Raypx

Raypx uses GitHub Actions for continuous integration. The workflow runs on every push and pull request to main, ensuring that code passes linting, type checking, tests, and a production build before merging.

Workflow Overview

The CI pipeline is defined in .github/workflows/ci.yml and consists of three jobs:

check ─────┐
           ├── build
test  ─────┘

The build job only runs after both check and test pass successfully.

Jobs

1. Lint & Type Check (`check`)

Runs Biome linting and TypeScript type checking:

check:
  name: Lint & Type Check
  runs-on: ubuntu-latest
  steps:
    - uses: actions/checkout@v4
    - uses: pnpm/action-setup@v4
      with:
        version: 10.33.0
    - uses: actions/setup-node@v4
      with:
        node-version: 22
        cache: pnpm
    - run: pnpm install --frozen-lockfile
    - run: pnpm check
    - run: pnpm typecheck

The pnpm check command runs Biome in check-and-fix mode. The pnpm typecheck command runs tsc --noEmit across the entire project.

2. Test (`test`)

Runs the full test suite with Vitest:

test:
  name: Test
  runs-on: ubuntu-latest
  steps:
    - uses: actions/checkout@v4
    - uses: pnpm/action-setup@v4
      with:
        version: 10.33.0
    - uses: actions/setup-node@v4
      with:
        node-version: 22
        cache: pnpm
    - run: pnpm install --frozen-lockfile
    - run: pnpm test

3. Build (`build`)

Runs the production build to catch any build-time errors:

build:
  name: Build
  runs-on: ubuntu-latest
  needs: [check, test]
  steps:
    - uses: actions/checkout@v4
    - uses: pnpm/action-setup@v4
      with:
        version: 10.33.0
    - uses: actions/setup-node@v4
      with:
        node-version: 22
        cache: pnpm
    - run: pnpm install --frozen-lockfile
    - run: pnpm build

All three jobs use pnpm install --frozen-lockfile to ensure the exact dependency versions from pnpm-lock.yaml are installed. If the lockfile is out of sync, the CI will fail.

Concurrency

The workflow uses concurrency groups to avoid wasting resources on redundant runs:

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

When you push a new commit to a pull request, any in-progress CI run for that same branch is cancelled automatically. Only the latest commit's run completes.

Runtime Versions

Tool	Version
Node.js	22
pnpm	10.33.0
OS	Ubuntu Latest

These versions match the project's pinned versions in package.json and the Dockerfile.

Dependabot

Raypx includes Dependabot configuration in .github/dependabot.yml:

version: 2
updates:
  - package-ecosystem: npm
    directory: /
    schedule:
      interval: weekly
    commit-message:
      prefix: "deps"
    labels:
      - dependencies
    review-dependabot-prs: false

Dependabot opens pull requests weekly to update npm dependencies. PRs are labeled with dependencies and prefixed with deps in the commit message.

Local Pre-Commit Hooks

Lefthook runs additional checks locally before you commit or push code. See Tooling for the full hook configuration.

Hook	What Runs
`pre-commit`	Biome lint + format (parallel with typecheck)
`pre-push`	Vitest test suite

The pre-commit hook auto-fixes formatting issues and stages the changes. The pre-push hook blocks the push if any test fails.

Adding Custom CI Steps

To extend the CI workflow, edit .github/workflows/ci.yml. Common additions include:

Deploy step: Add a job that runs after build to deploy the .output/ directory to your hosting platform.
Database checks: Add a PostgreSQL service container and run db:push or db:migrate before tests.
E2E tests: Add a Playwright or Cypress job that runs against the built output.

CI/CD