Bump actions/checkout from 4 to 6 #4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main, develop] | |
| pull_request: | |
| branches: [main] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.12' | |
| - name: Install dependencies | |
| run: pip install -e ".[dev]" | |
| - name: Ruff check | |
| run: ruff check src/ tests/ | |
| - name: Ruff format check | |
| run: ruff format --check src/ tests/ | |
| - name: Mypy type check | |
| run: mypy src/ --ignore-missing-imports | |
| test: | |
| runs-on: ubuntu-latest | |
| needs: lint | |
| strategy: | |
| matrix: | |
| python-version: ['3.12', '3.13'] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install dependencies | |
| run: pip install -e ".[dev]" | |
| - name: Run unit tests | |
| run: pytest tests/unit/ -v --tb=short -x | |
| - name: Run integration tests | |
| run: pytest tests/integration/ -v --tb=short | |
| - name: Upload coverage | |
| uses: codecov/codecov-action@v4 | |
| test-frontend: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: '22' | |
| - name: Install dependencies | |
| working-directory: src/frontend | |
| run: npm ci | |
| - name: Type check | |
| working-directory: src/frontend | |
| run: npx tsc --noEmit | |
| - name: Lint | |
| working-directory: src/frontend | |
| run: npx next lint | |
| - name: Build | |
| working-directory: src/frontend | |
| run: npm run build | |
| security: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.12' | |
| - name: Install dependencies | |
| run: pip install bandit safety | |
| - name: Bandit security scan | |
| run: bandit -r src/swachhzero/ -c pyproject.toml || true | |
| - name: Safety dependency check | |
| run: safety check || true | |
| build-docker: | |
| runs-on: ubuntu-latest | |
| needs: [test, test-frontend] | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build API image | |
| run: docker build -f docker/Dockerfile.api -t swachhzero-api:${{ github.sha }} . | |
| - name: Build Frontend image | |
| run: docker build -f docker/Dockerfile.frontend -t swachhzero-frontend:${{ github.sha }} . |