feat(ci): add github actions
This commit is contained in:
@@ -1,54 +0,0 @@
|
||||
name: api-legacy audit
|
||||
defaults:
|
||||
run:
|
||||
working-directory: projects/api-legacy
|
||||
|
||||
on:
|
||||
workflow_call:
|
||||
push:
|
||||
branches-ignore:
|
||||
- main
|
||||
paths:
|
||||
- "../../basango/apps/api-legacy/**"
|
||||
- ".github/workflows/backend_*.yaml"
|
||||
pull_request:
|
||||
branches-ignore:
|
||||
- main
|
||||
paths:
|
||||
- "../../basango/apps/api-legacy/**"
|
||||
- ".github/workflows/backend_*.yaml"
|
||||
|
||||
jobs:
|
||||
audit:
|
||||
name: composer audit
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Setup PHP
|
||||
uses: shivammathur/setup-php@v2
|
||||
with:
|
||||
php-version: 8.4
|
||||
tools: composer:v2
|
||||
|
||||
- name: Setup cache
|
||||
run: echo "COMPOSER_CACHE_DIR=$(composer config cache-dir)" >> $GITHUB_ENV
|
||||
|
||||
- name: Cache dependencies installed with composer
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: ${{ env.COMPOSER_CACHE_DIR }}
|
||||
key: php8.4-composer-${{ hashFiles('projects/api-legacy/composer.lock') }}
|
||||
restore-keys: |
|
||||
php8.4-composer-latest-
|
||||
- name: Update composer
|
||||
run: composer self-update
|
||||
|
||||
- name: Install dependencies with composer
|
||||
run: composer install --prefer-dist --no-interaction --no-progress --optimize-autoloader --ansi
|
||||
|
||||
- name: Security Audit with composer
|
||||
run: composer audit
|
||||
continue-on-error: true
|
||||
|
||||
@@ -1,53 +0,0 @@
|
||||
name: api-legacy quality
|
||||
defaults:
|
||||
run:
|
||||
working-directory: projects/api-legacy
|
||||
|
||||
on:
|
||||
workflow_call:
|
||||
push:
|
||||
branches-ignore:
|
||||
- main
|
||||
paths:
|
||||
- "../../basango/apps/api-legacy/**"
|
||||
- ".github/workflows/backend_*.yaml"
|
||||
pull_request:
|
||||
branches-ignore:
|
||||
- main
|
||||
paths:
|
||||
- "../../basango/apps/api-legacy/**"
|
||||
- ".github/workflows/backend_*.yaml"
|
||||
|
||||
jobs:
|
||||
quality:
|
||||
name: quality
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Setup PHP
|
||||
uses: shivammathur/setup-php@v2
|
||||
with:
|
||||
php-version: 8.4
|
||||
tools: composer:v2
|
||||
|
||||
- name: Setup cache
|
||||
run: echo "COMPOSER_CACHE_DIR=$(composer config cache-dir)" >> $GITHUB_ENV
|
||||
|
||||
- name: Cache dependencies installed with composer
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: ${{ env.COMPOSER_CACHE_DIR }}
|
||||
key: php8.4-composer-${{ hashFiles('projects/api-legacy/composer.lock') }}
|
||||
restore-keys: |
|
||||
php8.4-composer-latest-
|
||||
- name: Update composer
|
||||
run: composer self-update
|
||||
|
||||
- name: Install dependencies with composer
|
||||
run: composer install --prefer-dist --no-interaction --no-progress --optimize-autoloader --ansi
|
||||
|
||||
- name: Run code quality analysis
|
||||
run: composer app:cs
|
||||
|
||||
@@ -1,71 +0,0 @@
|
||||
name: api-legacy tests
|
||||
defaults:
|
||||
run:
|
||||
working-directory: projects/api-legacy
|
||||
|
||||
on:
|
||||
workflow_call:
|
||||
push:
|
||||
branches-ignore:
|
||||
- main
|
||||
paths:
|
||||
- "../../basango/apps/api-legacy/**"
|
||||
- ".github/workflows/backend_*.yaml"
|
||||
pull_request:
|
||||
branches-ignore:
|
||||
- main
|
||||
paths:
|
||||
- "../../basango/apps/api-legacy/**"
|
||||
- ".github/workflows/backend_*.yaml"
|
||||
jobs:
|
||||
functional:
|
||||
name: phpunit
|
||||
runs-on: ubuntu-latest
