feat: Complete Task 3 - Enhanced Semantic Search with Comprehensive Live Testing #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | ||
| on: | ||
| push: | ||
| branches: [ main, develop ] | ||
| pull_request: | ||
| branches: [ main, develop ] | ||
| release: | ||
| types: [ published ] | ||
| env: | ||
| PYTHON_VERSION: "3.11" | ||
| jobs: | ||
| test: | ||
| name: Test Suite | ||
| runs-on: ${{ matrix.os }} | ||
| strategy: | ||
| matrix: | ||
| os: [ubuntu-latest, macos-latest, windows-latest] | ||
| python-version: ["3.10", "3.11", "3.12"] | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| - name: Setup Pixi | ||
| uses: prefix-dev/setup-pixi@v0.4.1 | ||
| with: | ||
| pixi-version: latest | ||
| - name: Install dependencies | ||
| run: pixi install --environment ci | ||
| - name: Run tests | ||
| run: pixi run --environment ci ci-test | ||
| - name: Upload coverage to Codecov | ||
| if: matrix.os == 'ubuntu-latest' && matrix.python-version == '3.11' | ||
| uses: codecov/codecov-action@v4 | ||
| with: | ||
| file: ./coverage.xml | ||
| flags: unittests | ||
| name: codecov-umbrella | ||
| lint: | ||
| name: Code Quality | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| - name: Setup Pixi | ||
| uses: prefix-dev/setup-pixi@v0.4.1 | ||
| - name: Install dependencies | ||
| run: pixi install --environment ci | ||
| - name: Run linting | ||
| run: pixi run --environment ci ci-lint | ||
| - name: Check formatting | ||
| run: pixi run --environment ci ci-format-check | ||
| - name: Type checking | ||
| run: pixi run --environment ci typecheck | ||
| security: | ||
| name: Security Scan | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| - name: Run Bandit Security Scan | ||
| uses: securecodewarrior/github-action-bandit@v1.1.1 | ||
| with: | ||
| directory: src/ | ||
| - name: Safety Check | ||
| run: | | ||
| pip install safety | ||
| safety check --json --output safety-report.json || true | ||
| - name: Upload security reports | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: security-reports | ||
| path: | | ||
| bandit-report.json | ||
| safety-report.json | ||
| atomic-design-validation: | ||
| name: Atomic Design Standards | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| - name: Setup Python | ||
| uses: actions/setup-python@v4 | ||
| with: | ||
| python-version: "3.12" | ||
| - name: Install dependencies | ||
| run: | | ||
| python -m pip install --upgrade pip | ||
| pip install -e .[dev] | ||
| - name: Validate UCKN atomic structure | ||
| run: | | ||
| echo "🏗️ Validating atomic design structure..." | ||
| # Check atomic directory structure | ||
| test -d "src/uckn/core/atoms" || (echo "❌ Missing atoms directory" && exit 1) | ||
| test -d "src/uckn/core/molecules" || (echo "❌ Missing molecules directory" && exit 1) | ||
| test -d "src/uckn/core/organisms" || (echo "❌ Missing organisms directory" && exit 1) | ||
| echo "✅ Atomic directory structure valid" | ||
| # Check file size constraints (200-500 lines) | ||
| python << 'EOF' | ||
| import os | ||
| import sys | ||
| violations = [] | ||
| for root, dirs, files in os.walk("src/uckn"): | ||
| for file in files: | ||
| if file.endswith(".py") and file != "__init__.py": | ||
| filepath = os.path.join(root, file) | ||
| with open(filepath, 'r') as f: | ||
| line_count = sum(1 for line in f) | ||
| if line_count > 500: | ||
| violations.append(f"{filepath}: {line_count} lines (exceeds 500)") | ||
| if violations: | ||
| print("❌ File size violations:") | ||
| for violation in violations: | ||
| print(f" {violation}") | ||
| sys.exit(1) | ||
| else: | ||
| print("✅ All files within size constraints") | ||
| EOF | ||
| - name: Test UCKN framework integration | ||
| run: | | ||
| echo "🔧 Testing UCKN framework integration..." | ||
| python << 'EOF' | ||
| # Test main imports | ||
| try: | ||
| from src.uckn import KnowledgeManager, SemanticSearch, UnifiedKnowledgeManager | ||
| print("✅ Main imports working") | ||
| except ImportError as e: | ||
| print(f"❌ Import error: {e}") | ||
| exit(1) | ||
| # Test initialization | ||
| try: | ||
| km = KnowledgeManager() | ||
| health = km.get_health_status() | ||
| print(f"✅ KnowledgeManager: {health}") | ||
| except Exception as e: | ||
| print(f"❌ KnowledgeManager error: {e}") | ||
| exit(1) | ||
| # Test unified interface | ||
| try: | ||
| ukm = UnifiedKnowledgeManager() | ||
| capabilities = ukm.get_capabilities() | ||
| print(f"✅ UnifiedKnowledgeManager: {len(capabilities)} capabilities") | ||
| except Exception as e: | ||
| print(f"❌ UnifiedKnowledgeManager error: {e}") | ||
| exit(1) | ||
| print("🎉 UCKN integration tests passed!") | ||
| EOF | ||
| build: | ||
| name: Build Package | ||
| runs-on: ubuntu-latest | ||
| needs: [test, lint, security, atomic-design-validation] | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| - name: Setup Python | ||
| uses: actions/setup-python@v4 | ||
| with: | ||
| python-version: ${{ env.PYTHON_VERSION }} | ||
| - name: Install build tools | ||
| run: | | ||
| python -m pip install --upgrade pip | ||
| pip install build twine | ||
| - name: Build package | ||
| run: python -m build | ||
| - name: Check package | ||
| run: twine check dist/* | ||
| - name: Upload build artifacts | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: dist | ||
| path: dist/ | ||
| deploy: | ||
| name: Deploy to PyPI | ||
| runs-on: ubuntu-latest | ||
| needs: [build, framework-integration] | ||
| if: github.event_name == 'release' | ||
| environment: production | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| - name: Download build artifacts | ||
| uses: actions/download-artifact@v4 | ||
| with: | ||
| name: dist | ||
| path: dist/ | ||
| - name: Publish to PyPI | ||
| uses: pypa/gh-action-pypi-publish@release/v1 | ||
| with: | ||
| password: ${{ secrets.PYPI_API_TOKEN }} | ||
| docker: | ||
| name: Build Docker Images | ||
| runs-on: ubuntu-latest | ||
| needs: [test, lint] | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v3 | ||
| - name: Login to GitHub Container Registry | ||
| if: github.event_name != 'pull_request' | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Extract metadata | ||
| id: meta | ||
| uses: docker/metadata-action@v5 | ||
| with: | ||
| images: ghcr.io/${{ github.repository }} | ||
| tags: | | ||
| type=ref,event=branch | ||
| type=ref,event=pr | ||
| type=semver,pattern={{version}} | ||
| type=semver,pattern={{major}}.{{minor}} | ||
| - name: Build and push Docker image | ||
| uses: docker/build-push-action@v5 | ||
| with: | ||
| context: . | ||
| platforms: linux/amd64,linux/arm64 | ||
| push: ${{ github.event_name != 'pull_request' }} | ||
| tags: ${{ steps.meta.outputs.tags }} | ||
| labels: ${{ steps.meta.outputs.labels }} | ||
| cache-from: type=gha | ||
| cache-to: type=gha,mode=max | ||