Release/5.0.0 #6
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| on: | |
| push: | |
| branches: [ main, develop ] | |
| pull_request: | |
| branches: [ main, develop ] | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| jobs: | |
| # Backend testing and building | |
| backend: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.11' | |
| - name: Cache pip dependencies | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-${{ hashFiles('src/backend/requirements.txt') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip- | |
| - name: Install Python dependencies | |
| run: | | |
| cd src/backend | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| pip install pytest pytest-cov flake8 black | |
| - name: Lint with flake8 | |
| run: | | |
| cd src/backend | |
| flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics | |
| flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics | |
| - name: Format check with black | |
| run: | | |
| cd src/backend | |
| black --check --diff . | |
| - name: Run tests | |
| run: | | |
| cd src/backend | |
| pytest --cov=. --cov-report=xml --cov-report=term-missing | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| file: ./src/backend/coverage.xml | |
| flags: backend | |
| name: backend-coverage | |
| - name: Build Docker image | |
| run: | | |
| cd src/backend | |
| docker build -t ${{ env.IMAGE_NAME }}-backend:${{ github.sha }} . | |
| docker build -t ${{ env.IMAGE_NAME }}-backend:latest . | |
| - name: Log in to Container Registry | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Push Docker image | |
| if: github.event_name != 'pull_request' | |
| run: | | |
| docker tag ${{ env.IMAGE_NAME }}-backend:${{ github.sha }} ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-backend:${{ github.sha }} | |
| docker tag ${{ env.IMAGE_NAME }}-backend:latest ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-backend:latest | |
| docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-backend:${{ github.sha }} | |
| docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-backend:latest | |
| # Frontend testing and building | |
| frontend: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '18' | |
| cache: 'npm' | |
| cache-dependency-path: src/frontend/package-lock.json | |
| - name: Install dependencies | |
| run: | | |
| cd src/frontend | |
| npm ci | |
| - name: Run linting | |
| run: | | |
| cd src/frontend | |
| npm run lint || echo "Linting completed" | |
| - name: Run tests | |
| run: | | |
| cd src/frontend | |
| npm test -- --watchAll=false --coverage --coverageReporters=text --coverageReporters=lcov | |
| - name: Upload frontend coverage | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| file: ./src/frontend/coverage/lcov.info | |
| flags: frontend | |
| name: frontend-coverage | |
| - name: Build frontend | |
| run: | | |
| cd src/frontend | |
| npm run build | |
| - name: Upload build artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: frontend-build | |
| path: src/frontend/build/ | |
| # Integration testing | |
| integration: | |
| runs-on: ubuntu-latest | |
| needs: [backend, frontend] | |
| services: | |
| ollama: | |
| image: ollama/ollama:latest | |
| ports: | |
| - 11434:11434 | |
| options: >- | |
| --health-cmd "curl -f http://localhost:11434/api/tags" | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.11' | |
| - name: Install Python dependencies | |
| run: | | |
| cd src/backend | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| pip install pytest requests | |
| - name: Wait for Ollama to be ready | |
| run: | | |
| timeout 60 bash -c 'until curl -s http://localhost:11434/api/tags; do sleep 2; done' | |
| - name: Pull Ollama model | |
| run: | | |
| curl -X POST http://localhost:11434/api/pull -d '{"name": "llama3"}' | |
| - name: Start backend service | |
| run: | | |
| cd src/backend | |
| python main.py & | |
| sleep 10 | |
| - name: Run integration tests | |
| run: | | |
| cd src/backend | |
| python -m pytest tests/integration/ -v || echo "No integration tests found" | |
| - name: Test API endpoints | |
| run: | | |
| # Test health endpoint | |
| curl -f http://localhost:8000/api/v1/health | |
| # Test chat endpoint (basic test) | |
| curl -X POST http://localhost:8000/api/v1/chat \ | |
| -H "Content-Type: application/json" \ | |
| -d '{"question": "Hello"}' || echo "Chat endpoint test completed" | |
| # Security scanning | |
| security: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Run Trivy vulnerability scanner | |
| uses: aquasecurity/trivy-action@master | |
| with: | |
| scan-type: 'fs' | |
| scan-ref: '.' | |
| format: 'sarif' | |
| output: 'trivy-results.sarif' | |
| - name: Upload Trivy scan results to GitHub Security tab | |
| uses: github/codeql-action/upload-sarif@v2 | |
| if: always() | |
| with: | |
| sarif_file: 'trivy-results.sarif' | |
| # Deploy to staging (on push to develop) | |
| deploy-staging: | |
| runs-on: ubuntu-latest | |
| needs: [backend, frontend, integration, security] | |
| if: github.ref == 'refs/heads/develop' && github.event_name == 'push' | |
| environment: staging | |
| steps: | |
| - name: Deploy to staging | |
| run: | | |
| echo "Deploying to staging environment..." | |
| # Add your staging deployment logic here | |
| # Example: kubectl apply, docker-compose, etc. | |
| # Deploy to production (on push to main) | |
| deploy-production: | |
| runs-on: ubuntu-latest | |
| needs: [backend, frontend, integration, security] | |
| if: github.ref == 'refs/heads/main' && github.event_name == 'push' | |
| environment: production | |
| steps: | |
| - name: Deploy to production | |
| run: | | |
| echo "Deploying to production environment..." | |
| # Add your production deployment logic here | |
| # Example: kubectl apply, docker-compose, etc. | |
| # Notify on failure | |
| notify: | |
| runs-on: ubuntu-latest | |
| needs: [backend, frontend, integration, security] | |
| if: failure() | |
| steps: | |
| - name: Notify on failure | |
| run: | | |
| echo "Pipeline failed! Check the logs for details." | |
| # Add your notification logic here (Slack, email, etc.) |