Merge pull request #4 from meleksabit/feature/pr-title-linter

feat(github-action): add pr-title-linter workflow/action

Author: meleksabit

.github/workflows/pr-title-linter.yml

@@ -17,9 +17,9 @@ jobs:
         with:
           script: |
             const title = context.payload.pull_request.title;
-            const regex = /^(feat|fix|chore|docs|style|refactor|perf|test|ci|build|deps|hotfix|env|security): .+/;
+            const regex = /^(feat|fix|chore|docs|style|refactor|perf|test|ci|build|deps|hotfix|env|security)(\([\w\-]+\))?: .+/;
             if (!regex.test(title)) {
-              core.setFailed(`Invalid PR title: "${title}". Titles must match the pattern "type: description" (e.g., "feat: Add new feature").`);
+              core.setFailed(`❌ Invalid PR title: "${title}".\n✅ Expected format: type(scope): description\nExamples:\n  - feat(docker): preload Hugging Face models\n  - fix(api): handle missing auth headers`);
             } else {
-              console.log(`PR title "${title}" is valid.`);
+              console.log(`✅ PR title "${title}" is valid.`);
             }

.terraformignore

@@ -0,0 +1,74 @@
+# Terraform state and backup files
+*.tfstate
+*.tfstate.backup
+*.tfplan
+
+# Terraform internal directories
+.terraform/
+
+# Logs and debug artifacts
+*.log
+crash.log
+*.out
+*.err
+
+# AWS credentials and sensitive files
+.aws/
+*.pem
+*.key
+*.crt
+*.env
+.env.*
+credentials.json
+secrets/
+**/credentials.tfvars
+
+# Python artifacts
+__pycache__/
+*.pyc
+*.pyo
+*.pyd
+*.egg-info/
+*.dist-info/
+*.ipynb_checkpoints/
+*.sqlite3
+*.db
+.venv/
+venv/
+env/
+
+# Docker build cache and local overrides
+Dockerfile.*
+docker-compose.override.yml
+*.tar
+*.img
+
+# Node-related (if present)
+node_modules/
+npm-debug.log
+yarn-error.log
+
+# Editor/OS/CI-related
+.idea/
+.vscode/
+*.swp
+*.swo
+*.bak
+*.tmp
+.DS_Store
+Thumbs.db
+
+# Git
+.git/
+.gitignore
+.gitattributes
+
+# Tests & coverage (optional)
+coverage/
+tests/__pycache__/
+test-results/
+
+# Model cache (if using Hugging Face Transformers)
+model_cache/
+transformers_cache/
+huggingface/

Jenkinsfile

@@ -0,0 +1,62 @@
+pipeline {
+    agent any
+    environment {
+        ECR_REGISTRY = credentials('ecr-registry-uri')
+        AWS_REGION = 'eu-central-1'
+        DOCKER_TAG = 'latest'
+    }
+    stages {
+        stage('Build and Push ai-agent') {
+            agent { docker { image 'docker:24-dind'; args '--privileged'; reuseNode true } }
+            when { changeset "ai-agent/**" }
+            steps {
+                withAWS(credentials: 'aws-credentials', region: "${AWS_REGION}") {
+                    sh 'aws ecr get-login-password --region ${AWS_REGION} | docker login --username AWS --password-stdin ${ECR_REGISTRY}'
+                    sh 'docker build -t ${ECR_REGISTRY}/ai-agent:${DOCKER_TAG} ./ai-agent'
+                    sh 'docker push ${ECR_REGISTRY}/ai-agent:${DOCKER_TAG}'
+                }
+            }
+        }
+        stage('Build and Push Go Microservices') {
+            agent { docker { image 'docker:24-dind'; args '--privileged'; reuseNode true } }
+            when { anyOf { changeset "go-services/blockchain-monitor/**"; changeset "go-services/anomaly-detector/**" } }
+            steps {
+                withAWS(credentials: 'aws-credentials', region: "${AWS_REGION}") {
+                    sh 'aws ecr get-login-password --region ${AWS_REGION} | docker login --username AWS --password-stdin ${ECR_REGISTRY}'
+                    script {
+                        def services = ['blockchain-monitor', 'anomaly-detector']
+                        services.each { svc ->
+                            sh "docker build -t ${ECR_REGISTRY}/${svc}:${DOCKER_TAG} ./go-services/${svc}"
+                            sh "docker push ${ECR_REGISTRY}/${svc}:${DOCKER_TAG}"
+                        }
+                    }
+                }
+            }
+        }
+        stage('Build and Push Dashboard') {
+            agent { docker { image 'docker:24-dind'; args '--privileged'; reuseNode true } }
+            when { changeset "dashboard/**" }
+            steps {
+                withAWS(credentials: 'aws-credentials', region: "${AWS_REGION}") {
+                    sh 'aws ecr get-login-password --region ${AWS_REGION} | docker login --username AWS --password-stdin ${ECR_REGISTRY}'
+                    sh 'docker build -t ${ECR_REGISTRY}/dashboard:${DOCKER_TAG} ./dashboard'  // Adjust if merged with anomaly-detector
+                    sh 'docker push ${ECR_REGISTRY}/dashboard:${DOCKER_TAG}'
+                }
+            }
+        }
+        stage('Deploy to EKS') {
+            steps {
+                withAWS(credentials: 'aws-credentials', region: "${AWS_REGION}") {
+                    sh 'helm upgrade --install ai-agent ./helm/ai-agent --namespace default --set image.repository=${ECR_REGISTRY}/ai-agent'
+                    sh 'helm upgrade --install blockchain-monitor ./helm/go-microservices/blockchain-monitor --namespace default --set image.repository=${ECR_REGISTRY}/blockchain-monitor'
+                    sh 'helm upgrade --install anomaly-detector ./helm/go-microservices/anomaly-detector --namespace default --set image.repository=${ECR_REGISTRY}/anomaly-detector'
+                    sh 'helm upgrade --install dashboard ./helm/dashboard --namespace default --set image.repository=${ECR_REGISTRY}/dashboard'
+                }
+            }
+        }
+    }
+    post {
+        always { sh 'echo "Pipeline complete!"' }
+        failure { echo 'Build failed!' }
+    }
+}

ai-agent/Dockerfile

@@ -0,0 +1,20 @@
+# Stage 1: Build dependencies
+FROM python:3.12-slim AS builder
+WORKDIR /app
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt && \
+    pip install --no-cache-dir hf_xet
+
+# Stage 2: Runtime image
+FROM python:3.12-slim
+WORKDIR /home/appuser/app
+COPY --from=builder /usr/local/lib/python3.12/site-packages/ /usr/local/lib/python3.12/site-packages/
+COPY --from=builder /usr/local/bin/ /usr/local/bin/
+COPY ai_agent.py .
+RUN useradd -m appuser && \
+    mkdir -p /home/appuser/.cache && \
+    chown -R appuser:appuser /home/appuser
+USER appuser
+HEALTHCHECK --interval=30s --timeout=3s \
+    CMD curl -f http://localhost:8000/health || exit 1
+CMD ["gunicorn", "-k", "uvicorn.workers.UvicornWorker", "-w", "4", "-b", "0.0.0.0:8000", "ai_agent:app"]