Yomu
CI/CD

CI/CD Pipeline

Gambaran pipeline Continuous Integration dan Continuous Deployment di ketiga subproyek

Dokumen ini menjelaskan pipeline CI/CD di ketiga subproyek Yomu. Setiap subproyek mempertahankan workflow GitHub Actions sendiri, tanpa workflow di level root.

linters

Kualitas Utama

PMD 7.0.0, clippy, ESLint menegakkan standar kode. JaCoCo ≥80%, pelacakan tarpaulin.

shield

Keamanan Diperkuat

OWASP DepCheck CVSS ≥9.0 memblokir build. Pemindaian mingguan cargo-audit + cargo-deny. Upload SARIF ke tab GitHub Security.

container

Docker Teroptimasi

Multi-stage build di semua subproyek. Java menggunakan eclipse-temurin:21-jre, Rust alpine:3.20, Frontend node:24-slim.

rocket

Deployment

Java → Heroku (staging + production). Rust + Frontend → GHCR (multi-arch: amd64, arm64).

Matriks Layanan

SubproyekCI WorkflowRelease WorkflowSecurity WorkflowCD Workflow
Javaci.ymlrelease.ymlsecurity-audit.ymlcd.yml
Rustci.ymlrelease.ymlsecurity-audit.yml
Frontendci.ymlrelease.yml

Prinsip Utama

code

Formatting

Java: Gradle Spotless. Rust: cargo fmt dengan lebar 100 karakter. Frontend: Prettier via ESLint.

book

Linting

Java: PMD 7.0.0 (prioritas 5). Rust: clippy (MSRV 1.85). Frontend: ESLint (belum ada framework test).

test

Testing

Java: JUnit 5 + MockMvc (H2 in-memory DB). Rust: nextest (7 test binaries, 2 retry, timeout 120 detik). Frontend: belum dikonfigurasi.

shield-check

Pemindaian Keamanan

Java: OWASP DepCheck (CVSS ≥9.0 memblokir). Rust: cargo-audit + cargo-deny (whitelist deny.toml). Selalu di branch main dan mingguan.

docker

Docker Build

Semua subproyek menggunakan multi-stage Dockerfile. Java: 2 stage (builder + runner). Rust: 3 stage. Frontend: 3 stage dengan health check.

cloud

Deployment

Java → Heroku (dipicu oleh workflow_run). Rust + Frontend → GHCR saja (manual atau orchestrator eksternal).

Struktur Direktori Workflow

SubproyekFile Workflow
Java.github/workflows/ci.yml, pmd.yml, security-audit.yml, release.yml, cd.yml
Rust.github/workflows/ci.yml, sonar.yml, security-audit.yml, release.yml
Frontend.github/workflows/ci.yml, release.yml

Tautan

Java Pipeline

Gradle PMD, JaCoCo, OWASP, deployment Heroku

Rust Pipeline

cargo fmt, clippy, nextest, tarpaulin, SonarCloud

Frontend Pipeline

ESLint, Next.js build, health checks

Komponen UI

Pustaka komponen shadcn/ui dan komponen kustom

Java Pipeline

CI/CD backend Java — PMD, JaCoCo, OWASP, build Docker, dan deployment Heroku

On this page

Matriks LayananPrinsip UtamaStruktur Direktori WorkflowTautan