refactor: add PrinterBackend abstraction layer (Klipper-only) (#24) #66
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| permissions: | |
| contents: read | |
| jobs: | |
| lint: | |
| name: Lint & Format | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.14" | |
| - name: Install ruff | |
| run: pip install ruff | |
| - name: Ruff check | |
| run: ruff check . | |
| - name: Ruff format check | |
| run: ruff format --check . | |
| test: | |
| name: Tests | |
| runs-on: ubuntu-latest | |
| needs: lint | |
| env: | |
| DEBUG: "1" | |
| DJANGO_SECRET_KEY: ci-test-secret-key-for-running-django-tests-in-github-actions | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.14" | |
| cache: pip | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| pip install coverage | |
| - name: Check for missing migrations | |
| run: python manage.py makemigrations --check --dry-run --noinput | |
| - name: Run Django system checks | |
| run: python manage.py check --fail-level WARNING | |
| - name: Run migrations | |
| run: python manage.py migrate --noinput | |
| - name: Collect static files | |
| run: python manage.py collectstatic --noinput | |
| - name: Run tests with coverage | |
| run: | | |
| coverage run manage.py test core -v 2 | |
| coverage report | |
| coverage xml | |
| - name: Upload coverage report | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: coverage-report | |
| path: coverage.xml | |
| security: | |
| name: Security Checks | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.14" | |
| cache: pip | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| pip install pip-audit | |
| - name: Audit dependencies (pip-audit) | |
| run: pip-audit | |
| - name: Django deployment checklist | |
| run: | | |
| DJANGO_SECRET_KEY=ci-audit-key-that-is-long-enough-for-django-security-check-validation \ | |
| DEBUG=0 \ | |
| ALLOWED_HOSTS=localhost \ | |
| python manage.py check --deploy --fail-level WARNING | |
| docker: | |
| name: Docker Build & Smoke Test | |
| runs-on: ubuntu-latest | |
| needs: test | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Build Docker image (release) | |
| run: docker build --target release -t layernexus:test . | |
| - name: Run container smoke test | |
| run: | | |
| docker run -d --name ln-test \ | |
| -e DJANGO_SECRET_KEY=ci-test-secret-key-for-docker-smoke-test-in-github-actions \ | |
| -e ALLOWED_HOSTS=localhost \ | |
| -p 8000:8000 \ | |
| layernexus:test | |
| timeout 30 sh -c 'until curl -sf http://localhost:8000/health/; do sleep 1; done' | |
| docker stop ln-test | |
| pr-preview: | |
| name: PR Preview Image | |
| if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository | |
| runs-on: ubuntu-latest | |
| needs: [lint, test, security, docker] | |
| concurrency: | |
| group: pr-preview-${{ github.event.pull_request.number }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| packages: write | |
| pull-requests: write | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository_owner }}/layernexus | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build and push PR preview image | |
| id: build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| target: release | |
| push: true | |
| tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:pr-${{ github.event.pull_request.number }} | |
| build-args: | | |
| APP_VERSION=pr-${{ github.event.pull_request.number }}-${{ github.event.pull_request.head.sha }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Post or update PR comment | |
| uses: marocchino/sticky-pull-request-comment@v2 | |
| with: | |
| header: pr-preview-image | |
| message: | | |
| ### Preview image ready | |
| **By tag:** | |
| ``` | |
| docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:pr-${{ github.event.pull_request.number }} | |
| ``` | |
| **By digest:** | |
| ``` | |
| docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.build.outputs.digest }} | |
| ``` | |
| <sub>Commit: `${{ github.event.pull_request.head.sha }}`</sub> |