Spaces:
Runtime error
Runtime error
| # CAE CI/CD Pipeline | |
| # Continuous Integration and Deployment for Confessional Agency Ecosystem | |
| name: CAE CI/CD Pipeline | |
| on: | |
| push: | |
| branches: [ main, develop, feature/* ] | |
| pull_request: | |
| branches: [ main, develop ] | |
| release: | |
| types: [ published ] | |
| env: | |
| PYTHON_VERSION: "3.9" | |
| PYTORCH_VERSION: "2.0.0" | |
| CUDA_VERSION: "11.7" | |
| HF_TOKEN: ${{ secrets.HF_TOKEN }} | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
| jobs: | |
| # Code Quality and Security Checks | |
| code-quality: | |
| name: Code Quality & Security | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Cache pip dependencies | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip- | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install black flake8 mypy bandit safety | |
| pip install -r requirements.txt | |
| - name: Code formatting check | |
| run: | | |
| black --check --diff unified_cae.py deploy_cae.py community_templates.py | |
| - name: Linting | |
| run: | | |
| flake8 unified_cae.py deploy_cae.py community_templates.py --max-line-length=100 | |
| - name: Type checking | |
| run: | | |
| mypy unified_cae.py --ignore-missing-imports | |
| - name: Security scanning | |
| run: | | |
| bandit -r . -f json -o bandit-report.json | |
| safety check --json --output safety-report.json | |
| - name: Upload security reports | |
| uses: actions/upload-artifact@v3 | |
| if: always() | |
| with: | |
| name: security-reports | |
| path: | | |
| bandit-report.json | |
| safety-report.json | |
| # Unit Tests | |
| unit-tests: | |
| name: Unit Tests | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| python-version: ["3.8", "3.9", "3.10", "3.11"] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Cache pip dependencies | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-${{ matrix.python-version }}-${{ hashFiles('**/requirements.txt') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip-${{ matrix.python-version }}- | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install pytest pytest-cov pytest-mock | |
| pip install -r requirements.txt | |
| - name: Run unit tests | |
| run: | | |
| pytest tests/ -v --cov=cae --cov-report=xml --cov-report=html | |
| - name: Upload coverage reports | |
| uses: actions/upload-artifact@v3 | |
| if: always() | |
| with: | |
| name: coverage-reports-${{ matrix.python-version }} | |
| path: | | |
| coverage.xml | |
| htmlcov/ | |
| # Integration Tests | |
| integration-tests: | |
| name: Integration Tests | |
| runs-on: ubuntu-latest | |
| needs: [code-quality, unit-tests] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Cache pip dependencies | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| - name: Run integration tests | |
| run: | | |
| python -m pytest tests/integration/ -v --tb=short | |
| - name: Test CAE initialization | |
| run: | | |
| python -c " | |
| from unified_cae import ConfessionalAgencyEcosystem | |
| cae = ConfessionalAgencyEcosystem() | |
| print('β CAE initialization successful') | |
| " | |
| # Performance Benchmarks | |
| performance-benchmarks: | |
| name: Performance Benchmarks | |
| runs-on: ubuntu-latest | |
| needs: [unit-tests] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| - name: Run performance benchmarks | |
| run: | | |
| python benchmarks/run_performance_tests.py | |
| - name: Upload benchmark results | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: benchmark-results | |
| path: benchmarks/results/ | |
| # Ethical Audit | |
| ethical-audit: | |
| name: Ethical Audit | |
| runs-on: ubuntu-latest | |
| needs: [integration-tests] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| - name: Run ethical audit | |
| run: | | |
| python ethical_audit/run_audit.py --output-format json | |
| - name: Upload ethical audit results | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: ethical-audit-results | |
| path: ethical_audit/reports/ | |
| # Security Audit | |
| security-audit: | |
| name: Security Audit | |
| runs-on: ubuntu-latest | |
| needs: [code-quality] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Run Trivy vulnerability scanner | |
| uses: aquasecurity/trivy-action@master | |
| with: | |
| scan-type: 'fs' | |
| scan-ref: '.' | |
| format: 'sarif' | |
| output: 'trivy-results.sarif' | |
| - name: Upload Trivy scan results | |
| uses: github/codeql-action/upload-sarif@v2 | |
