autoworkflow 3.1.5 → 3.6.0

package/.claude/skills/github-actions.md

@@ -0,0 +1,353 @@
+# GitHub Actions Skill
+
+## Complete CI/CD Workflow
+\`\`\`yaml
+name: CI/CD
+
+on:
+  push:
+    branches: [main, develop]
+  pull_request:
+    branches: [main]
+
+env:
+  NODE_VERSION: 20
+  REGISTRY: ghcr.io
+  IMAGE_NAME: \${{ github.repository }}
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: \${{ env.NODE_VERSION }}
+          cache: 'npm'
+      - run: npm ci
+      - run: npm run lint
+      - run: npm run typecheck
+
+  test:
+    runs-on: ubuntu-latest
+    needs: lint
+    services:
+      postgres:
+        image: postgres:16
+        env:
+          POSTGRES_PASSWORD: postgres
+          POSTGRES_DB: test
+        ports:
+          - 5432:5432
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: \${{ env.NODE_VERSION }}
+          cache: 'npm'
+      - run: npm ci
+      - run: npm test -- --coverage
+        env:
+          DATABASE_URL: postgresql://postgres:postgres@localhost:5432/test
+      - uses: codecov/codecov-action@v4
+        with:
+          token: \${{ secrets.CODECOV_TOKEN }}
+
+  build:
+    runs-on: ubuntu-latest
+    needs: test
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: \${{ env.NODE_VERSION }}
+          cache: 'npm'
+      - run: npm ci
+      - run: npm run build
+      - uses: actions/upload-artifact@v4
+        with:
+          name: build
+          path: dist/
+          retention-days: 7
+
+  deploy:
+    runs-on: ubuntu-latest
+    needs: build
+    if: github.ref == 'refs/heads/main'
+    environment: production
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/download-artifact@v4
+        with:
+          name: build
+          path: dist/
+      - name: Deploy to Vercel
+        uses: amondnet/vercel-action@v25
+        with:
+          vercel-token: \${{ secrets.VERCEL_TOKEN }}
+          vercel-org-id: \${{ secrets.VERCEL_ORG_ID }}
+          vercel-project-id: \${{ secrets.VERCEL_PROJECT_ID }}
+          vercel-args: '--prod'
+\`\`\`
+
+## Matrix Testing
+\`\`\`yaml
+jobs:
+  test:
+    runs-on: \${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, macos-latest, windows-latest]
+        node-version: [18, 20, 22]
+        exclude:
+          - os: windows-latest
+            node-version: 18
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: \${{ matrix.node-version }}
+          cache: 'npm'
+      - run: npm ci
+      - run: npm test
+\`\`\`
+
+## Caching Strategies
+\`\`\`yaml
+# npm cache (built into setup-node)
+- uses: actions/setup-node@v4
+  with:
+    node-version: 20
+    cache: 'npm'
+
+# pnpm cache
+- uses: pnpm/action-setup@v3
+  with:
+    version: 9
+- uses: actions/setup-node@v4
+  with:
+    node-version: 20
+    cache: 'pnpm'
+
+# Custom caching
+- uses: actions/cache@v4
+  with:
+    path: |
+      ~/.npm
+      node_modules
+      .next/cache
+    key: \${{ runner.os }}-node-\${{ hashFiles('**/package-lock.json') }}
+    restore-keys: |
+      \${{ runner.os }}-node-
+
+# Turborepo remote cache
+- name: Turbo Cache
+  uses: actions/cache@v4
+  with:
+    path: .turbo
+    key: \${{ runner.os }}-turbo-\${{ github.sha }}
+    restore-keys: |
+      \${{ runner.os }}-turbo-
+\`\`\`
+
+## Docker Build & Push
+\`\`\`yaml
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: \${{ env.REGISTRY }}
+          username: \${{ github.actor }}
+          password: \${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: \${{ env.REGISTRY }}/\${{ env.IMAGE_NAME }}
+          tags: |
+            type=sha
+            type=ref,event=branch
+            type=semver,pattern={{version}}
+
+      - name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: \${{ steps.meta.outputs.tags }}
+          labels: \${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+\`\`\`
+
+## Reusable Workflow
+\`\`\`yaml
+# .github/workflows/reusable-test.yml
+name: Reusable Test
+
+on:
+  workflow_call:
+    inputs:
+      node-version:
+        required: false
+        type: string
+        default: '20'
+    secrets:
+      NPM_TOKEN:
+        required: false
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: \${{ inputs.node-version }}