|
||||
# process:
|
||||
# mysql:
|
||||
# image: mariadb:10.11.11
|
||||
# env:
|
||||
# MYSQL_ALLOW_EMPTY_PASSWORD: false
|
||||
# MYSQL_ROOT_PASSWORD: root
|
||||
# MYSQL_DATABASE: root
|
||||
# ports:
|
||||
# - 3306/tcp
|
||||
# options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3
|
||||
strategy:
|
||||
matrix:
|
||||
php: [8.4]
|
||||
fail-fast: false
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Setup PHP
|
||||
uses: shivammathur/setup-php@v2
|
||||
with:
|
||||
php-version: ${{ matrix.php }}
|
||||
tools: composer:v2
|
||||
|
||||
- name: Setup cache
|
||||
run: echo "COMPOSER_CACHE_DIR=$(composer config cache-dir)" >> $GITHUB_ENV
|
||||
|
||||
- name: Cache dependencies installed with composer
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: ${{ env.COMPOSER_CACHE_DIR }}
|
||||
key: php${{ matrix.php }}-composer-${{ hashFiles('**/composer.json') }}
|
||||
restore-keys: |
|
||||
php${{ matrix.php }}-composer-latest-
|
||||
- name: Update composer
|
||||
run: composer self-update
|
||||
|
||||
- name: Install dependencies with composer
|
||||
run: composer install --prefer-dist --no-interaction --no-progress --optimize-autoloader --ansi
|
||||
|
||||
# - name: Setup mysql
|
||||
# run: sudo systemctl start mysql
|
||||
|
||||
- name: Run functional tests
|
||||
run: composer app:test
|
||||
env:
|
||||
APP_ENV: test
|
||||
# DATABASE_URL: mysql://root:root@127.0.0.1:${{ job.process.mysql.ports['3306'] }}/app_test
|
||||
@@ -1,45 +0,0 @@
|
||||
name: crawler audit
|
||||
defaults:
|
||||
run:
|
||||
working-directory: projects/crawler
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- "projects/crawler/**"
|
||||
- ".github/workflows/crawler_*.yml"
|
||||
pull_request:
|
||||
paths:
|
||||
- "projects/crawler/**"
|
||||
- ".github/workflows/crawler_*.yml"
|
||||
|
||||
jobs:
|
||||
bandit:
|
||||
name: bandit
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Install uv
|
||||
run: curl -LsSf https://astral.sh/uv/install.sh | sh
|
||||
|
||||
- name: Cache uv dependencies
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: |
|
||||
~/.cache/uv
|
||||
.venv
|
||||
key: ${{ runner.os }}-uv-${{ hashFiles('**/uv.lock') }}
|
||||
restore-keys: |
|
||||
${{ runner.os }}-uv-
|
||||
|
||||
- name: Sync dependencies (with dev tools)
|
||||
run: uv sync --dev
|
||||
|
||||
- name: Run Bandit (security linter)
|
||||
run: uv run bandit -r . -c pyproject.toml || true
|
||||
|
||||
@@ -1,49 +0,0 @@
|
||||
name: crawler quality
|
||||
defaults:
|
||||
run:
|
||||
working-directory: projects/crawler
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- "projects/crawler/**"
|
||||
- ".github/workflows/crawler_*.yml"
|
||||
pull_request:
|
||||
paths:
|
||||
- "projects/crawler/**"
|
||||
- ".github/workflows/crawler_*.yml"
|
||||
|
||||
jobs:
|
||||
lint:
|
||||
name: ruff and pyright
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Install uv
|
||||
run: curl -LsSf https://astral.sh/uv/install.sh | sh
|
||||
|
||||
- name: Cache uv dependencies
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: |
|
||||
~/.cache/uv
|
||||
projects/crawler/.venv
|
||||
key: ${{ runner.os }}-uv-${{ hashFiles('projects/crawler/uv.lock') }}
|
||||
restore-keys: |
|
||||
${{ runner.os }}-uv-
|
||||
|
||||
- name: Sync dependencies (with dev tools)
|
||||
run: uv sync --dev
|
||||
|
||||
- name: Run Ruff (lint + format checks)
|
||||
run: |
|
||||
uv run ruff check .
|
||||
uv run ruff format --check .
