Skip to content

chore(ci): add ketryx reporting workflow for compliance and tracking #34

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 7, 2025
Merged

chore(ci): add ketryx reporting workflow for compliance and tracking #34

merged 1 commit into from
Nov 7, 2025

Conversation

@muhabalwan-aginx
Copy link
Contributor

@muhabalwan-aginx muhabalwan-aginx commented Oct 30, 2025
edited
Loading

Description

  • Add Ketryx Compliance Reporting Workflow
  • Implements automated test result reporting to Ketryx for regulatory compliance and quality tracking.

Changes:

  • Add new report-to-ketryx.yml reusable workflow
  • Integrate Ketryx reporting into CI/CD pipeline before releases
  • Upload test artifacts (JUnit XML) from both SDK and CLI packages
  • Configure JUnit reporter in Vitest for both packages

Workflow Triggers:

  • workflow_dispatch: Manual trigger for ad-hoc reporting
  • push on tags: Automatic reporting on SDK/CLI releases (sdk-v*, cli-v*)

Technical Details:

  • Test results uploaded from Node 20.x matrix job only
  • Ketryx action downloads artifacts and reports via API
  • Setup Ketryx API and Project ID

@muhabalwan-aginx muhabalwan-aginx self-assigned this Oct 30, 2025
Copilot AI reviewed Oct 30, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR introduces Ketryx integration for compliance reporting and updates CI/CD configurations. The changes include a new reusable Ketryx workflow, modifications to the main CI/CD pipeline to incorporate Ketryx reporting, and an automated update to license attributions.

  • Adds a new reusable Ketryx reporting workflow for compliance tracking
  • Updates CI/CD pipeline to include Ketryx reporting step and reorganizes job dependencies
  • Updates ATTRIBUTIONS.md with corrected license texts and formatting

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 4 comments.

File Description
.github/workflows/_ketryx_report.yml New reusable workflow for Ketryx compliance reporting with placeholder test execution
.github/workflows/ci-cd.yml Removes scheduled runs and CodeQL job, adds Ketryx reporting integration, updates SonarQube action version, changes NPM token references
ATTRIBUTIONS.md Automated license attribution updates with corrected license texts and copyright notices

@muhabalwan-aginx muhabalwan-aginx force-pushed the chore/TSSDK-12-setup-ketry-report-job branch 3 times, most recently from ed07ba1 to 25ceaf9 Compare October 30, 2025 16:00
github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 30, 2025
View reviewed changes
@muhabalwan-aginx muhabalwan-aginx marked this pull request as ready for review November 5, 2025 12:39
@muhabalwan-aginx muhabalwan-aginx force-pushed the chore/TSSDK-12-setup-ketry-report-job branch from c9dfdce to 9efee2d Compare November 5, 2025 12:52
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 5, 2025
View reviewed changes
@codecov
Copy link

codecov bot commented Nov 5, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.

Impacted file tree graph

@@           Coverage Diff           @@
##             main      #34   +/-   ##
=======================================
  Coverage   95.16%   95.16%           
=======================================
  Files           9        9           
  Lines        1034     1034           
  Branches      141      141           
=======================================
  Hits          984      984           
  Misses         50       50
Flag Coverage Δ
unittests 95.16% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted file tree graph

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@muhabalwan-aginx muhabalwan-aginx force-pushed the chore/TSSDK-12-setup-ketry-report-job branch 5 times, most recently from 7e01ed4 to 54b1a4f Compare November 5, 2025 13:52
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 5, 2025
View reviewed changes
muhabalwan-aginx
muhabalwan-aginx commented Nov 6, 2025
View reviewed changes
muhabalwan-aginx
muhabalwan-aginx commented Nov 6, 2025
View reviewed changes
@muhabalwan-aginx muhabalwan-aginx force-pushed the chore/TSSDK-12-setup-ketry-report-job branch from cadb918 to 1ce3f25 Compare November 6, 2025 11:02
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 6, 2025
View reviewed changes
@muhabalwan-aginx muhabalwan-aginx force-pushed the chore/TSSDK-12-setup-ketry-report-job branch from f82f032 to e01da1f Compare November 6, 2025 13:18
@muhabalwan-aginx muhabalwan-aginx force-pushed the chore/TSSDK-12-setup-ketry-report-job branch from e01da1f to d37ea65 Compare November 6, 2025 13:36
santi698
santi698 requested changes Nov 7, 2025
View reviewed changes
.github/workflows/report-to-ketryx.yml Outdated
Comment on lines 4 to 10
workflow_dispatch:
inputs:
branch:
description: 'Branch to test (leave empty for main)'
required: false
type: string
default: ''
Copy link
Collaborator

