Problem
The repository has no visible GitHub Actions workflow for automatic build/test checks, dependency scanning, or production-readiness gates.
Why this is not production ready
Without CI, broken builds, failing tests, migration issues, and vulnerable dependencies can merge unnoticed. This is especially risky for auth and scheduling code.
Evidence
- No
.github/workflows files were present in the inspected checkout.
- Local test execution currently fails, so CI would also need the test-profile work tracked separately.
Required work
- Add a GitHub Actions workflow for pull requests and pushes to the default branch.
- Run Gradle build and tests using the isolated test profile.
- Cache Gradle dependencies safely.
- Add dependency vulnerability scanning, secret scanning guidance, and optional code quality checks.
- Publish test reports as artifacts on failure.
- Block merges on the required checks once green.
Acceptance criteria
- Every PR runs build/test automatically.
- The workflow does not require real production secrets.
- Failed tests or compilation failures block merging.
- Maintainers can inspect test reports from GitHub Actions.
Problem
The repository has no visible GitHub Actions workflow for automatic build/test checks, dependency scanning, or production-readiness gates.
Why this is not production ready
Without CI, broken builds, failing tests, migration issues, and vulnerable dependencies can merge unnoticed. This is especially risky for auth and scheduling code.
Evidence
.github/workflowsfiles were present in the inspected checkout.Required work
Acceptance criteria