Merge pull request #2 from chriskyfung:feature/ci-cd

feat(ci): Implement CI/CD with GitHub Actions

Author: chriskyfung

.github/dependabot.yml

@@ -0,0 +1,6 @@
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/release-drafter.yml

@@ -0,0 +1,21 @@
+categories:
+  - title: '🚀 Features'
+    labels:
+      - 'feature'
+      - 'feat'
+  - title: '🐛 Bug Fixes'
+    labels:
+      - 'fix'
+      - 'bug'
+  - title: '📝 Documentation'
+    labels:
+      - 'docs'
+      - 'documentation'
+  - title: '🔧 Maintenance'
+    labels:
+      - 'chore'
+      - 'refactor'
+template: |
+  ## What's Changed
+
+  $CHANGES

.github/workflows/ci.yml

@@ -0,0 +1,38 @@
+name: CI
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v5
+
+    - name: Dependency Review
+      uses: actions/dependency-review-action@v4
+
+    - name: Use Node.js
+      uses: actions/setup-node@v4
+      with:
+        node-version: '20'
+        cache: 'npm'
+
+    - name: Install dependencies
+      run: npm install
+
+    - name: Lint code
+      run: npm run lint
+
+    - name: Run tests and collect coverage
+      run: npm run test:coverage
+
+    - name: Upload coverage to Codecov
+      uses: codecov/codecov-action@v5
+
+    - name: Build project
+      run: npm run build

.github/workflows/codeql.yml

@@ -0,0 +1,34 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+  schedule:
+    - cron: '30 2 * * 1'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'typescript' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v5
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v3
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3

.github/workflows/release-drafter.yml

@@ -0,0 +1,16 @@
+name: Release Drafter
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  update_release_draft:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: release-drafter/release-drafter@v5
+        with:
+          config-name: release-drafter.yml
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

README.md

@@ -1,5 +1,8 @@
 # Todoist Task Reopener Cloudflare Worker
 
+[![CI](https://github.com/chriskyfung/todoist-reopener-worker/actions/workflows/ci.yml/badge.svg)](https://github.com/chriskyfung/todoist-reopener-worker/actions/workflows/ci.yml)
+[![codecov](https://codecov.io/gh/chriskyfung/todoist-reopener-worker/branch/main/graph/badge.svg)](https://codecov.io/gh/chriskyfung/todoist-reopener-worker)
+
 This project is a serverless Cloudflare Worker that automatically reopens completed Todoist tasks that have the label `tracked` or `routine`. It is designed as a robust, reliable, and secure replacement for a similar n8n workflow.
 
 <figure style="text-align: center;">
@@ -16,6 +19,15 @@ The worker runs on a schedule, checking for recently completed tasks and reopeni
 - **Secure:** Uses Cloudflare's secrets store to manage the Todoist API token.
 - **Stateless:** Does not store any data.
 
+## CI/CD
+
+This project uses GitHub Actions to automate the development workflow. The following workflows are in place:
+
+- **CI:** On every push and pull request to the `main` branch, the CI workflow runs linting, testing, and building to ensure code quality and that the project is always in a working state.
+- **CodeQL:** The CodeQL workflow runs on every push and pull request to the `main` branch to analyze the code for security vulnerabilities.
+- **Dependabot:** Dependabot is configured to automatically create pull requests to keep the project's dependencies up-to-date.
+- **Release Drafter:** The Release Drafter workflow automatically creates draft release notes as pull requests are merged, making it easier to create new releases.
+
 ## Technologies
 
 - [Cloudflare Workers](https://workers.cloudflare.com/)

docs/development_plan.md

@@ -136,4 +136,21 @@ This phase outlines the final steps to get the worker running live.
 
     ```bash
     npm run tail
-    ```
+    ```
+
+## Phase 4: CI/CD and Automation
+
+To ensure code quality, maintain security, and automate the development workflow, a CI/CD pipeline has been set up using GitHub Actions.
+
+1.  **Continuous Integration:** A CI workflow is configured to run on every push and pull request to the `main` branch. This workflow performs the following checks:
+    *   **Linting:** Ensures the code adheres to the project's coding standards.
+    *   **Testing:** Runs the test suite to verify the functionality of the worker.
+    *   **Building:** Compiles the TypeScript code to ensure it is valid.
+    *   **Dependency Review:** Scans for vulnerable dependencies to prevent introducing security risks.
+    *   **Test Coverage:** Uploads test coverage reports to Codecov to track the quality of the tests.
+
+2.  **Security Scanning:** A CodeQL workflow is set up to perform static analysis of the code to find security vulnerabilities.
+
+3.  **Dependency Management:** Dependabot is configured to automatically create pull requests to keep the project's dependencies up-to-date.
+
+4.  **Release Automation:** A Release Drafter workflow is in place to automatically create draft release notes as pull requests are merged, simplifying the release process.

docs/project_structure.md

@@ -6,6 +6,13 @@ This document outlines the file and directory structure for the Todoist Reopener
 
 ```
 .
+├── .github
+│   ├── dependabot.yml
+│   ├── release-drafter.yml
+│   └── workflows
+│       ├── ci.yml
+│       ├── codeql.yml
+│       └── release-drafter.yml
 ├── .eslintrc.cjs
 ├── Dockerfile
 ├── LICENSE
@@ -33,6 +40,14 @@ This document outlines the file and directory structure for the Todoist Reopener
 - **`src/`**: This directory holds all of your worker's source code.
   - **`index.ts`**: This is the main entry point for the worker. It will contain all the TypeScript logic that gets executed when the cron trigger fires. This includes connecting to the Todoist API, fetching completed tasks, and sending the requests to reopen them.
 
+- **`.github/`**: This directory contains all the GitHub Actions workflows and configurations.
+  - **`dependabot.yml`**: Configuration for Dependabot to automatically update dependencies.
+  - **`release-drafter.yml`**: Configuration for Release Drafter to automatically draft release notes.
+  - **`workflows/`**: This directory contains all the GitHub Actions workflows.
+    - **`ci.yml`**: The main CI/CD workflow that runs linting, testing, and building.
+    - **`codeql.yml`**: The workflow for CodeQL to analyze the code for security vulnerabilities.
+    - **`release-drafter.yml`**: The workflow for Release Drafter.
+
 - **`docs/`**: This directory contains all the project documentation.
   - **`development_plan.md`**: This document outlines the plan to migrate the n8n workflow to a robust and reliable Cloudflare Worker.
   - **`project_structure.md`**: This document outlines the file and directory structure for the Todoist Reopener Cloudflare Worker project.