* Fix workflow triggers to use 'main' branch instead of 'master'
* Switch to semantic version tags for GitHub Actions instead of SHAs for better maintainability
* Fix golangci-lint by adding go mod tidy and specifying paths ./... for linting
* feat: Restructure workflows following Single Responsibility Principle
- Remove old monolithic workflows (ci.yml, ci-cd.yml, cd.yml)
- Add focused workflows: lint.yml, test.yml, build.yml, security.yml, docker-build.yml, deploy.yml
- Each workflow has a single, clear responsibility
- Follow 2025 best practices with semantic versioning, OIDC auth, build attestations
- Add comprehensive README.md with workflow documentation
- Configure Dependabot for automated dependency updates
Workflows now run independently and can be triggered separately for better CI/CD control.
* fix: Resolve CI/CD workflow failures and GraphQL integration test issues
- Fix Application struct mismatch in application_builder.go
- Add global config.Cfg variable and BleveIndexPath field
- Regenerate GraphQL code to fix ProcessArgField errors
- Add search.InitBleve() call in main.go
- Fix all errcheck issues (12 total) in main.go files and test files
- Fix staticcheck issues (deprecated handler.NewDefaultServer, tagged switch)
- Remove all unused code (50 unused items including mock implementations)
- Fix GraphQL 'transport not supported' error in integration tests
- Add comprehensive database cleanup for integration tests
- Update GraphQL server setup with proper error presenter
* feat: Complete backend CI/CD workflow setup
- Add comprehensive GitHub Actions workflows for Go backend
- Build workflow with binary compilation and attestation
- Test workflow with coverage reporting and race detection
- Lint workflow with golangci-lint and security scanning
- Docker build workflow with multi-architecture support
- Deploy workflow for production deployment
- Security workflow with vulnerability scanning
- All workflows follow Single Responsibility Principle
- Use semantic versioning and latest action versions
- Enable security features: OIDC auth, attestations, minimal permissions
* fix: correct Go build path to ./cmd/api
- Fix build workflow to target ./cmd/api instead of ./cmd
- The main.go file is located in cmd/api/ subdirectory
* fix: correct Dockerfile build path to ./cmd/api
- Fix Docker build to target ./cmd/api instead of root directory
- The main.go file is located in cmd/api/ subdirectory
This commit addresses several high-priority tasks from the TASKS.md file, including:
- **Fix Background Job Panic:** Replaced `log.Fatalf` with `log.Printf` in the `asynq` server to prevent crashes.
- **Refactor API Server Setup:** Consolidated the GraphQL Playground and Prometheus metrics endpoints into the main API server.
- **Implement `DeleteUser` Mutation:** Implemented the `DeleteUser` resolver.
- **Implement `CreateContribution` Mutation:** Implemented the `CreateContribution` resolver and its required application service.
Additionally, this commit includes a major refactoring of the configuration management system to fix a broken build. The global `config.Cfg` variable has been removed and replaced with a dependency injection approach, where the configuration object is passed to all components that require it. This change has been applied across the entire codebase, including the test suite, to ensure a stable and testable application.