|
||||
|
||||
- name: Run Pyright (type checks)
|
||||
run: uv run pyright
|
||||
@@ -1,44 +0,0 @@
|
||||
name: crawler tests
|
||||
defaults:
|
||||
run:
|
||||
working-directory: projects/crawler
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- "projects/crawler/**"
|
||||
- ".github/workflows/crawler_*.yml"
|
||||
pull_request:
|
||||
paths:
|
||||
- "projects/crawler/**"
|
||||
- ".github/workflows/crawler_*.yml"
|
||||
|
||||
jobs:
|
||||
test:
|
||||
name: pytest
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Install uv
|
||||
run: curl -LsSf https://astral.sh/uv/install.sh | sh
|
||||
|
||||
- name: Cache uv dependencies
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: |
|
||||
~/.cache/uv
|
||||
projects/crawler/.venv
|
||||
key: ${{ runner.os }}-uv-${{ hashFiles('projects/crawler/uv.lock') }}
|
||||
restore-keys: |
|
||||
${{ runner.os }}-uv-
|
||||
|
||||
- name: Sync dependencies (with dev tools)
|
||||
run: uv sync --dev
|
||||
|
||||
- name: Run Pytest
|
||||
run: uv run pytest
|
||||
@@ -1,27 +1,16 @@
|
||||
name: api-legacy deploy
|
||||
defaults:
|
||||
run:
|
||||
working-directory: projects/api-legacy
|
||||
|
||||
name: Deploy
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- "../../basango/apps/api-legacy/**"
|
||||
- ".github/workflows/backend_*.yaml"
|
||||
|
||||
jobs:
|
||||
audit:
|
||||
uses: ./.github/workflows/backend_audit.yaml
|
||||
quality:
|
||||
uses: ./.github/workflows/backend_quality.yaml
|
||||
tests:
|
||||
uses: ./.github/workflows/backend_tests.yaml
|
||||
needs: [audit, quality]
|
||||
uses: ./.github/workflows/quality.yaml
|
||||
|
||||
deploy:
|
||||
name: deploy
|
||||
needs: [tests]
|
||||
needs: [quality]
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: execute ssh command
|
||||
@@ -32,15 +21,13 @@ jobs:
|
||||
key: ${{ secrets.SSH_KEY }}
|
||||
port: ${{ secrets.SSH_PORT }}
|
||||
script: |
|
||||
cd /var/www/html/news.devscast.tech
|
||||
cd /var/www/html/basango.io
|
||||
git pull origin main --rebase
|
||||
cd projects/backend
|
||||
make deploy
|
||||
bun install --frozen-lockfile
|
||||
curl -X POST "https://api.telegram.org/bot${{ secrets.DEVY_TOKEN }}/sendMessage" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d '{
|
||||
"chat_id": "${{ secrets.DEVY_CHAT_ID }}",
|
||||
"text": "news.devscast.tech : `'"$(git rev-parse --short HEAD)"'` has been deployed! 🎉",
|
||||
"text": "basango.io : `'"$(git rev-parse --short HEAD)"'` has been deployed! 🎉",
|
||||
"parse_mode": "Markdown"
|
||||
}'
|
||||
|
||||
@@ -1,51 +0,0 @@
|
||||
name: mobile quality
|
||||
defaults:
|
||||
run:
|
||||
working-directory: projects/mobile
|
||||
|
||||
on:
|
||||
push:
|
||||
paths:
|
||||
- "../../basango/apps/mobile/**"
|
||||
- ".github/workflows/mobile_*.yaml"
|
||||
pull_request:
|
||||
paths:
|
||||
- "../../basango/apps/mobile/**"
|
||||
- ".github/workflows/mobile_*.yaml"
|
||||
|
||||
jobs:
|
||||
quality:
|
||||
name: eslint and prettier
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout Repository
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Setup Node.js
|
||||
uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version: 22
|
||||
|
||||
- name: Setup Bun
|
||||
uses: oven-sh/setup-bun@v2
|
||||
|
||||
- name: Cache Bun Dependencies
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: ~/.bun/install/cache
|
||||
key: ${{ runner.os }}-bun-${{ hashFiles('projects/mobile/bun.lock') }}
|
||||
restore-keys: |
|
||||
${{ runner.os }}-bun-
|
||||
|
||||
- name: Install Dependencies
|
||||
run: bun install --frozen-lockfile
|
||||
|
||||
- name: Run Code Quality Checks
|
||||
run: |
|
||||
bun run check-types
|
||||
bun run check
|
||||
bun run lint:check
|
||||
|
||||
@@ -0,0 +1,72 @@
|
||||
name: Quality Assurance
|
||||
on:
|
||||
workflow_call:
|
||||
push:
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
typecheck:
|
||||
name: typecheck
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout Repository
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Setup Node.js
|
||||
uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version: 22
|
||||
|
||||
- name: Setup Bun
|
||||
uses: oven-sh/setup-bun@v2
|
||||
|
||||
- name: Cache Bun Dependencies
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: ~/.bun/install/cache
|
||||
key: ${{ runner.os }}-bun-${{ hashFiles('bun.lock') }}
|
||||
restore-keys: |
|
||||
${{ runner.os }}-bun-
|
||||
|
||||
- name: Install Dependencies
|
||||
run: bun install --frozen-lockfile
|
||||
|
||||
- name: Run Type Checker
|
||||
run: |
|
||||
bun run typecheck
|
||||
|
||||
lint:
|
||||
name: lint
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout Repository
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Setup Node.js
|
||||
uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version: 22
|
||||
|
||||
- name: Setup Bun
|
||||
uses: oven-sh/setup-bun@v2
|
||||
|
||||
- name: Cache Bun Dependencies
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: ~/.bun/install/cache
|
||||
key: ${{ runner.os }}-bun-${{ hashFiles('bun.lock') }}
|
||||
restore-keys: |
|
||||
${{ runner.os }}-bun-
|
||||
|
||||
- name: Install Dependencies
|
||||
run: bun install --frozen-lockfile
|
||||
|
||||
- name: Run Linter
|
||||
run: |
|
||||
bun run lint
|
||||
Reference in New Issue
Block a user