Skip to content

Update requirements.txt #4

Update requirements.txt

Update requirements.txt #4

Workflow file for this run

name: CI/CD Pipeline
on:
push:
branches: [ master, develop ]
pull_request:
branches: [ master, develop ]
env:
PYTHON_VERSION: '3.9'
POETRY_VERSION: '1.4.2'
jobs:
code-quality:
name: Code Quality
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Cache pip packages
uses: actions/cache@v3
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
restore-keys: |
${{ runner.os }}-pip-
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install black flake8 isort mypy pylint bandit
pip install -r requirements.txt
- name: Run black
run: black . --check
- name: Run flake8
run: flake8 .
- name: Run isort
run: isort . --check-only
- name: Run mypy
run: mypy .
- name: Run pylint
run: pylint **/*.py
- name: Run bandit
run: bandit -r .
security-scan:
name: Security Scan
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Install security tools
run: |
python -m pip install --upgrade pip
pip install safety bandit
- name: Check dependencies for known vulnerabilities
run: safety check
- name: Run security linter
run: bandit -r . -c pyproject.toml
test:
name: Run Tests
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ['3.8', '3.9', '3.10']
steps:
- uses: actions/checkout@v3
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install pytest pytest-cov pytest-asyncio httpx
pip install -r requirements.txt
- name: Run tests with coverage
env:
JWT_SECRET_KEY: ${{ secrets.JWT_SECRET_KEY }}
VALID_API_KEY: ${{ secrets.VALID_API_KEY }}
run: |
pytest --cov=. --cov-report=xml
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
with:
file: ./coverage.xml
build-and-push:
name: Build and Push Docker Image
needs: [code-quality, security-scan, test]
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v4
with:
push: true
tags: yourusername/automl-api:latest,yourusername/automl-api:${{ github.sha }}
cache-from: type=registry,ref=yourusername/automl-api:latest
cache-to: type=inline
deploy:
name: Deploy
needs: build-and-push
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main'
steps:
- name: Deploy to production
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.SSH_HOST }}
username: ${{ secrets.SSH_USERNAME }}
key: ${{ secrets.SSH_PRIVATE_KEY }}
script: |
cd /opt/automl-api
docker-compose pull
docker-compose up -d