CI/CD pipeline, commit conventions, and release process.
┌─────────────────────────────────────────────────────────────────┐
│ PULL REQUEST │
├─────────────────────────────────────────────────────────────────┤
│ │
│ ci.yml (runs on PR only) │
│ ┌────────┬────────┬──────────┬──────────┬──────────┬────────┐ │
│ │ 🔍Lint │ 🧪Test │ 🔨Build │ 🔒Security│ 🌐Bruno │ 🎨Web │ │
│ └────────┴────────┴──────────┴──────────┴──────────┴────────┘ │
│ │ │
│ 📊 Summary │
│ │
└─────────────────────────────────────────────────────────────────┘
│
[MERGE PR]
│
▼
┌─────────────────────────────────────────────────────────────────┐
│ PUSH TO MASTER │
├─────────────────────────────────────────────────────────────────┤
│ │
│ release.yml │
│ ┌──────────────┐ │
│ │ 📦 Release │ ──(creates tag)──▶ outputs: new_version │
│ └──────────────┘ │
│ │ │
│ needs: release │
│ ▼ │
│ ┌──────────────┐ │
│ │ 🐳 Docker │ ──(builds & pushes image with version tag) │
│ └──────────────┘ │
│ │ │
│ ▼ │
│ ┌──────────────┐ │
│ │ 📊 Summary │ │
│ └──────────────┘ │
│ │
└─────────────────────────────────────────────────────────────────┘
We use Conventional Commits for automatic versioning.
<type>(<scope>): <description>
| Type | Bump | Example |
|---|---|---|
feat |
Minor | feat(sendgrid): add provider |
fix |
Patch | fix(mailgun): handle rate limit |
feat! |
Major | feat!: new API format |
docs, chore, refactor |
Patch | docs: update readme |
Runs on pull requests to master:
| Job | What it does |
|---|---|
| 🔍 Lint | gofmt, golangci-lint |
| 🧪 Test | go test -race + coverage |
| 🔨 Build | Compile binary |
| 🔒 Security | govulncheck |
| 🌐 API Test | Bruno CLI tests (bru run --env memory) |
| 🎨 Web UI | Build Portal frontend |
# Run locally
make auditAutomatic on push to master. Manual trigger available in Actions → Release.
| Commits contain | Version bump |
|---|---|
BREAKING CHANGE or feat!: |
Major (v1 → v2) |
feat: |
Minor (v1.0 → v1.1) |
fix:, docs:, etc. |
Patch (v1.0.0 → v1.0.1) |
On release, the Docker image is published to:
ghcr.io/weprodev/wpd-message-gateway:latest
ghcr.io/weprodev/wpd-message-gateway:v1.0.0
Old container images are automatically cleaned up monthly:
- 🗑️ Delete untagged images
- 📦 Keep last 10 tagged versions
- 🏷️ Keep last 5 pre-release versions
Manual trigger: Actions → Cleanup → Run workflow
Dependencies are checked weekly for security updates:
- ✅ Minor and patch updates only
- ❌ Major versions require manual review
- 📦 Covers: Go modules, npm, GitHub Actions
Use the gateway Docker image to capture and verify messages in your CI tests.
→ See E2E Testing Guide for complete examples.
Quick example:
services:
gateway:
image: ghcr.io/weprodev/wpd-message-gateway:latest
ports:
- 10101:10101
steps:
- run: npm test
env:
EMAIL_API: http://localhost:10101
- run: curl -H "Authorization: Bearer $JWT" -H "X-Api-Client-Id: $ID" -H "X-Api-Client-Secret: $SECRET" "http://localhost:10101/api/v1/workspaces/$WID/inbox/emails" | jq '.emails[0].email.subject'master ───●─────●─────●───── (releases)
│ │
│ └── feat/sendgrid
└── fix/rate-limit
-
make auditpasses - Tests added
- Commits follow conventions
- E2E Testing — Test your app's messages
- Contributing — Add new providers
- Code Conventions — Coding standards