popov/gogo2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cicd

Browse Source
This commit is contained in:
Dobromir Popov
2025-06-24 23:08:38 +03:00
parent 9d843b7550
commit 5243c65fb6
1 changed files with 168 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

168
.github/workflows/ci-cd.yml vendored Normal file
View File

@ -0,0 +1,168 @@
name: CI/CD Pipeline
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main ]
workflow_dispatch:
jobs:
test:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: [3.9, 3.10, 3.11]
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- name: Cache pip packages
uses: actions/cache@v3
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
restore-keys: |
${{ runner.os }}-pip-
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install pytest pytest-cov flake8 black isort
pip install -r requirements.txt
- name: Lint with flake8
run: |
# Stop the build if there are Python syntax errors or undefined names
flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
# Exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
- name: Check code formatting with black
run: |
black --check --diff .
- name: Check import sorting with isort
run: |
isort --check-only --diff .
- name: Run tests with pytest
run: |
pytest --cov=. --cov-report=xml --cov-report=html
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
with:
file: ./coverage.xml
flags: unittests
name: codecov-umbrella
security-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: 3.11
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install safety bandit
- name: Run safety check
run: |
safety check
- name: Run bandit security scan
run: |
bandit -r . -f json -o bandit-report.json
bandit -r . -f txt
build-and-deploy:
needs: [test, security-scan]
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: 3.11
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
- name: Build application
run: |
# Add your build steps here
echo "Building application..."
# python setup.py build
- name: Create deployment package
run: |
# Create a deployment package
tar -czf gogo2-deployment.tar.gz . --exclude='.git' --exclude='__pycache__' --exclude='*.pyc'
- name: Upload deployment artifact
uses: actions/upload-artifact@v3
with:
name: deployment-package
path: gogo2-deployment.tar.gz
docker-build:
needs: [test, security-scan]
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
push: true
tags: |
${{ secrets.DOCKER_USERNAME }}/gogo2:latest
${{ secrets.DOCKER_USERNAME }}/gogo2:${{ github.sha }}
cache-from: type=gha
cache-to: type=gha,mode=max
notify:
needs: [build-and-deploy, docker-build]
runs-on: ubuntu-latest
if: always()
steps:
- name: Notify on success
if: ${{ needs.build-and-deploy.result == 'success' && needs.docker-build.result == 'success' }}
run: |
echo "🎉 Deployment successful!"
# Add notification logic here (Slack, email, etc.)
- name: Notify on failure
if: ${{ needs.build-and-deploy.result == 'failure' || needs.docker-build.result == 'failure' }}
run: |
echo "❌ Deployment failed!"
# Add notification logic here (Slack, email, etc.)