Remove large files and clean repository for GitHub upload #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ZeroHack CI/CD Pipeline | |
| on: | |
| push: | |
| branches: [ main, develop ] | |
| pull_request: | |
| branches: [ main, develop ] | |
| env: | |
| PYTHON_VERSION: '3.11' | |
| NODE_VERSION: '18' | |
| jobs: | |
| backend-tests: | |
| runs-on: ubuntu-latest | |
| services: | |
| postgres: | |
| image: postgres:15 | |
| env: | |
| POSTGRES_PASSWORD: postgres | |
| POSTGRES_DB: zerohack_test | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| ports: | |
| - 5432:5432 | |
| redis: | |
| image: redis:7 | |
| options: >- | |
| --health-cmd "redis-cli ping" | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| ports: | |
| - 6379:6379 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Cache pip dependencies | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip- | |
| - name: Install dependencies | |
| run: | | |
| cd backend | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| - name: Lint with flake8 | |
| run: | | |
| cd backend | |
| flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics | |
| flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics | |
| - name: Format check with black | |
| run: | | |
| cd backend | |
| black --check . | |
| - name: Import sort check with isort | |
| run: | | |
| cd backend | |
| isort --check-only . | |
| - name: Run tests | |
| env: | |
| ZEROHACK_DATABASE_URL: postgresql+asyncpg://postgres:postgres@localhost:5432/zerohack_test | |
| ZEROHACK_REDIS_URL: redis://localhost:6379 | |
| ZEROHACK_SECRET_KEY: test-secret-key | |
| ZEROHACK_BLOCKCHAIN_RPC_URL: http://localhost:8545 | |
| run: | | |
| cd backend | |
| pytest tests/ -v --cov=backend --cov-report=xml --cov-report=html | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| file: ./backend/coverage.xml | |
| flags: backend | |
| name: backend-coverage | |
| frontend-tests: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'npm' | |
| cache-dependency-path: frontend/package-lock.json | |
| - name: Install dependencies | |
| run: | | |
| cd frontend | |
| npm ci | |
| - name: Lint with ESLint | |
| run: | | |
| cd frontend | |
| npm run lint | |
| - name: Type check with TypeScript | |
| run: | | |
| cd frontend | |
| npm run type-check | |
| - name: Run tests | |
| run: | | |
| cd frontend | |
| npm test -- --coverage --watchAll=false | |
| - name: Build application | |
| run: | | |
| cd frontend | |
| npm run build | |
| integration-tests: | |
| runs-on: ubuntu-latest | |
| needs: [backend-tests, frontend-tests] | |
| services: | |
| postgres: | |
| image: postgres:15 | |
| env: | |
| POSTGRES_PASSWORD: postgres | |
| POSTGRES_DB: zerohack_test | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| ports: | |
| - 5432:5432 | |
| redis: | |
| image: redis:7 | |
| options: >- | |
| --health-cmd "redis-cli ping" | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| ports: | |
| - 6379:6379 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'npm' | |
| cache-dependency-path: frontend/package-lock.json | |
| - name: Install backend dependencies | |
| run: | | |
| cd backend | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| - name: Install frontend dependencies | |
| run: | | |
| cd frontend | |
| npm ci | |
| - name: Build frontend | |
| run: | | |
| cd frontend | |
| npm run build | |
| - name: Start backend server | |
| env: | |
| ZEROHACK_DATABASE_URL: postgresql+asyncpg://postgres:postgres@localhost:5432/zerohack_test | |
| ZEROHACK_REDIS_URL: redis://localhost:6379 | |
| ZEROHACK_SECRET_KEY: test-secret-key | |
| ZEROHACK_BLOCKCHAIN_RPC_URL: http://localhost:8545 | |
| run: | | |
| cd backend | |
| python -m uvicorn backend.main:app --host 0.0.0.0 --port 8008 & | |
| sleep 10 | |
| - name: Start frontend server | |
| run: | | |
| cd frontend | |
| npm start & | |
| sleep 10 | |
| - name: Run integration tests | |
| run: | | |
| # Test API endpoints | |
| curl -f http://localhost:8008/health | |
| curl -f http://localhost:8008/api/docs | |
| # Test frontend | |
| curl -f http://localhost:3000 | |
| # Run integration test suite | |
| cd backend | |
| pytest tests/integration/ -v | |
| security-scan: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install security tools | |
| run: | | |
| pip install bandit safety semgrep | |
| - name: Run Bandit security scan | |
| run: | | |
| cd backend | |
| bandit -r . -f json -o bandit-report.json || true | |
| - name: Run Safety check | |
| run: | | |
| cd backend | |
| safety check --json --output safety-report.json || true | |
| - name: Run Semgrep security scan | |
| run: | | |
| semgrep --config=auto backend/ --json --output=semgrep-report.json || true | |
| docker-build: | |
| runs-on: ubuntu-latest | |
| needs: [backend-tests, frontend-tests] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Build and push backend image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./backend/Dockerfile | |
| push: true | |
| tags: | | |
| zerohack/backend:latest | |
| zerohack/backend:${{ github.sha }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Build and push frontend image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: ./frontend | |
| file: ./frontend/Dockerfile | |
| push: true | |
| tags: | | |
| zerohack/frontend:latest | |
| zerohack/frontend:${{ github.sha }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| deploy-staging: | |
| runs-on: ubuntu-latest | |
| needs: [integration-tests, docker-build] | |
| if: github.ref == 'refs/heads/develop' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Deploy to staging | |
| run: | | |
| echo "Deploying to staging environment..." | |
| # Add your staging deployment commands here | |
| # Example: kubectl apply -f k8s/staging/ | |
| deploy-production: | |
| runs-on: ubuntu-latest | |
| needs: [integration-tests, docker-build, security-scan] | |
| if: github.ref == 'refs/heads/main' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Deploy to production | |
| run: | | |
| echo "Deploying to production environment..." | |
| # Add your production deployment commands here | |
| # Example: kubectl apply -f k8s/production/ |