CI/CD
Both repositories use GitHub Actions for continuous integration. All checks must pass before merging to main.
Backend Pipeline
The backend CI runs on every push and pull request:
yaml
# Simplified workflow
jobs:
test:
steps:
- Setup Ruby 3.4, PostgreSQL
- bundle install
- bin/rubocop # Code style
- bin/brakeman # Security scan
- bin/bundler-audit # Dependency vulnerabilities
- bundle exec rspec # Test suite
- Check coverage # SimpleCov, 80% minimumChecks
| Check | Tool | Threshold |
|---|---|---|
| Code style | RuboCop | Zero offenses |
| Security | Brakeman | Zero warnings |
| Dependencies | Bundler Audit | No known CVEs |
| Tests | RSpec | All passing |
| Coverage | SimpleCov | 80% minimum |
TIP
The backend currently has 674 specs with 99% coverage, well above the 80% minimum.
Mobile Pipeline
The mobile CI runs on every push and pull request:
yaml
# Simplified workflow
jobs:
test:
steps:
- Setup Node.js 20
- npm install
- npx tsc --noEmit # TypeScript check
- npm test # Jest test suite
- Check coverage # 30% minimumChecks
| Check | Tool | Threshold |
|---|---|---|
| Type safety | TypeScript compiler | Zero errors |
| Tests | Jest | All passing |
| Coverage | Jest coverage | 30% minimum |
The mobile coverage threshold is lower than the backend because UI components are harder to unit test and much of the app's correctness comes from TypeScript type checking.
Deployment
Deployment is not yet automated in CI. Current process:
- Backend: Manual deploy to production server
- Mobile: EAS Build + EAS Submit for App Store / Play Store releases
Branch Strategy
mainis the production branch- Feature branches are merged via pull request
- CI must pass before merge
- No force pushes to main