Skip to main content

CI/CD Integration Guide

Automate policy testing and deployment with GitHub Actions. The TealTiger Playground ships with two pre-configured workflows — one for CI and one for CD — plus a built-in workflow generator for custom pipelines.
All workflows run within the GitHub Actions free tier (2,000 minutes/month). Estimated usage per CI run: ~2 minutes.

Overview

LayerWhat it doesWorkflow file
CILint, type-check, unit/property-based tests, E2E tests, coverage.github/workflows/playground-ci.yml
CDBuild, deploy to Vercel, smoke tests, status notification.github/workflows/playground-deploy.yml
CustomGenerate workflow YAML from the playground UIOn-demand
Both pre-built workflows trigger only when files under playground/ change.

1. GitHub Actions Setup

Required Secrets

Navigate to Settings → Secrets and variables → Actions and add:
SecretRequired byDescription
VERCEL_TOKENCD workflowVercel API token
VERCEL_ORG_IDCD workflowYour Vercel organization/team ID
VERCEL_PROJECT_IDCD workflowThe Vercel project ID
TEALTIGER_WORKSPACE_IDCustom workflowsYour TealTiger workspace ID
TEALTIGER_DEPLOY_TOKENCustom workflowsDeploy token for automated deployment

2. CI Workflow — Automated Testing

File: .github/workflows/playground-ci.yml The CI workflow runs on every push to main and on pull requests that touch playground files.

Jobs

  1. Lint & Type Check — TypeScript compilation and ESLint
  2. Unit & Property-Based Tests — Vitest with fast-check and coverage
  3. E2E Tests — Playwright against the built output
  4. PR Comment — Summary table with results from all test jobs

PR Comment Example

## 🐯 TealTiger Playground CI Results

| Check | Status |
|-------|--------|
| Lint & Type Check | ✅ Passed |
| Unit & Property Tests | ✅ 142/142 passed |
| E2E Tests (Playwright) | ✅ 28/28 passed |
| Coverage | Lines: 83% | Branches: 71% |

Blocking PRs on Failure

Enable branch protection rules: Settings → Branches → Add rule for main → Enable Require status checks to pass before merging → Select the three CI jobs.

3. CD Workflow — Automated Deployment

File: .github/workflows/playground-deploy.yml Triggers on pushes to main when playground files change. Jobs:
  1. Deploy to Vercel — builds and deploys to production
  2. Smoke Tests — health check, content verification, static asset check
  3. Deployment Status — sets commit status on GitHub

4. Generating Custom Workflows

import { CICDIntegrationService } from '../services/CICDIntegrationService';

const cicd = new CICDIntegrationService();
const workflowYaml = await cicd.generateWorkflow({
  workspaceId: 'your-workspace-id',
  githubRepo: 'your-org/your-repo',
  branch: 'main',
  testSuiteId: 'suite-abc123',
  autoDeployOnMerge: true,
  targetEnvironment: 'production',
});
The generated workflow includes policy syntax validation, test suite execution, property-based tests, coverage reporting, PR comments, and optional auto-deploy.

5. Free Tier Budget Management

JobEstimated Duration
Lint & Type Check~1-2 min
Unit & Property Tests~2-3 min
E2E Tests (Playwright)~3-5 min
Deploy to Vercel~2-3 min
Tips to stay within limits:
  • Path filters skip unrelated commits
  • Concurrency controls cancel in-progress runs
  • npm and Playwright browser caching between runs
  • Timeout limits prevent runaway builds

6. Troubleshooting

IssueSolution
CI not triggeringVerify workflow file path and that changes are under playground/
PR comment missingCheck pull-requests: write permission
Vercel deploy failingVerify VERCEL_TOKEN, VERCEL_ORG_ID, VERCEL_PROJECT_ID secrets
Playwright failures in CIDelete stale browser cache from Actions → Caches
Tests pass locally, fail in CIEnsure package-lock.json is committed; check OS-specific issues