feat: implement CI/CD, demo script, and component documentation

.github/workflows/ci.yml

@@ -0,0 +1,96 @@
+name: CI
+
+on:
+  push:
+    branches: [main, develop]
+  pull_request:
+    branches: [main, develop]
+
+jobs:
+  rust-checks:
+    name: Rust Quality Checks
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install Rust
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          components: rustfmt, clippy
+          targets: wasm32-unknown-unknown
+
+      - name: Cache Cargo
+        uses: actions/cache@v4
+        with:
+          path: |
+            ~/.cargo/bin/
+            ~/.cargo/registry/index/
+            ~/.cargo/registry/cache/
+            ~/.cargo/git/db/
+            target/
+          key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
+
+      - name: Check formatting
+        run: cargo fmt --all -- --check
+
+      - name: Run Clippy
+        run: cargo clippy --all-targets --all-features -- -D warnings
+
+      - name: Run tests
+        run: cargo test --all-features
+
+      - name: Build WASM
+        run: cargo build --target wasm32-unknown-unknown --release
+
+  frontend-checks:
+    name: Frontend Quality Checks
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ./frontend
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+          cache-dependency-path: frontend/package-lock.json
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Check formatting
+        run: npm run format:check
+
+      - name: Run linter
+        run: npm run lint
+
+      - name: Type check
+        run: npx tsc --noEmit
+
+      - name: Build
+        run: npm run build
+
+  security-audit:
+    name: Security Audit
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Rust Security Audit
+        uses: rustsec/audit-check@v1
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+          cache-dependency-path: frontend/package-lock.json
+
+      - name: Frontend Security Audit
+        working-directory: ./frontend
+        run: npm audit --audit-level=moderate

.gitignore

@@ -41,3 +41,7 @@ out/
 # OS
 Thumbs.db
 .kiro/
+
+# Demo accounts (sensitive)
+demo/demo-accounts.json
+demo/*-secret.txt

README.md

@@ -193,12 +193,29 @@ cargo watch -x test
 
 ## CI/CD
 
-GitHub Actions automatically:
-- Runs tests on push/PR
-- Checks code formatting
-- Runs clippy linting
-- Builds optimized WASM
-- Uploads build artifacts
+GitHub Actions automatically runs quality checks on all pushes and pull requests:
+
+### Rust Checks
+- Code formatting (`cargo fmt`)
+- Linting with Clippy (`cargo clippy`)
+- Unit and integration tests
+- WASM build verification
+- Security audit with RustSec
+
+### Frontend Checks
+- Code formatting with Prettier
+- ESLint linting (max 0 warnings)
+- TypeScript type checking
+- Production build verification
+- npm security audit
+
+### Branch Protection
+Pull requests must pass all CI checks before merging. Configure branch protection rules:
+1. Go to Settings > Branches
+2. Add rule for `main` branch
+3. Enable "Require status checks to pass before merging"
+4. Select: `Rust Quality Checks`, `Frontend Quality Checks`, `Security Audit`
+5. Enable "Require branches to be up to date before merging"
 
 ## License
 

demo/README.md

@@ -0,0 +1,33 @@
+# Demo Resources
+
+This directory contains resources for demonstrating the Scavngr platform.
+
+## Files
+
+- **demo-script.md**: Complete step-by-step interactive demo guide with expected outputs
+- **demo-accounts.json**: Template for storing demo account information (git-ignored)
+
+## Quick Start
+
+1. Follow the account setup in `demo-script.md`
+2. Deploy contract to testnet
+3. Configure frontend with contract ID
+4. Execute demo flow (25-30 minutes)
+
+## Demo Highlights
+
+- Participant registration (3 roles)
+- Incentive creation and management
+- Waste submission and tracking
+- Supply chain transfers
+- Reward distribution
+- Real-time statistics
+
+## Tips
+
+- Pre-fund all accounts before demo
+- Keep block explorer open for transparency
+- Allow time for transaction confirmations
+- Prepare backup accounts in case of issues
+
+See `demo-script.md` for complete instructions.

demo/demo-accounts.json.example

@@ -0,0 +1,32 @@
+{
+  "accounts": [
+    {
+      "name": "Alice",
+      "role": "Recycler",
+      "address": "G...",
+      "note": "Generate with: soroban keys generate alice"
+    },
+    {
+      "name": "Bob",
+      "role": "Collector",
+      "address": "G...",
+      "note": "Generate with: soroban keys generate bob"
+    },
+    {
+      "name": "Carol",
+      "role": "Manufacturer",
+      "address": "G...",
+      "note": "Generate with: soroban keys generate carol"
+    }
+  ],
+  "contract": {
+    "id": "C...",
+    "network": "testnet",
+    "deployed_at": "2024-01-01T00:00:00Z"
+  },
+  "notes": [
+    "Copy this file to demo-accounts.json and fill in actual values",
+    "Never commit demo-accounts.json (it's git-ignored)",
+    "Fund accounts via: curl https://friendbot.stellar.org?addr=ADDRESS"
+  ]
+}