platform/portal
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ci(portal): fix pnpm test invocation + inject AUTH_SECRET at build
ci / image (pull_request) Has been skipped
Details
ci / shared (pull_request) Successful in 4s
Details
ci / test (pull_request) Successful in 27s
Details
ci / e2e (pull_request) Has been skipped
Details

Browse Source 
Two CI bugs the M0.2 ci-typescript.yaml template carried into portal:

1. 'pnpm test --coverage' is parsed as a pnpm option, not script args
   ('Unknown option: coverage'). Drop the extra flag; the package.json
   test script already runs 'vitest run --coverage'.

2. 'next build' requires AUTH_SECRET at compile time because Auth.js
   v5 reads it during route generation. Inject a per-build dummy
   secret in CI (production gets the real one via Orca env from
   Infisical).

Refs: M5.1
This commit is contained in:
Sharang Parnerkar
2026-05-18 23:06:21 +02:00
parent 398e5c85b7
commit fdfc45f1c9
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/ci.yaml
+8 -2
View File
@@ -72,11 +72,17 @@ jobs:
- run: pnpm install --frozen-lockfile
- run: pnpm lint
- run: pnpm typecheck
- run: pnpm test --coverage
# `pnpm test` already includes --coverage via the package.json script.
- run: pnpm test
- name: coverage gate
run: |
node -e "const c=require('./coverage/coverage-summary.json').total.lines.pct; if (c<70) { console.error('coverage', c, '< 70%'); process.exit(1) }"
- run: pnpm build
- name: build
env:
# Required at build-time by Auth.js. Replaced by Infisical-sourced
# secret in stage/prod via Orca env injection (M5.1+).
AUTH_SECRET: ci-build-dummy-${{ github.sha }}
run: pnpm build
e2e:
needs: test