* Fix workflow triggers to use 'main' branch instead of 'master'
* Switch to semantic version tags for GitHub Actions instead of SHAs for better maintainability
* Fix golangci-lint by adding go mod tidy and specifying paths ./... for linting
* feat: Restructure workflows following Single Responsibility Principle
- Remove old monolithic workflows (ci.yml, ci-cd.yml, cd.yml)
- Add focused workflows: lint.yml, test.yml, build.yml, security.yml, docker-build.yml, deploy.yml
- Each workflow has a single, clear responsibility
- Follow 2025 best practices with semantic versioning, OIDC auth, build attestations
- Add comprehensive README.md with workflow documentation
- Configure Dependabot for automated dependency updates
Workflows now run independently and can be triggered separately for better CI/CD control.
* fix: Resolve CI/CD workflow failures and GraphQL integration test issues
- Fix Application struct mismatch in application_builder.go
- Add global config.Cfg variable and BleveIndexPath field
- Regenerate GraphQL code to fix ProcessArgField errors
- Add search.InitBleve() call in main.go
- Fix all errcheck issues (12 total) in main.go files and test files
- Fix staticcheck issues (deprecated handler.NewDefaultServer, tagged switch)
- Remove all unused code (50 unused items including mock implementations)
- Fix GraphQL 'transport not supported' error in integration tests
- Add comprehensive database cleanup for integration tests
- Update GraphQL server setup with proper error presenter
* feat: Complete backend CI/CD workflow setup
- Add comprehensive GitHub Actions workflows for Go backend
- Build workflow with binary compilation and attestation
- Test workflow with coverage reporting and race detection
- Lint workflow with golangci-lint and security scanning
- Docker build workflow with multi-architecture support
- Deploy workflow for production deployment
- Security workflow with vulnerability scanning
- All workflows follow Single Responsibility Principle
- Use semantic versioning and latest action versions
- Enable security features: OIDC auth, attestations, minimal permissions
* fix: correct Go build path to ./cmd/api
- Fix build workflow to target ./cmd/api instead of ./cmd
- The main.go file is located in cmd/api/ subdirectory
* fix: correct Dockerfile build path to ./cmd/api
- Fix Docker build to target ./cmd/api instead of root directory
- The main.go file is located in cmd/api/ subdirectory
The integration tests for admin-only mutations were failing due to an authorization issue. The root cause was that the JWT token used in the tests did not reflect the user's admin role, which was being set directly in the database.
This commit fixes the issue by:
1. Updating the `CreateAuthenticatedUser` test helper to generate a new JWT token after a user's role is changed. This ensures the token contains the correct, up-to-date role.
2. Removing all uses of `auth.ContextWithAdminUser` from the integration tests, making the JWT token the single source of truth for authorization.
This change also removes unused imports and variables that were causing build failures after the refactoring. All integration tests now pass.
This commit refactors the GraphQL test suite to resolve persistent build failures and establish a stable, mock-based unit testing environment.
The key changes include:
- Consolidating all GraphQL test helper functions into a single, canonical file (`internal/adapters/graphql/graphql_test_utils_test.go`).
- Removing duplicated test helper code from `integration_test.go` and other test files.
- Creating a new, dedicated unit test file for the `like` and `unlike` mutations (`internal/adapters/graphql/like_resolvers_unit_test.go`) using a mock-based approach.
- Introducing mock services (`MockLikeService`, `MockAnalyticsService`) and updating mock repositories (`MockLikeRepository`, `MockWorkRepository`) in the `internal/testutil` package to support `testify/mock`.
- Adding a `ContextWithUserID` helper function to `internal/platform/auth/middleware.go` to facilitate testing of authenticated resolvers.
These changes resolve the `redeclared in this block` and package collision errors, resulting in a clean and passing test suite. This provides a solid foundation for future Test-Driven Development.
