Skip to content

feat: github actions #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
solomoneth wants to merge 3 commits into
base: main
Choose a base branch
from
Open

feat: github actions #1

solomoneth wants to merge 3 commits into from

Conversation

@solomoneth
Copy link
Owner

@solomoneth solomoneth commented Oct 12, 2025

No description provided.

@solomoneth
feat: consolidate five GitHub Actions learning projects
1c424fa 
- Add 5 production-ready CI/CD workflows
- Create custom reusable Hello Action with Node 20
- Add Node.js Express server example with Docker
- Add AWS Lambda Python function with deployment
- Implement semantic versioning with automated releases
- Add comprehensive documentation
- Configure commitlint for conventional commits
- Add security scanning (CodeQL, Trivy)
- Implement multi-platform Docker builds
- Add automated PR validation

Consolidates: tana-haik-actions, publish-npm-semantic-release-github-actions, test-github-actions, content-github-actions-deep-dive-lab, content-github-actions-deep-dive-lesson

Total: 27 new files with 3,500+ lines of code and 10,000+ words of documentation
@solomoneth
feat: upgrade Node.js to version 22 and fix caching issues
fa3d0ed 
- Upgrade all workflows to use Node.js 22 as default version
- Update matrix strategy to test Node 20, 22, and 23
- Remove problematic npm cache configuration from setup-node action
- Update package.json engines to require Node >=22.0.0 and npm >=10.0.0
- Upgrade Dockerfile base image from node:20-alpine to node:22-alpine
- Add missing package-lock.json for examples/node-app
- Fix 'Some specified paths were not resolved' caching error

Breaking Change: Minimum Node.js version is now 22.0.0
@solomoneth
fix: add security-events permission for CodeQL scanning
ded4429 
- Add security-events: write permission to CI workflow
- Fixes 'Resource not accessible by integration' error when uploading SARIF results
- Allows CodeQL action to properly upload code scanning results to GitHub Security tab
@github-advanced-security
Copy link

github-advanced-security bot commented Oct 12, 2025

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 12, 2025
View reviewed changes
examples/node-app/server.js
Comment on lines +118 to +146
app.get('/heavy', (req, res) => {
const workerPath = path.join(__dirname, 'worker.js');

// Check if worker file exists
const fs = require('fs');
if (!fs.existsSync(workerPath)) {
return res.status(200).json({
message: 'Worker endpoint available',
note: 'Worker thread implementation not included in this example'
});
}

const worker = new Worker(workerPath);

worker.on('message', (data) => {
res.status(200).json({
total: data,
message: 'Heavy computation completed using worker thread'
});
});

worker.on('error', (error) => {
console.error('Worker error:', error);
res.status(500).json({
error: 'Worker computation failed',
message: error.message
});
});
});

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
a file system access
Loading
, but is not rate-limited.

Copilot Autofix

AI 3 months ago

To resolve the issue, rate-limiting middleware should be added to the /heavy endpoint to limit how many requests a client can make within a certain time window. The recommended way to do this in Express is to use the express-rate-limit package, which is an industry-standard, well-maintained library for this use case.

Specific steps:

  • Add express-rate-limit as a dependency.
  • Require it at the top of examples/node-app/server.js.
  • Define a rate limiter configuration (e.g., limit to 10 requests per minute per IP for the /heavy endpoint).
  • Apply this middleware specifically to the /heavy route using .get('/heavy', limiter, ...).
    No other existing functionality will be changed.
Suggested changeset 2
examples/node-app/server.js

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/examples/node-app/server.js b/examples/node-app/server.js
--- a/examples/node-app/server.js
+++ b/examples/node-app/server.js
@@ -18,6 +18,7 @@
 const express = require('express');
 const { Worker } = require('worker_threads');
 const path = require('path');
+const rateLimit = require('express-rate-limit');
 
 // =============================================================================
 // CONFIGURATION
@@ -51,6 +52,17 @@
 const startTime = Date.now();
 
 // =============================================================================
+// RATE LIMITERS
+// =============================================================================
+// Apply stricter rate limiting to heavy endpoints to avoid DoS
+const heavyLimiter = rateLimit({
+  windowMs: 60 * 1000, // 1 minute
+  max: 10, // limit each IP to 10 requests per `window` (per minute)
+  standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
+  legacyHeaders: false // Disable the `X-RateLimit-*` headers
+});
+
+// =============================================================================
 // ROUTES
 // =============================================================================
 
@@ -115,7 +127,7 @@
  * Heavy computation endpoint - Demonstrates worker threads
  * This endpoint offloads CPU-intensive work to a worker thread
  */
-app.get('/heavy', (req, res) => {
+app.get('/heavy', heavyLimiter, (req, res) => {
   const workerPath = path.join(__dirname, 'worker.js');
   
   // Check if worker file exists
EOF
@@ -18,6 +18,7 @@
const express = require('express');
const { Worker } = require('worker_threads');
const path = require('path');
const rateLimit = require('express-rate-limit');

// =============================================================================
// CONFIGURATION
@@ -51,6 +52,17 @@
const startTime = Date.now();

// =============================================================================
// RATE LIMITERS
// =============================================================================
// Apply stricter rate limiting to heavy endpoints to avoid DoS
const heavyLimiter = rateLimit({
windowMs: 60 * 1000, // 1 minute
max: 10, // limit each IP to 10 requests per `window` (per minute)
standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
legacyHeaders: false // Disable the `X-RateLimit-*` headers
});

// =============================================================================
// ROUTES
// =============================================================================

@@ -115,7 +127,7 @@
* Heavy computation endpoint - Demonstrates worker threads
* This endpoint offloads CPU-intensive work to a worker thread
*/
app.get('/heavy', (req, res) => {
app.get('/heavy', heavyLimiter, (req, res) => {
const workerPath = path.join(__dirname, 'worker.js');

// Check if worker file exists
examples/node-app/package.json
Outside changed files

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/examples/node-app/package.json b/examples/node-app/package.json
--- a/examples/node-app/package.json
+++ b/examples/node-app/package.json
@@ -23,7 +23,8 @@
   "author": "Your Name",
   "license": "MIT",
   "dependencies": {
-    "express": "^4.18.2"
+    "express": "^4.18.2",
+    "express-rate-limit": "^8.1.0"
   },
   "devDependencies": {
     "mocha": "^10.2.0",
@@ -43,4 +44,3 @@
     "url": "https://github.com/yourusername/github-actions.git"
   }
 }
-
EOF
@@ -23,7 +23,8 @@
"author": "Your Name",
"license": "MIT",
"dependencies": {
"express": "^4.18.2"
"express": "^4.18.2",
"express-rate-limit": "^8.1.0"
},
"devDependencies": {
"mocha": "^10.2.0",
@@ -43,4 +44,3 @@
"url": "https://github.com/yourusername/github-actions.git"
}
}

This fix introduces these dependencies
Package Version Security advisories
express-rate-limit (npm) 8.1.0 None
Copilot is powered by AI and may make mistakes. Always verify output.
@github-actions
Copy link

github-actions bot commented Oct 12, 2025

🧪 Test Results

Tests have completed. Check the logs above for details.

@github-actions
Copy link

github-actions bot commented Oct 12, 2025

📊 Pull Request Validation Summary

Check Status
PR Metadata success
Code Quality success
Tests success

PR Details:

  • Author: @solomoneth
  • Base: main
  • Head: develop
  • Changes: +17536 / -0
  • Commits: 3

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

aws-lambda ci/cd docker documentation Improvements or additions to documentation size/XL tests yaml

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@solomoneth