Add comprehensive test suite and automated CI/CD pipeline

.github/workflows/ci.yml

@@ -0,0 +1,64 @@
+name: CI
+
+on:
+  push:
+    branches: [ main, master ]
+  pull_request:
+    branches: [ main, master ]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        node-version: [18, 20]
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Setup Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v4
+      with:
+        node-version: ${{ matrix.node-version }}
+        cache: 'npm'
+
+    - name: Install dependencies
+      run: npm ci
+
+    # - name: Run linter
+    #   run: npm run lint
+
+    - name: Run tests
+      run: npm run test:run
+
+    - name: Build project
+      run: npm run build
+
+  test-coverage:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Setup Node.js
+      uses: actions/setup-node@v4
+      with:
+        node-version: '20'
+        cache: 'npm'
+
+    - name: Install dependencies
+      run: npm ci
+
+    - name: Run tests with coverage
+      run: npm run test:run -- --coverage
+
+    - name: Upload coverage to Codecov
+      uses: codecov/codecov-action@v3
+      with:
+        file: ./coverage/lcov.info
+        flags: unittests
+        name: codecov-umbrella
+        fail_ci_if_error: false

.github/workflows/codeql.yml

@@ -0,0 +1,40 @@
+name: "CodeQL Analysis"
+
+on:
+  push:
+    branches: [ main, master ]
+  pull_request:
+    branches: [ main, master ]
+  schedule:
+    - cron: '0 2 * * 1'  # Run every Monday at 2 AM
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v3
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3
+      with:
+        category: "/language:${{matrix.language}}"

.github/workflows/dependency-review.yml

@@ -0,0 +1,22 @@
+name: Dependency Review
+
+on:
+  pull_request:
+    branches: [ main, master ]
+
+permissions:
+  contents: read
+  pull-requests: write
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+
+      - name: Dependency Review
+        uses: actions/dependency-review-action@v4
+        with:
+          fail-on-severity: moderate
+          allow-licenses: MIT, Apache-2.0, BSD-2-Clause, BSD-3-Clause, ISC

.gitignore

@@ -49,4 +49,8 @@ yarn-error.log*
 *.ntvs*
 *.njsproj
 *.sln
-*.sw*
+*.sw*
+
+# Test coverage
+*.lcov
+test-results

CI-README.md

@@ -0,0 +1,128 @@
+# Continuous Integration (CI) Documentation
+
+This document describes the automated CI/CD setup for the Logoly project.
+
+## GitHub Actions Workflows
+
+### 1. CI Workflow (`.github/workflows/ci.yml`)
+
+**Triggers:**
+- Push to `main` or `master` branches
+- Pull requests to `main` or `master` branches
+
+**Jobs:**
+
+#### Test Job
+- **Matrix Strategy**: Tests on Node.js versions 18 and 20
+- **Steps:**
+  1. Checkout code
+  2. Setup Node.js with npm caching
+  3. Install dependencies (`npm ci`)
+  4. Run tests (`npm run test:run`)
+  5. Build project (`npm run build`)
+
+#### Test Coverage Job
+- **Environment**: Node.js 20
+- **Steps:**
+  1. Checkout code
+  2. Setup Node.js with npm caching
+  3. Install dependencies (`npm ci`)
+  4. Run tests with coverage (`npm run test:run -- --coverage`)
+  5. Upload coverage to Codecov
+
+### 2. Dependency Review (`.github/workflows/dependency-review.yml`)
+
+**Triggers:**
+- Pull requests to `main` or `master` branches
+
+**Purpose:**
+- Reviews dependency changes for security vulnerabilities
+- Fails on moderate or higher severity issues
+- Allows common open-source licenses (MIT, Apache-2.0, BSD variants, ISC)
+
+### 3. CodeQL Security Analysis (`.github/workflows/codeql.yml`)
+
+**Triggers:**
+- Push to `main` or `master` branches
+- Pull requests to `main` or `master` branches
+- Scheduled runs (weekly on Mondays at 2 AM)
+
+**Purpose:**
+- Static code analysis for security vulnerabilities
+- JavaScript/TypeScript language analysis
+- Results available in GitHub Security tab
+
+## Test Commands
+
+The project includes several test-related npm scripts:
+
+```bash
+# Run tests in watch mode (development)
+npm test
+
+# Run tests once (CI)
+npm run test:run
+
+# Run tests with coverage
+npm run test:coverage
+
+# Run tests with UI (development)
+npm run test:ui
+```
+
+## Coverage Reporting
+
+- **Provider**: Vitest with v8 coverage
+- **Reporters**: Text (console), LCOV (codecov), HTML (local viewing)
+- **Upload**: Automatically uploaded to Codecov on CI runs
+- **Exclusions**: node_modules, dist, coverage, test files
+
+## Test Structure
+
+The test suite includes:
+- **23 total tests** across 6 test files
+- **Store tests**: Pinia state management (4 tests)
+- **Component tests**: Vue components (12 tests)
+- **Router tests**: Vue Router configuration (3 tests)
+- **Generator tests**: Logo generators (4 tests)
+
+## Security Features
+
+1. **Dependency scanning**: Reviews new dependencies for vulnerabilities
+2. **Code scanning**: Static analysis with CodeQL
+3. **License checking**: Ensures only approved licenses are used
+4. **Automated security updates**: Via Dependabot (existing)
+
+## Coverage Targets
+
+Current coverage includes:
+- Store functionality: 100%
+- Tested components: High coverage on business logic
+- Router configuration: 66.66%
+- Overall: 33.44% (room for improvement in untested components)
+
+## Local Development
+
+To run the same checks locally:
+
+```bash
+# Install dependencies
+npm ci
+
+# Run tests
+npm run test:run
+
+# Generate coverage report
+npm run test:coverage
+
+# Build project
+npm run build
+```
+
+## CI Status
+
+All workflows must pass for pull requests to be merged:
+- ✅ Tests pass on Node.js 18 & 20
+- ✅ Build succeeds
+- ✅ No high-severity dependency vulnerabilities
+- ✅ CodeQL security analysis passes