Skip to content

feature(ci): adding example ci workflows#32

Merged
randoneering merged 9 commits into
mainfrom
feature/ci_workflows
Jun 19, 2026
Merged

feature(ci): adding example ci workflows#32
randoneering merged 9 commits into
mainfrom
feature/ci_workflows

Conversation

@randoneering

@randoneering randoneering commented Jun 18, 2026
edited by greptile-apps Bot
Loading

Copy link
Copy Markdown
Owner

Pull Request Summary

Adds a complete CI/CD integration suite to pgFirstAid. In this PR, there are 5 reusable GitHub Actions workflows plus local test scripts to validate the workflows actually work. This will allow users to drop pgFirstAid into their pipeline for PR feedback, migration evaluation, Neon branching validation, scheduled health monitoring, and cloud compatibility testing.

CI/CD workflows (workflows/)

5 drop-in GitHub Actions workflows with full documentation in
workflows/README.md:

File Purpose
pgfirstaid-pr-audit.yml + pgfirstaid_audit.py PR comment audit on every push
pre-post-migration-validate.yml Gates deploys on migration safety
neon-before-after-validate.yml Isolated before/after via Neon branching
db-health-checks.yml Scheduled daily health monitoring
managed-db-validate.yml Cloud-provider validation (AWS/GCP/Azure)

Type of Change

  • New health check
  • Bug fix
  • Performance improvement
  • Documentation update
  • Refactoring/code cleanup
  • Breaking change
  • Other: CI Workflows

Related Issues

  • Fixes #n/a
  • Related to #n/a
  • Closes #n/a

Testing

PostgreSQL Version Compatibility

Has this code been tested against the following PostgreSQL versions?

  • PostgreSQL 15
  • PostgreSQL 16
  • PostgreSQL 17
  • PostgreSQL 18

Testing notes:

Local test suite (testing/local-workflows/)

5 standalone bash scripts that replicate the CI workflows locally:

Script What it does
test_db_health_checks.sh Runs full pgFirstAid health check suite
test_managed_db_validate.sh Validates against cloud-managed PG
test_pre_post_migration.sh Before/after migration via temp tables
test_neon_before_after.sh Before/after via Neon database branching
test_pr_audit.sh Runs pgfirstaid_audit.py against a target DB

Supporting files: Makefile, .env.example, .gitignore, docker-compose.yml.

Managed Database Platforms

Has this code been deployed and tested on the following platforms?

  • Amazon RDS for PostgreSQL
  • Google Cloud SQL for PostgreSQL (currently unable to test)
  • Azure Database for PostgreSQL (currently unable to test)
  • Neon
  • Supabase
  • Self-managed PostgreSQL

Platform-specific notes:

Additional Notes

  • workflows/README.md -- full setup guide, secrets, integration examples (Flyway, Liquibase, ArgoCD), local testing

Important Files Changed

Filename Overview
workflows/pgfirstaid-pr-audit.yml New PR-audit workflow; uses python instead of uv run python, causing psycopg2 to be missing at runtime, and has a duplicate header comment block.
workflows/db-health-checks.yml New scheduled health-check workflow; "Generate CSV Report" step produces psql table-formatted output instead of CSV, breaking the baseline-comparison grep logic.
workflows/pre-post-migration-validate.yml New migration gate workflow; the generate-summary job never installs the psql client, so the inline psql call in "Generate Summary" always fails.
workflows/neon-before-after-validate.yml New Neon branch before/after workflow; core logic is sound but the expires_at expression always resolves to empty string.
workflows/pgfirstaid_audit.py New Python audit script; well-structured with proper error handling, pagination for comment lookup, and severity threshold logic. No issues in the script itself.
workflows/managed-db-validate.yml New manual cloud-validation workflow for AWS/GCP/Azure; cleanly structured with three conditional jobs and appropriate secret references.
testing/local-workflows/.gitignore The *.md glob blocks all Markdown files in this directory, including any documentation that workflows/README.md already references (e.g., TESTING_INSTRUCTIONS.md).
testing/local-workflows/test_db_health_checks.sh Local health-check script; uses pgpassfile for credential handling, proper cleanup trap, and exports both CSV and JSON reports.
testing/local-workflows/test_neon_before_after.sh Local Neon before/after script; branch is always deleted on EXIT via trap, unquoted $ROLE_ARG is a minor word-splitting risk but only affects names with spaces.
testing/local-workflows/test_pre_post_migration.sh Local migration test script; creates realistic test schema with intentional health-check violations, cleans up on completion.

Reviews (1): Last reviewed commit: "feat(ci): testing for example workflows" | Re-trigger Greptile

Greptile also left 6 inline comments on this PR.

Context used:

  • Rule used - The key words "MUST", "MUST NOT", "REQUIRED", "SHA... (source)

greptile-apps[bot]
greptile-apps Bot reviewed Jun 18, 2026
View reviewed changes
Comment thread workflows/pgfirstaid-pr-audit.yml Outdated
Comment thread workflows/db-health-checks.yml
Comment thread workflows/pre-post-migration-validate.yml
Comment thread workflows/pgfirstaid-pr-audit.yml Outdated
Comment thread testing/local-workflows/.gitignore
Comment thread workflows/neon-before-after-validate.yml
@github-actions github-actions Bot added the feat label Jun 19, 2026
@randoneering randoneering merged commit 3c51ba1 into main Jun 19, 2026
3 checks passed
@randoneering randoneering deleted the feature/ci_workflows branch June 19, 2026 02:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Assignees

No one assigned

Labels

feat

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@randoneering