+      - run: npm ci
+      - run: npm test
+
+# Usage in another workflow
+jobs:
+  call-tests:
+    uses: ./.github/workflows/reusable-test.yml
+    with:
+      node-version: '20'
+    secrets:
+      NPM_TOKEN: \${{ secrets.NPM_TOKEN }}
+\`\`\`
+
+## Release Workflow
+\`\`\`yaml
+name: Release
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Generate changelog
+        id: changelog
+        uses: orhun/git-cliff-action@v3
+        with:
+          args: --latest
+
+      - name: Create Release
+        uses: softprops/action-gh-release@v2
+        with:
+          body: \${{ steps.changelog.outputs.content }}
+          draft: false
+          prerelease: \${{ contains(github.ref, 'alpha') || contains(github.ref, 'beta') }}
+\`\`\`
+
+## Scheduled Jobs
+\`\`\`yaml
+name: Scheduled Tasks
+
+on:
+  schedule:
+    - cron: '0 0 * * *'  # Daily at midnight UTC
+  workflow_dispatch:  # Allow manual trigger
+
+jobs:
+  dependency-check:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - run: npm audit --audit-level=high
+      - run: npx npm-check-updates -u
+        continue-on-error: true
+\`\`\`
+
+## Environment & Secrets
+\`\`\`yaml
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    environment:
+      name: production
+      url: https://myapp.com
+    steps:
+      - name: Deploy
+        env:
+          # Repository secrets
+          API_KEY: \${{ secrets.API_KEY }}
+          # Environment secrets
+          DATABASE_URL: \${{ secrets.DATABASE_URL }}
+          # GitHub token (auto-provided)
+          GITHUB_TOKEN: \${{ secrets.GITHUB_TOKEN }}
+        run: ./deploy.sh
+\`\`\`
+
+## Conditional Execution
+\`\`\`yaml
+jobs:
+  deploy:
+    if: github.ref == 'refs/heads/main'
+
+  deploy-preview:
+    if: github.event_name == 'pull_request'
+
+  skip-ci:
+    if: "!contains(github.event.head_commit.message, '[skip ci]')"
+
+  only-docs:
+    if: contains(github.event.head_commit.modified, 'docs/')
+\`\`\`
+
+## Common Actions Reference
+\`\`\`yaml
+actions/checkout@v4        # Clone repository
+actions/setup-node@v4      # Setup Node.js
+actions/cache@v4           # Cache dependencies
+actions/upload-artifact@v4 # Upload build artifacts
+actions/download-artifact@v4
+docker/build-push-action@v5
+aws-actions/configure-aws-credentials@v4
+azure/webapps-deploy@v3
+google-github-actions/auth@v2
+\`\`\`
+
+## ❌ DON'T
+- Commit secrets to workflow files
+- Use \`pull_request_target\` without understanding security
+- Skip checkout before using repo files
+- Ignore failing steps with \`continue-on-error\` carelessly
+- Use deprecated action versions
+
+## ✅ DO
+- Pin action versions (use SHA for critical actions)
+- Use job dependencies with \`needs\`
+- Cache dependencies for faster builds
+- Use matrix for cross-platform/version testing
+- Set appropriate permissions
+- Use environments for deployments
+- Add workflow_dispatch for manual runs

package/.claude/skills/go.md

@@ -0,0 +1,377 @@
+# Go Skill
+
+## Project Structure
+\`\`\`
+myapp/
+├── cmd/
+│   └── api/
+│       └── main.go          # Entry point
+├── internal/
+│   ├── config/              # Configuration
+│   ├── handler/             # HTTP handlers
+│   ├── middleware/          # HTTP middleware
+│   ├── model/               # Domain models
+│   ├── repository/          # Data access
+│   └── service/             # Business logic
+├── pkg/                     # Public packages
+├── go.mod
+└── go.sum
+\`\`\`
+
+## Structs and Methods
+\`\`\`go
+package model
+
+import (
+    "time"
+)
+
+type User struct {
+    ID        string    \`json:"id"\`
+    Email     string    \`json:"email"\`
+    Name      string    \`json:"name"\`
+    CreatedAt time.Time \`json:"created_at"\`
+}
+
+// NewUser creates a User with generated ID and timestamp
+func NewUser(email, name string) *User {
+    return &User{
+        ID:        generateID(),
+        Email:     email,
+        Name:      name,
+        CreatedAt: time.Now(),
+    }
+}
+
+// Validate checks if user data is valid
+func (u *User) Validate() error {
+    if u.Email == "" {
+        return errors.New("email is required")