| with: | |
| sarif_file: 'trivy-results.sarif' | |
| # Build Docker Image | |
| build-docker: | |
| name: Build Docker Image | |
| runs-on: ubuntu-latest | |
| needs: [integration-tests, security-audit] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ env.DOCKER_USERNAME }} | |
| password: ${{ env.DOCKER_PASSWORD }} | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: cae/framework | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| - name: Build and push | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| # Deploy to HuggingFace Hub | |
| deploy-hf-hub: | |
| name: Deploy to HuggingFace Hub | |
| runs-on: ubuntu-latest | |
| needs: [integration-tests, performance-benchmarks] | |
| if: github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| - name: Deploy to HuggingFace Hub | |
| env: | |
| HF_TOKEN: ${{ secrets.HF_TOKEN }} | |
| run: | | |
| python deploy_cae.py --deploy-hub --model-name cae-base | |
| # Deploy Demo to HuggingFace Spaces | |
| deploy-hf-spaces: | |
| name: Deploy to HuggingFace Spaces | |
| runs-on: ubuntu-latest | |
| needs: [integration-tests, ethical-audit] | |
| if: github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Deploy to Spaces | |
| uses: huggingface/hub-spaces-deploy-action@v1 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| space-organization: augstentatious | |
| space-name: cae-demo | |
| # Deploy to TestPyPI | |
| deploy-testpypi: | |
| name: Deploy to TestPyPI | |
| runs-on: ubuntu-latest | |
| needs: [unit-tests, integration-tests] | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/develop' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install build dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install build twine | |
| - name: Build package | |
| run: | | |
| python -m build | |
| - name: Publish to TestPyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| repository-url: https://test.pypi.org/legacy/ | |
| password: ${{ secrets.TEST_PYPI_API_TOKEN }} | |
| # Deploy to PyPI | |
| deploy-pypi: | |
| name: Deploy to PyPI | |
| runs-on: ubuntu-latest | |
| needs: [unit-tests, integration-tests, performance-benchmarks, ethical-audit] | |
| if: github.event_name == 'release' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install build dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install build twine | |
| - name: Build package | |
| run: | | |
| python -m build | |
| - name: Publish to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| password: ${{ secrets.PYPI_API_TOKEN }} | |
| # Notification | |
| notify: | |
| name: Notification | |
| runs-on: ubuntu-latest | |
| needs: [build-docker, deploy-hf-hub, deploy-hf-spaces] | |
| if: always() | |
| steps: | |
| - name: Notify on success | |
| if: needs.build-docker.result == 'success' && needs.deploy-hf-hub.result == 'success' | |
| run: | | |
| echo "π CAE deployment successful!" | |
| echo "π¦ Docker image: cae/framework:latest" | |
| echo "π€ HuggingFace Hub: augstentatious/cae-base" | |
| echo "π HuggingFace Spaces: augstentatious/cae-demo" | |
| - name: Notify on failure | |
| if: failure() | |
| run: | | |
| echo "β CAE deployment failed" | |
| echo "Please check the logs for details" | |
| # Additional workflow for community templates | |
| community-templates: | |
| name: Community Templates Validation | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'pull_request' && contains(github.event.pull_request.files.*.filename, 'community_templates/') | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| - name: Validate community templates | |
| run: | | |
| python scripts/validate_community_templates.py | |
| - name: Check template quality | |
| run: | | |
| python scripts/check_template_quality.py | |
| # Workflow for documentation updates | |
| documentation: | |
| name: Documentation | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' && (contains(github.event.head_commit.message, 'docs:') || contains(github.event.head_commit.message, 'Documentation:')) | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install documentation dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install sphinx sphinx-rtd-theme nbsphinx | |
| - name: Build documentation | |
| run: | | |
| cd docs | |
| make html | |
| - name: Deploy documentation | |
| uses: peaceiris/actions-gh-pages@v3 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| publish_dir: ./docs/_build/html |