This directory contains the continuous integration and deployment configuration for the Attention Trainer Extension.
Our CI/CD pipeline ensures code quality, security, and reliability through automated testing and deployment processes.
- Testing - Unit, integration, and E2E tests
- Building - Production-ready extension packaging
- Security Scanning - Vulnerability and secret detection
- Performance Analysis - Bundle size and performance metrics
- Deployment - Automated Chrome Web Store publishing
.github/
├── workflows/
│ └── ci.yml # Main CI/CD pipeline
├── dependabot.yml # Automated dependency updates
├── pull_request_template.md # PR template for consistent reviews
└── README.md # This file
- Push to main/develop: Full CI pipeline
- Pull Requests: Tests, build, and performance analysis
- Releases: Full pipeline + Chrome Web Store deployment
- Scheduled: Weekly health checks and dependency updates
- Workflow Dispatch: Manual pipeline execution
- Release Creation: Production deployment
- Framework: Jest with Chrome extension mocking
- Coverage: 80%+ line coverage required
- Scope: Individual module testing
- Focus: Component interaction testing
- Scenarios: Content script behavioral analysis
- Environment: Simulated browser environment
- Tool: Puppeteer with real Chrome browser
- Scope: Complete extension workflow
- Validation: User interaction simulation
- npm audit: Dependency vulnerability scanning
- TruffleHog: Secret detection in code and builds
- Custom checks: Sensitive data in production builds
Configure these secrets in your GitHub repository:
# Chrome Web Store API
CHROME_EXTENSION_ID=your_extension_id
CHROME_CLIENT_ID=your_client_id
CHROME_CLIENT_SECRET=your_client_secret
CHROME_REFRESH_TOKEN=your_refresh_token
# Code Coverage
CODECOV_TOKEN=your_codecov_token
# Notifications (optional)
SLACK_WEBHOOK=your_slack_webhook- Limit: 5MB (Chrome Web Store requirement)
- Monitoring: Automatic size checking in PRs
- Reporting: Performance reports generated
- Memory Usage: Extension memory footprint
- Load Time: Extension initialization time
- Responsiveness: UI interaction performance
- Feature Branch → Create from develop
- Pull Request → Tests and reviews
- Merge to Develop → Staging deployment
- Release → Production deployment
- Create Release → Triggers production pipeline
- Build & Test → All tests must pass
- Security Scan → No vulnerabilities allowed
- Chrome Web Store → Automated publishing
# Install dependencies
npm install
# Run all tests
npm test
# Run specific test suites
npm run test:unit
npm run test:integration
npm run test:e2e
# Check code quality
npm run lint
npm run security:audit
# Build for testing
npm run build
npm run test:performance- All tests pass locally
- Linting passes
- No security vulnerabilities
- Bundle size within limits
- Extension functionality verified
- Frequency: Weekly scheduled runs
- Coverage: Full test suite execution
- Alerts: Slack notifications on failures
- Automation: Dependabot weekly updates
- Security: Automatic security fixes
- Testing: Full test suite on updates
- Review and update dependencies quarterly
- Monitor for new security scanning tools
- Optimize build times and resource usage
Tests Failing in CI but Pass Locally
- Check Node.js version compatibility
- Verify environment variables
- Review browser compatibility
Build Size Exceeding Limits
- Run
npm run analyzefor bundle analysis - Review performance recommendations
- Consider code splitting
Chrome Web Store Deployment Failing
- Verify API credentials
- Check extension manifest validity
- Review Chrome Web Store policies
# Analyze bundle size
npm run analyze
# Run tests with verbose output
npm test -- --verbose
# Check security issues
npm run security:audit
# Validate extension
npm run build && npm run validateFor pipeline issues or questions:
- Create an issue in the repository
- Check existing workflow runs for errors
- Review this documentation
- GitHub Actions Documentation
- Chrome Web Store Developer Policies
- Jest Testing Framework
- Puppeteer E2E Testing
Last updated: 2024-01-15