1+ name : CI/CD Pipeline
2+
3+ on :
4+ push :
5+ branches : [ main, develop, ci/cdtester ]
6+ pull_request :
7+ branches : [ main ]
8+
9+ env :
10+ PYTHON_VERSION : ' 3.11'
11+
12+ jobs :
13+ test :
14+ runs-on : ubuntu-latest
15+ strategy :
16+ matrix :
17+ python-version : [3.9, 3.10, 3.11]
18+
19+ steps :
20+ - name : Checkout code
21+ uses : actions/checkout@v4
22+
23+ - name : Set up Python ${{ matrix.python-version }}
24+ uses : actions/setup-python@v4
25+ with :
26+ python-version : ${{ matrix.python-version }}
27+
28+ - name : Cache pip dependencies
29+ uses : actions/cache@v3
30+ with :
31+ path : ~/.cache/pip
32+ key : ${{ runner.os }}-pip-${{ matrix.python-version }}-${{ hashFiles('**/requirements.txt') }}
33+ restore-keys : |
34+ ${{ runner.os }}-pip-${{ matrix.python-version }}-
35+
36+ name : Install dependencies
37+ run : |
38+ python -m pip install --upgrade pip
39+ pip install -r requirements.txt
40+ pip install pytest pytest-cov flake8 black
41+
42+ name : Lint with flake8
43+ run : |
44+ # stop the build if there are Python syntax errors or undefined names
45+ flake8 server/ --count --select=E9,F63,F7,F82 --show-source --statistics
46+ # exit-zero treats all errors as warnings
47+ flake8 server/ --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
48+
49+ name : Format check with black
50+ run : |
51+ black --check --diff server/
52+
53+ name : Run tests
54+ run : |
55+ pytest --cov=server --cov-report=xml --cov-report=term-missing
56+
57+ name : Upload coverage to Codecov
58+ uses : codecov/codecov-action@v3
59+ with :
60+ file : ./coverage.xml
61+ flags : unittests
62+ name : codecov-umbrella
63+
64+ security-scan :
65+ runs-on : ubuntu-latest
66+ needs : test
67+
68+ steps :
69+ - name : Checkout code
70+ uses : actions/checkout@v4
71+
72+ - name : Run Bandit security scan
73+ run : |
74+ pip install bandit
75+ bandit -r server/ -f json -o bandit-report.json || true
76+
77+ name : Upload security scan results
78+ uses : actions/upload-artifact@v3
79+ with :
80+ name : security-scan-results
81+ path : bandit-report.json
82+
83+ build-and-deploy :
84+ runs-on : ubuntu-latest
85+ needs : [test, security-scan]
86+ if : github.ref == 'refs/heads/main'
87+
88+ steps :
89+ - name : Checkout code
90+ uses : actions/checkout@v4
91+
92+ - name : Set up Python
93+ uses : actions/setup-python@v4
94+ with :
95+ python-version : ${{ env.PYTHON_VERSION }}
96+
97+ - name : Install dependencies
98+ run : |
99+ python -m pip install --upgrade pip
100+ pip install -r requirements.txt
101+
102+ name : Create deployment package
103+ run : |
104+ mkdir -p deployment
105+ cp -r server/* deployment/
106+ cp requirements.txt deployment/
107+ cp readme.md deployment/
108+
109+ name : Upload deployment package
110+ uses : actions/upload-artifact@v3
111+ with :
112+ name : deployment-package
113+ path : deployment/
114+
115+ - name : Deploy to staging (example)
116+ run : |
117+ echo "Deploying to staging environment..."
118+ # Add your deployment commands here
119+ # Example: Deploy to Heroku, AWS, or other cloud platforms
120+ echo "Deployment completed successfully!"
121+
122+ notify :
123+ runs-on : ubuntu-latest
124+ needs : [test, security-scan, build-and-deploy]
125+ if : always()
126+
127+ steps :
128+ - name : Notify on success
129+ if : needs.test.result == 'success' && needs.security-scan.result == 'success'
130+ run : |
131+ echo "✅ All checks passed! Pipeline completed successfully."
132+ # Add notification logic here (Slack, Discord, etc.)
133+
134+ name : Notify on failure
135+ if : needs.test.result == 'failure' || needs.security-scan.result == 'failure'
136+ run : |
137+ echo "❌ Pipeline failed! Please check the logs."
138+ # Add notification logic here (Slack, Discord, etc.)
0 commit comments