@santi698 santi698 Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
workflow_dispatch:
inputs:
branch:
description: 'Branch to test (leave empty for main)'
required: false
type: string
default: ''

.github/workflows/report-to-ketryx.yml Outdated
Comment on lines 29 to 32
push:
tags:
- 'sdk-v*' # Matches semantic-release SDK tags
- 'cli-v*' # Matches semantic-release CLI tags
Copy link
Collaborator

@santi698 santi698 Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
push:
tags:
- 'sdk-v*' # Matches semantic-release SDK tags
- 'cli-v*' # Matches semantic-release CLI tags

@muhabalwan-aginx muhabalwan-aginx force-pushed the chore/TSSDK-12-setup-ketry-report-job branch 2 times, most recently from 047af32 to de762c9 Compare November 7, 2025 10:08
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 7, 2025
View reviewed changes
.github/workflows/_report-to-ketryx.yml
Comment on lines +20 to +42
runs-on: ubuntu-latest
steps:
- name: Download SDK test results
uses: actions/download-artifact@v4
continue-on-error: true
with:
name: test-results-sdk
path: test-results/sdk/

- name: Download CLI test results
uses: actions/download-artifact@v4
continue-on-error: true
with:
name: test-results-cli
path: test-results/cli/

- name: Report to Ketryx
uses: Ketryx/ketryx-github-action@v1.4.0
with:
project: ${{ secrets.KETRYX_PROJECT }}
api-key: ${{ secrets.KETRYX_API_KEY }}
build-name: ${{ inputs.build-name }}
test-junit-path: test-results/**/*.xml

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Copilot Autofix

AI 1 day ago

To fix the issue, explicitly set the permissions: key in the workflow, limiting GITHUB_TOKEN to the minimal privileges required. Since this workflow only downloads artifacts and calls an external action, it does not require any write access to the repository contents or metadata. The minimal required permission is likely contents: read. Insert permissions: contents: read at the top level of the workflow, below the name key but above on:, so that the permission applies to all jobs within the workflow. No other changes are required; do not grant broader access unless a particular step or action clearly requires it.

Suggested changeset 1
.github/workflows/_report-to-ketryx.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/_report-to-ketryx.yml b/.github/workflows/_report-to-ketryx.yml
--- a/.github/workflows/_report-to-ketryx.yml
+++ b/.github/workflows/_report-to-ketryx.yml
@@ -1,4 +1,6 @@
 name: 'Ketryx report'
+permissions:
+  contents: read
 
 on:
     workflow_call:
EOF
@@ -1,4 +1,6 @@
name: 'Ketryx report'
permissions:
contents: read

on:
workflow_call:
Copilot is powered by AI and may make mistakes. Always verify output.
@muhabalwan-aginx muhabalwan-aginx force-pushed the chore/TSSDK-12-setup-ketry-report-job branch from de762c9 to 9414324 Compare November 7, 2025 10:13
@muhabalwan-aginx muhabalwan-aginx force-pushed the chore/TSSDK-12-setup-ketry-report-job branch from 9414324 to 8da4df4 Compare November 7, 2025 12:07
@sonarqubecloud
Copy link

sonarqubecloud bot commented Nov 7, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@muhabalwan-aginx muhabalwan-aginx merged commit 8cb13e0 into main Nov 7, 2025
12 checks passed
@muhabalwan-aginx muhabalwan-aginx deleted the chore/TSSDK-12-setup-ketry-report-job branch November 7, 2025 12:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@santi698 santi698 santi698 approved these changes

Assignees

@muhabalwan-aginx muhabalwan-aginx

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@muhabalwan-aginx @santi698