name: ๐Ÿš€ Nova AI CI/CD Pipeline on: push: branches: [ main, develop ] pull_request: branches: [ main ] release: types: [ published ] env: PYTHON_VERSION: "3.9" jobs: # ๐Ÿงช Code Quality & Testing test: name: ๐Ÿงช Tests & Code Quality runs-on: ubuntu-latest strategy: matrix: python-version: ["3.8", "3.9", "3.10", "3.11"] steps: - name: ๐Ÿ“ฅ Checkout Code uses: actions/checkout@v4 - name: ๐Ÿ Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} - name: ๐Ÿ“ฆ Cache Dependencies uses: actions/cache@v3 with: path: ~/.cache/pip key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements*.txt') }} restore-keys: | ${{ runner.os }}-pip- - name: ๐Ÿ”ง Install Dependencies run: | python -m pip install --upgrade pip pip install -r requirements.txt pip install pytest pytest-cov flake8 black mypy bandit safety - name: ๐ŸŽจ Code Formatting Check (Black) run: | black --check --diff . - name: ๐Ÿ” Linting (Flake8) run: | flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics - name: ๐Ÿ”’ Security Check (Bandit) run: | bandit -r . -x tests/ -f json -o bandit-report.json || true - name: ๐Ÿ›ก๏ธ Dependency Security Check run: | safety check --json || true - name: ๐Ÿ“Š Type Checking (MyPy) run: | mypy --install-types --non-interactive . || true - name: ๐Ÿงช Run Tests run: | pytest tests/ -v --cov=. --cov-report=xml --cov-report=term-missing - name: ๐Ÿ“ˆ Upload Coverage to Codecov uses: codecov/codecov-action@v3 with: file: ./coverage.xml flags: unittests name: codecov-umbrella # ๐Ÿ”จ Build Check build: name: ๐Ÿ”จ Build Check runs-on: ubuntu-latest needs: test steps: - name: ๐Ÿ“ฅ Checkout Code uses: actions/checkout@v4 - name: ๐Ÿ Set up Python uses: actions/setup-python@v4 with: python-version: ${{ env.PYTHON_VERSION }} - name: ๐Ÿ”ง Install Build Dependencies run: | python -m pip install --upgrade pip pip install build wheel pip install -r requirements.txt - name: ๐Ÿ—๏ธ Build Package run: | python -m build - name: ๐Ÿ“ฆ Check Package run: | python -m pip install dist/*.whl python -c "import gradio_app; print('โœ… Package imported successfully')" # ๐Ÿณ Docker Build docker: name: ๐Ÿณ Docker Build runs-on: ubuntu-latest needs: test steps: - name: ๐Ÿ“ฅ Checkout Code uses: actions/checkout@v4 - name: ๐Ÿณ Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: ๐Ÿ”‘ Login to Docker Hub if: github.event_name != 'pull_request' uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: ๐Ÿ—๏ธ Build and Push Docker Image uses: docker/build-push-action@v5 with: context: . platforms: linux/amd64,linux/arm64 push: ${{ github.event_name != 'pull_request' }} tags: | teknova/nova-ai:latest teknova/nova-ai:${{ github.sha }} cache-from: type=gha cache-to: type=gha,mode=max # ๐Ÿ“ฑ Deploy to Staging deploy-staging: name: ๐Ÿ“ฑ Deploy to Staging runs-on: ubuntu-latest needs: [test, build] if: github.ref == 'refs/heads/develop' environment: staging steps: - name: ๐Ÿ“ฅ Checkout Code uses: actions/checkout@v4 - name: ๐Ÿš€ Deploy to Hugging Face Spaces (Staging) run: | echo "๐Ÿš€ Deploying to HF Spaces Staging..." # HF Spaces deployment script here # ๐ŸŒŸ Deploy to Production deploy-production: name: ๐ŸŒŸ Deploy to Production runs-on: ubuntu-latest needs: [test, build, docker] if: github.ref == 'refs/heads/main' environment: production steps: - name: ๐Ÿ“ฅ Checkout Code uses: actions/checkout@v4 - name: ๐ŸŒŸ Deploy to Production run: | echo "๐ŸŒŸ Deploying Nova AI to Production..." # Production deployment script here # ๐Ÿ“Š Performance Tests performance: name: ๐Ÿ“Š Performance Tests runs-on: ubuntu-latest needs: test if: github.event_name == 'pull_request' steps: - name: ๐Ÿ“ฅ Checkout Code uses: actions/checkout@v4 - name: ๐Ÿ Set up Python uses: actions/setup-python@v4 with: python-version: ${{ env.PYTHON_VERSION }} - name: ๐Ÿ“Š Run Performance Tests run: | echo "๐Ÿ“Š Running Nova AI performance tests..." # Performance test scripts here # ๐Ÿ”„ Auto-merge Dependabot PRs auto-merge: name: ๐Ÿ”„ Auto-merge Dependabot PRs runs-on: ubuntu-latest needs: [test, build] if: ${{ github.actor == 'dependabot[bot]' }} steps: - name: ๐Ÿ”„ Enable auto-merge for Dependabot PRs run: gh pr merge --auto --merge "$PR_URL" env: PR_URL: ${{github.event.pull_request.html_url}} GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} # ๐Ÿ“ข Notifications notify: name: ๐Ÿ“ข Notifications runs-on: ubuntu-latest needs: [test, build] if: always() steps: - name: ๐Ÿ“ข Slack Notification if: failure() uses: 8398a7/action-slack@v3 with: status: ${{ job.status }} channel: '#nova-ai-dev' webhook_url: ${{ secrets.SLACK_WEBHOOK }} - name: ๐Ÿ“ง Email Notification if: failure() uses: dawidd6/action-send-mail@v3 with: server_address: smtp.gmail.com server_port: 587 username: ${{ secrets.EMAIL_USERNAME }} password: ${{ secrets.EMAIL_PASSWORD }} subject: ๐Ÿšจ Nova AI CI/CD Failed to: teknova-dev@example.com from: Nova AI CI/CD body: | ๐Ÿšจ Nova AI CI/CD pipeline failed! Repository: ${{ github.repository }} Branch: ${{ github.ref }} Commit: ${{ github.sha }} Please check the logs: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}