version: 2.1
orbs:
secops: apollo/circleci-secops-orb@2.0.7
executors:
node:
docker:
- image: cimg/node:22.12.0
working_directory: ~/vscode-graphql
node24:
docker:
- image: cimg/node:24.4.0
working_directory: ~/vscode-graphql
commands:
npm-install:
steps:
- restore_cache:
name: Restore npm cache
keys:
- npm-packages-{{ checksum "package-lock.json" }}--{{ checksum ".circleci/config.yml" }}
- run:
name: Install dependencies
command: npm ci --prefer-offline
- save_cache:
name: Save npm cache
key: npm-packages-{{ checksum "package-lock.json" }}--{{ checksum ".circleci/config.yml" }}
paths:
- ~/.npm
jobs:
lint:
executor: node
steps:
- checkout
- npm-install
- run:
name: Run lint (currenty prettier)
command: npm run lint
typescript:
executor: node
steps:
- checkout
- npm-install
- run:
name: TypeScript Check
command: npm run typecheck
test:
executor: node
steps:
- checkout
- npm-install
- run:
name: Test
command: npm run test -- --runInBand
textmate:
executor: node24
steps:
- checkout
- npm-install
- run:
name: Build TextMate Grammar
command: npm run build:textmate
- run:
name: Test TextMate Grammar
command: npm run test:textmate
workflows:
build-test-deploy:
jobs:
- lint
- typescript
- test
- textmate
security-scans:
jobs:
- secops/gitleaks:
context:
- platform-docker-ro
- github-orb
- secops-oidc
git-base-revision: <<#pipeline.git.base_revision>><><>
git-revision: << pipeline.git.revision >>
- secops/semgrep:
context:
- secops-oidc
- github-orb
git-base-revision: <<#pipeline.git.base_revision>><><>