Skip to content
CI/CD Pipeline

fix(dev-nginx): proxy root to Vite dev server to avoid 403 for empty… #6

Sign in to view logs

fix(dev-nginx): proxy root to Vite dev server to avoid 403 for empty…

fix(dev-nginx): proxy root to Vite dev server to avoid 403 for empty… #6

Workflow file for this run

.github/workflows/ci.yml at b60ff19
name: CI/CD Pipeline
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main ]
jobs:
test-backend:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: [3.9, 3.10, 3.11]
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- name: Cache pip dependencies
uses: actions/cache@v3
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('backend/requirements*.txt') }}
restore-keys: |
${{ runner.os }}-pip-
- name: Install backend dependencies
run: |
cd backend
python -m pip install --upgrade pip
pip install -r requirements.txt
pip install -r requirements-dev.txt
- name: Lint backend code
run: |
cd backend
flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
- name: Run backend tests
run: |
cd backend
python -m pytest tests/ --cov=. --cov-report=xml --cov-report=html
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
with:
file: backend/coverage.xml
flags: backend
name: backend-coverage
test-web:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: '18'
cache: 'npm'
cache-dependency-path: web/package-lock.json
- name: Install web dependencies
run: |
cd web
npm ci
- name: Lint web code
run: |
cd web
npm run lint
- name: Run web tests
run: |
cd web
npm run test:ci
- name: Build web assets
run: |
cd web
npm run build
security-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
scan-ref: '.'
format: 'sarif'
output: 'trivy-results.sarif'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
if: always()
with:
sarif_file: 'trivy-results.sarif'
docker-build:
runs-on: ubuntu-latest
needs: [test-backend, test-web]
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build development Docker image
run: |
docker-compose -f docker/development/docker-compose.yml build
- name: Test Docker environment
run: |
docker-compose -f docker/testing/docker-compose.yml up --abort-on-container-exit
docker-compose -f docker/testing/docker-compose.yml down
deploy-staging:
runs-on: ubuntu-latest
needs: [test-backend, test-web, security-scan, docker-build]
if: github.ref == 'refs/heads/develop'
steps:
- uses: actions/checkout@v4
- name: Deploy to staging
run: |
echo "Staging deployment would happen here"
# This would typically involve:
# - Building production Docker images
# - Pushing to container registry
# - Deploying to staging environment
# - Running smoke tests
deploy-production:
runs-on: ubuntu-latest
needs: [test-backend, test-web, security-scan, docker-build]
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v4
- name: Deploy to production
run: |
echo "Production deployment would happen here"
# This would typically involve:
# - Building production Docker images
# - Pushing to container registry
# - Deploying to production environment
# - Running health checks