Add CI/CD deploy and licence scan workflows

Author: invisiblephill

.github/workflows/deploy.yml

@@ -0,0 +1,44 @@
+name: Deploy
+on:
+  push:
+    branches: [main]
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '22'
+          cache: 'npm'
+
+      - run: npm ci
+      - run: npm run build
+
+      - name: Upload to Bunny Edge Storage
+        env:
+          BUNNY_STORAGE_PASSWORD: ${{ secrets.BUNNY_STORAGE_PASSWORD }}
+          BUNNY_STORAGE_ZONE: ${{ secrets.BUNNY_STORAGE_ZONE }}
+        run: |
+          ENDPOINT="https://se.storage.bunnycdn.com"
+          cd dist
+          find . -type f | while read -r file; do
+            filepath="${file#./}"
+            echo "Uploading: $filepath"
+            curl -s -X PUT \
+              "${ENDPOINT}/${BUNNY_STORAGE_ZONE}/${filepath}" \
+              -H "AccessKey: ${BUNNY_STORAGE_PASSWORD}" \
+              -H "Content-Type: application/octet-stream" \
+              --upload-file "$filepath" \
+              --fail \
+              || { echo "FAILED: $filepath"; exit 1; }
+          done
+
+      - name: Purge CDN cache
+        run: |
+          curl -s -X POST \
+            "https://api.bunny.net/pullzone/${{ secrets.BUNNY_PULL_ZONE_ID }}/purgeCache" \
+            -H "AccessKey: ${{ secrets.BUNNY_API_KEY }}" \
+            --fail

.github/workflows/licence-scan.yml

@@ -0,0 +1,20 @@
+name: Licence Scan
+on: [push]
+
+jobs:
+  scan:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install ScanCode
+        run: pip install scancode-toolkit
+
+      - name: Scan source
+        run: scancode --license --only-findings --json scan-results.json src/
+
+      - name: Upload results
+        uses: actions/upload-artifact@v4
+        with:
+          name: licence-scan
+          path: scan-results.json