+    }
+    if !strings.Contains(u.Email, "@") {
+        return errors.New("invalid email format")
+    }
+    return nil
+}
+\`\`\`
+
+## Interfaces and Dependency Injection
+\`\`\`go
+package repository
+
+import "context"
+
+// UserRepository defines the contract for user data access
+type UserRepository interface {
+    GetByID(ctx context.Context, id string) (*model.User, error)
+    GetByEmail(ctx context.Context, email string) (*model.User, error)
+    Create(ctx context.Context, user *model.User) error
+    Update(ctx context.Context, user *model.User) error
+    Delete(ctx context.Context, id string) error
+}
+
+// PostgresUserRepository implements UserRepository with PostgreSQL
+type PostgresUserRepository struct {
+    db *sql.DB
+}
+
+func NewPostgresUserRepository(db *sql.DB) *PostgresUserRepository {
+    return &PostgresUserRepository{db: db}
+}
+
+func (r *PostgresUserRepository) GetByID(ctx context.Context, id string) (*model.User, error) {
+    var user model.User
+    err := r.db.QueryRowContext(ctx,
+        "SELECT id, email, name, created_at FROM users WHERE id = $1",
+        id,
+    ).Scan(&user.ID, &user.Email, &user.Name, &user.CreatedAt)
+
+    if err == sql.ErrNoRows {
+        return nil, ErrNotFound
+    }
+    if err != nil {
+        return nil, fmt.Errorf("query user: %w", err)
+    }
+    return &user, nil
+}
+\`\`\`
+
+## Error Handling
+\`\`\`go
+package apperror
+
+import (
+    "errors"
+    "fmt"
+)
+
+// Sentinel errors
+var (
+    ErrNotFound     = errors.New("not found")
+    ErrUnauthorized = errors.New("unauthorized")
+    ErrForbidden    = errors.New("forbidden")
+    ErrConflict     = errors.New("resource already exists")
+)
+
+// AppError wraps errors with additional context
+type AppError struct {
+    Err     error
+    Message string
+    Code    string
+}
+
+func (e *AppError) Error() string {
+    return e.Message
+}
+
+func (e *AppError) Unwrap() error {
+    return e.Err
+}
+
+// Wrap creates an AppError with context
+func Wrap(err error, message string) *AppError {
+    return &AppError{
+        Err:     err,
+        Message: message,
+    }
+}
+
+// Usage with error wrapping
+func GetUser(ctx context.Context, id string) (*User, error) {
+    user, err := repo.GetByID(ctx, id)
+    if err != nil {
+        if errors.Is(err, ErrNotFound) {
+            return nil, ErrNotFound  // Propagate sentinel error
+        }
+        return nil, fmt.Errorf("get user %s: %w", id, err)  // Wrap with context
+    }
+    return user, nil
+}
+\`\`\`
+
+## Context and Cancellation
+\`\`\`go
+package main
+
+import (
+    "context"
+    "time"
+)
+
+func processRequest(ctx context.Context) error {
+    // Create timeout context
+    ctx, cancel := context.WithTimeout(ctx, 5*time.Second)
+    defer cancel()  // Always call cancel to release resources
+
+    // Pass context to operations
+    result, err := fetchData(ctx)
+    if err != nil {
+        return err
+    }
+
+    // Check for cancellation in long operations
+    select {
+    case <-ctx.Done():
+        return ctx.Err()
+    default:
+        // Continue processing
+    }
+
+    return process(ctx, result)
+}
+
+// Context with values (use sparingly, prefer explicit parameters)
+type contextKey string
+
+const userIDKey contextKey = "userID"
+
+func WithUserID(ctx context.Context, userID string) context.Context {
+    return context.WithValue(ctx, userIDKey, userID)
+}
+
+func UserIDFromContext(ctx context.Context) (string, bool) {
+    userID, ok := ctx.Value(userIDKey).(string)
+    return userID, ok
+}
+\`\`\`
+
+## Goroutines and Channels
+\`\`\`go
+package main
+
+import (
+    "context"
+    "sync"
+)
+
+// Worker pool pattern
+func processItems(ctx context.Context, items []Item) error {
+    numWorkers := 5
+    jobs := make(chan Item, len(items))
+    results := make(chan Result, len(items))
+    errs := make(chan error, numWorkers)
+
+    // Start workers
+    var wg sync.WaitGroup
+    for i := 0; i < numWorkers; i++ {
+        wg.Add(1)
+        go func() {
+            defer wg.Done()
+            for item := range jobs {
+                select {
