoParamsSchema {
<<abstract>>
}
RunTestsSchema --|> RepoParamsSchema
ScanSecuritySchema --|> RepoParamsSchema
File-Level Changes
Tips and commandsInteracting with Sourcery
Customizing Your ExperienceAccess your dashboard to:
Getting Help
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @tblakex01 - I've reviewed your changes - here's some feedback:
Overall Comments:
- Consider documenting the required scopes for GITHUB_PERSONAL_ACCESS_TOKEN and implementing proper token security practices (e.g., using GITHUB_TOKEN for workflows where possible).
- The security scanning could be enhanced beyond npm audit - consider adding ESLint security plugins or dedicated security scanning tools like Snyk or SonarQube.
Here's what I looked at during the review
- 🟡 General issues: 2 issues found
- 🟢 Security: all looks good
- 🟢 Testing: all looks good
- 🟢 Complexity: all looks good
- 🟢 Documentation: all looks good
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.
@@ -780,6 +782,52 @@ async function generateAnalytics( | |||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
suggestion: Consider extracting common GitHub API call logic into a reusable function to avoid duplication
Both runTests and scanSecurity share very similar API call logic. Consider creating a helper function like triggerGitHubWorkflow(owner, repo, workflow, branch)
to reduce duplication and make future maintenance easier.
async function triggerGitHubWorkflow(owner: string, repo: string, workflow: string, ref: string = "main"): Promise<Response> {
return fetch(
`https://api.github.com/repos/${owner}/${repo}/actions/workflows/${workflow}/dispatches`,
{
method: "POST",
headers: {
"Authorization": `token ${GITHUB_PERSONAL_ACCESS_TOKEN}`,
"Accept": "application/vnd.github.v3+json",
"User-Agent": "github-mcp-server",
"Content-Type": "application/json"
},
body: JSON.stringify({ ref })
}
);
}
); | ||
|
||
if (!response.ok) { | ||
throw new Error(`GitHub API error: ${response.statusText}`); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
suggestion: Enhance error handling to include response body details
GitHub API often provides detailed error information in the response body. Consider extracting and including this information in the error message for better debugging.
throw new Error(`GitHub API error: ${response.statusText}`); | |
const errorBody = await response.text(); | |
throw new Error(`GitHub API error: ${response.statusText} - ${errorBody}`); |
* Add a `preinstall` script that runs `npm install` to ensure the `package-lock.json` is in sync with `package.json`
* **runTests**: Add a new function to run tests using GitHub Actions, with an optional `branch` parameter. * **scanSecurity**: Add a new function to scan the repository for security vulnerabilities, with an optional `branch` parameter. * **ListToolsRequestSchema**: Update the handler to include the new tools `run_tests` and `scan_security`, and pass the `branch` parameter to the respective functions.
Add GitHub workflow for CI/CD to continually test the code and security scan the repo.
src/github/index.ts
runTests
function to run tests using GitHub Actions.scanSecurity
function to scan the repository for security vulnerabilities.ListToolsRequestSchema
handler to include the new toolsrun_tests
andscan_security
.src/github/schemas.ts
RunTestsSchema
for therun_tests
tool.ScanSecuritySchema
for thescan_security
tool.src/github/package.json
jest
) and security scans (eslint
)..github/workflows/github-actions.yml
For more details, open the Copilot Workspace session.
Summary by Sourcery
Implement a CI/CD pipeline using GitHub Actions to automate testing and security scanning for the repository. Add new functions and schemas to support these operations and update the project dependencies accordingly.
New Features:
Enhancements:
runTests
andscanSecurity
functions to trigger GitHub Actions workflows for testing and security scanning.ListToolsRequestSchema
handler to include new tools for running tests and scanning security.Build:
jest
andeslint
as dependencies for testing and security scanning.CI: