ci(deps): bump actions/setup-node from 4 to 6 (#3) #17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 🔍 Validate OpenAPI Specification | |
| on: | |
| push: | |
| branches: [ main ] | |
| pull_request: | |
| branches: [ main ] | |
| paths: | |
| - 'leadmagic-openapi-3.1.yaml' | |
| - 'leadmagic-openapi-3.1.json' | |
| - 'test-api.ts' | |
| - 'package.json' | |
| - 'package-lock.json' | |
| - 'tsconfig.json' | |
| jobs: | |
| validate-spec: | |
| name: Validate OpenAPI Specification | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 📥 Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: 🔧 Setup Node.js | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: '22' | |
| - name: 📦 Install repo dependencies | |
| run: npm install | |
| - name: 📦 Install Swagger CLI | |
| run: npm install -g @apidevtools/swagger-cli | |
| - name: ✅ Validate YAML specification | |
| run: swagger-cli validate leadmagic-openapi-3.1.yaml | |
| - name: ✅ Validate JSON specification | |
| run: swagger-cli validate leadmagic-openapi-3.1.json | |
| - name: 🔄 Check YAML/JSON sync | |
| run: | | |
| # Simple validation that both files are valid and roughly the same size | |
| yaml_size=$(wc -c < leadmagic-openapi-3.1.yaml) | |
| json_size=$(wc -c < leadmagic-openapi-3.1.json) | |
| echo "📊 YAML size: $yaml_size bytes" | |
| echo "📊 JSON size: $json_size bytes" | |
| # JSON should be larger than YAML (more verbose format) | |
| if [ "$json_size" -gt "$yaml_size" ]; then | |
| echo "✅ File sizes are reasonable - JSON larger than YAML as expected" | |
| else | |
| echo "⚠️ Unexpected file size ratio - manual sync check recommended" | |
| fi | |
| - name: 🧠 Typecheck smoke test script | |
| run: npm run typecheck | |
| - name: 🧪 Run dry test (without API key) | |
| run: | | |
| # Test that the script safely fails in CI when no key or interactive prompt is available | |
| output=$(npm run test:api 2>&1 || true) | |
| if echo "$output" | grep -q "Set LEADMAGIC_API_KEY or run this script in an interactive terminal"; then | |
| echo "✅ Test script safely requires a key in CI" | |
| else | |
| echo "❌ Test script should fail safely without exposing key input" | |
| exit 1 | |
| fi | |
| lint-spec: | |
| name: Lint OpenAPI with Spectral | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 📥 Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: 🔧 Setup Node.js | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: '22' | |
| - name: 📦 Install Spectral | |
| run: npm install | |
| - name: 🔍 Lint OpenAPI specification | |
| run: npm run lint:openapi | |
| check-examples: | |
| name: Validate Examples Format | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 📥 Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: 🔧 Setup Node.js | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: '22' | |
| - name: ✅ Check for OpenAPI 3.1 examples format | |
| run: | | |
| # Detect the deprecated singular 'example:' / '"example":' fields from OpenAPI 3.0 | |
| # without matching the valid 3.1 'examples:' / '"examples":' form. | |
| if grep -nE '(^|[^s])"example"[[:space:]]*:|(^|[^s])example[[:space:]]*:' \ | |
| leadmagic-openapi-3.1.yaml leadmagic-openapi-3.1.json; then | |
| echo "❌ Found deprecated 'example' fields. Use 'examples' for OpenAPI 3.1" | |
| exit 1 | |
| else | |
| echo "✅ All examples use OpenAPI 3.1 'examples' format" | |
| fi | |
| - name: 📊 Count examples | |
| run: | | |
| yaml_examples=$(grep -c "examples:" leadmagic-openapi-3.1.yaml || echo "0") | |
| json_examples=$(grep -c '"examples":' leadmagic-openapi-3.1.json || echo "0") | |
| echo "📊 YAML examples: $yaml_examples" | |
| echo "📊 JSON examples: $json_examples" | |
| echo "✅ Example count validation complete" | |
| documentation-check: | |
| name: Documentation Quality Check | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 📥 Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: 📚 Check README completeness | |
| run: | | |
| required_sections=( | |
| "Authentication" | |
| "Base URL" | |
| "Credit Consumption" | |
| "Testing & Validation" | |
| "Use Case Examples" | |
| ) | |
| for section in "${required_sections[@]}"; do | |
| if grep -q "$section" README.md; then | |
| echo "✅ Found section: $section" | |
| else | |
| echo "❌ Missing section: $section" | |
| exit 1 | |
| fi | |
| done | |
| - name: 🔗 Check for hardcoded credentials | |
| run: | | |
| # Check for common API key patterns in critical files | |
| if grep -r "sk-[a-zA-Z0-9]\{48\}\|api_key.*=.*[a-zA-Z0-9]\{10,\}" test-api.ts leadmagic-openapi-3.1.yaml leadmagic-openapi-3.1.json; then | |
| echo "❌ Found potential hardcoded credentials in specification or test files" | |
| exit 1 | |
| else | |
| echo "✅ No hardcoded credentials found in critical files" | |
| fi | |
| - name: 📏 Check file sizes | |
| run: | | |
| yaml_size=$(stat -c%s leadmagic-openapi-3.1.yaml) | |
| json_size=$(stat -c%s leadmagic-openapi-3.1.json) | |
| readme_size=$(stat -c%s README.md) | |
| echo "📊 File sizes:" | |
| echo " YAML: $yaml_size bytes" | |
| echo " JSON: $json_size bytes" | |
| echo " README: $readme_size bytes" | |
| # Ensure files aren't empty | |
| if [ "$yaml_size" -lt 1000 ] || [ "$json_size" -lt 1000 ] || [ "$readme_size" -lt 1000 ]; then | |
| echo "❌ One or more files appear to be too small" | |
| exit 1 | |
| fi | |
| echo "✅ All files have reasonable sizes" |