+                case <-ctx.Done():
+                    return
+                default:
+                    result, err := processItem(ctx, item)
+                    if err != nil {
+                        errs <- err
+                        return
+                    }
+                    results <- result
+                }
+            }
+        }()
+    }
+
+    // Send jobs
+    for _, item := range items {
+        jobs <- item
+    }
+    close(jobs)
+
+    // Wait for completion
+    go func() {
+        wg.Wait()
+        close(results)
+        close(errs)
+    }()
+
+    // Collect results
+    var allResults []Result
+    for result := range results {
+        allResults = append(allResults, result)
+    }
+
+    // Check for errors
+    if err := <-errs; err != nil {
+        return err
+    }
+
+    return nil
+}
+
+// errgroup for simpler error handling
+import "golang.org/x/sync/errgroup"
+
+func fetchAll(ctx context.Context, urls []string) ([]Response, error) {
+    g, ctx := errgroup.WithContext(ctx)
+    responses := make([]Response, len(urls))
+
+    for i, url := range urls {
+        i, url := i, url  // Capture loop variables
+        g.Go(func() error {
+            resp, err := fetch(ctx, url)
+            if err != nil {
+                return err
+            }
+            responses[i] = resp
+            return nil
+        })
+    }
+
+    if err := g.Wait(); err != nil {
+        return nil, err
+    }
+    return responses, nil
+}
+\`\`\`
+
+## Testing
+\`\`\`go
+package service_test
+
+import (
+    "context"
+    "testing"
+)
+
+// Table-driven tests
+func TestValidateEmail(t *testing.T) {
+    tests := []struct {
+        name    string
+        email   string
+        wantErr bool
+    }{
+        {"valid email", "user@example.com", false},
+        {"empty email", "", true},
+        {"missing @", "invalid-email", true},
+        {"missing domain", "user@", true},
+    }
+
+    for _, tt := range tests {
+        t.Run(tt.name, func(t *testing.T) {
+            err := ValidateEmail(tt.email)
+            if (err != nil) != tt.wantErr {
+                t.Errorf("ValidateEmail(%q) error = %v, wantErr %v", tt.email, err, tt.wantErr)
+            }
+        })
+    }
+}
+
+// Testing with mocks
+type mockUserRepository struct {
+    users map[string]*model.User
+}
+
+func (m *mockUserRepository) GetByID(ctx context.Context, id string) (*model.User, error) {
+    user, ok := m.users[id]
+    if !ok {
+        return nil, ErrNotFound
+    }
+    return user, nil
+}
+
+func TestUserService_GetUser(t *testing.T) {
+    repo := &mockUserRepository{
+        users: map[string]*model.User{
+            "123": {ID: "123", Email: "test@example.com"},
+        },
+    }
+    svc := NewUserService(repo)
+
+    t.Run("existing user", func(t *testing.T) {
+        user, err := svc.GetUser(context.Background(), "123")
+        if err != nil {
+            t.Fatalf("unexpected error: %v", err)
+        }
+        if user.Email != "test@example.com" {
+            t.Errorf("got email %q, want %q", user.Email, "test@example.com")
+        }
+    })
+
+    t.Run("non-existing user", func(t *testing.T) {
+        _, err := svc.GetUser(context.Background(), "999")
+        if !errors.Is(err, ErrNotFound) {
+            t.Errorf("got error %v, want ErrNotFound", err)
+        }
+    })
+}
+\`\`\`
+
+## ✅ DO
+- Handle all errors explicitly - never ignore with \`_\`
+- Use \`context.Context\` as first parameter
+- Wrap errors with \`fmt.Errorf("context: %w", err)\`
+- Use interfaces for dependency injection
+- Prefer composition over inheritance
+- Use \`defer\` for cleanup (close files, unlock mutexes)
+- Run \`go vet\` and \`golangci-lint\`
+- Use table-driven tests
+
+## ❌ DON'T
+- Don't use \`panic\` for error handling (only for programming errors)
+- Don't pass context in structs, pass as function parameter
+- Don't use \`context.Background()\` in request handlers (use request context)
+- Don't ignore goroutine leaks - always ensure goroutines can exit
+- Don't use naked returns in long functions
+- Don't use \`init()\` for complex initialization