CI/CD — GitHub Actions

Guardrails

Triggers: PRs to main + pushes to main
Required checks: lint, typecheck, tests, coverage gate
Caching: pnpm + Turbo
Concurrency: cancel in-progress per branch
CI → Cloud auth: GitHub OIDC → GCP (no long‑lived keys)

name: CI
on:
  pull_request:
    branches: [main]
  push:
    branches: [main]

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  build-test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: pnpm/action-setup@v4
        with: { version: 9 }
      - uses: actions/setup-node@v4
        with: { node-version: '20', cache: 'pnpm' }
      - run: pnpm i --frozen-lockfile
      - run: pnpm lint
      - run: pnpm typecheck
      - run: pnpm test
      - run: pnpm build

Performance Budgets (PR Gate)

Target: LCP < 2.5s, CLS < 0.1, TTI < 3.5s on key pages
Suggested: add Lighthouse CI on preview builds

{
  "ci": {
    "collect": { "staticDistDir": "apps/web/.next" },
    "assert": { "assertions": { "categories:performance": ["error", { "minScore": 0.9 }] } }
  }
}

note

Runbook-level steps for deploying are covered in operations/ci-cd and operations/deployment.

LLM Notes

Always produce Node 20‑compatible scripts. Add new jobs only if aligned with the paved path.

Guardrails​

Performance Budgets (PR Gate)​

LLM Notes​

Guardrails

Performance Budgets (PR Gate)

LLM Notes