Adds the §1.2 scaffolding required by IMPLEMENTATION_PLAN.md M0.1: README, CONTRIBUTING, CODEOWNERS, CHANGELOG, PR + issue templates, CI workflow, release workflow, LICENSE, commitlint, cliff config, .editorconfig, .gitignore, .env.example. Refs: M0.1
This commit is contained in:
@@ -0,0 +1,31 @@
|
||||
# CI skeleton (TypeScript shape; no app code yet).
|
||||
# Lights up to commitlint + gitleaks + trivy fs scan. Add lint/test/build jobs
|
||||
# when this repo grows real package code.
|
||||
name: ci
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
branches: [main]
|
||||
push:
|
||||
branches: [main]
|
||||
|
||||
jobs:
|
||||
shared:
|
||||
runs-on: docker
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with: { fetch-depth: 0 }
|
||||
|
||||
- name: commitlint (PR only)
|
||||
if: github.event_name == 'pull_request'
|
||||
uses: wagoid/commitlint-github-action@v6
|
||||
|
||||
- name: gitleaks
|
||||
uses: gitleaks/gitleaks-action@v2
|
||||
|
||||
- name: trivy fs scan
|
||||
uses: aquasecurity/trivy-action@master
|
||||
with:
|
||||
scan-type: fs
|
||||
severity: HIGH,CRITICAL
|
||||
exit-code: 1
|
||||
Reference in New Issue
Block a user