adding mcp server #44
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main, develop] | |
| pull_request: | |
| branches: [main, develop] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| backend-lint: | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: backend | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v5 | |
| with: | |
| enable-cache: true | |
| cache-dependency-glob: "backend/uv.lock" | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Install dependencies | |
| run: uv sync --all-extras --dev | |
| - name: Run Ruff linter | |
| run: uv run ruff check src/ tests/ | |
| - name: Run Ruff formatter | |
| run: uv run ruff format --check src/ tests/ | |
| - name: Run mypy | |
| run: uv run mypy src/ | |
| backend-test: | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: backend | |
| strategy: | |
| matrix: | |
| python-version: ["3.9", "3.10", "3.11", "3.12"] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v5 | |
| with: | |
| enable-cache: true | |
| cache-dependency-glob: "backend/uv.lock" | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install dependencies | |
| run: | | |
| uv python pin ${{ matrix.python-version }} | |
| uv sync --all-extras --dev | |
| - name: Run tests with coverage | |
| run: uv run pytest --cov-fail-under=0 | |
| - name: Upload coverage reports | |
| if: matrix.python-version == '3.12' | |
| uses: codecov/codecov-action@v5 | |
| with: | |
| file: ./backend/coverage.xml | |
| fail_ci_if_error: false | |
| frontend-lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: lts/* | |
| cache: 'npm' | |
| cache-dependency-path: frontend/package-lock.json | |
| - name: Install SDK dependencies | |
| working-directory: sdk/typescript | |
| run: npm ci | |
| - name: Build SDK | |
| working-directory: sdk/typescript | |
| run: npm run build | |
| - name: Install frontend dependencies | |
| working-directory: frontend | |
| run: npm ci | |
| - name: Run ESLint | |
| working-directory: frontend | |
| run: npm run lint | |
| - name: Run Prettier check | |
| working-directory: frontend | |
| run: npx prettier --check src/ | |
| - name: Run TypeScript type check | |
| working-directory: frontend | |
| run: npm run typecheck | |
| frontend-test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: lts/* | |
| cache: 'npm' | |
| cache-dependency-path: frontend/package-lock.json | |
| - name: Install SDK dependencies | |
| working-directory: sdk/typescript | |
| run: npm ci | |
| - name: Build SDK | |
| working-directory: sdk/typescript | |
| run: npm run build | |
| - name: Install frontend dependencies | |
| working-directory: frontend | |
| run: npm ci | |
| - name: Install Playwright browsers | |
| working-directory: frontend | |
| run: npx playwright install --with-deps | |
| - name: Run Playwright tests | |
| working-directory: frontend | |
| run: npm test | |
| - name: Upload Playwright report | |
| if: always() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: playwright-report | |
| path: frontend/playwright-report/ | |
| retention-days: 30 | |
| frontend-build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: lts/* | |
| cache: 'npm' | |
| cache-dependency-path: frontend/package-lock.json | |
| - name: Install SDK dependencies | |
| working-directory: sdk/typescript | |
| run: npm ci | |
| - name: Build SDK | |
| working-directory: sdk/typescript | |
| run: npm run build | |
| - name: Install frontend dependencies | |
| working-directory: frontend | |
| run: npm ci | |
| - name: Build for production | |
| working-directory: frontend | |
| run: npm run build | |
| - name: Upload build artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: frontend-build | |
| path: frontend/dist/ | |
| retention-days: 7 | |
| # ============================================================================ | |
| # BUILD AND PUSH DOCKER IMAGES TO GHCR | |
| # Only runs on main branch after all CI checks pass | |
| # ============================================================================ | |
| build-images: | |
| name: Build ${{ matrix.image }} | |
| if: github.ref == 'refs/heads/main' && github.event_name == 'push' | |
| needs: [backend-lint, backend-test, frontend-lint, frontend-test, frontend-build] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - image: backend | |
| context: ./backend | |
| dockerfile: backend/Dockerfile | |
| target: production | |
| - image: frontend | |
| context: . | |
| dockerfile: frontend/Dockerfile | |
| target: production | |
| - image: aggregator | |
| context: ./aggregator | |
| dockerfile: aggregator/Dockerfile | |
| target: "" | |
| outputs: | |
| image_tag: ${{ steps.vars.outputs.sha_short }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set output variables | |
| id: vars | |
| run: echo "sha_short=${GITHUB_SHA::7}" >> $GITHUB_OUTPUT | |
| - name: Extract metadata for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/${{ github.repository }}-${{ matrix.image }} | |
| tags: | | |
| type=raw,value=${{ steps.vars.outputs.sha_short }} | |
| type=raw,value=latest | |
| type=ref,event=tag | |
| - name: Build and push ${{ matrix.image }} | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: ${{ matrix.context }} | |
| file: ${{ matrix.dockerfile }} | |
| target: ${{ matrix.target || '' }} | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha,scope=${{ matrix.image }} | |
| cache-to: type=gha,mode=max,scope=${{ matrix.image }} | |
| # ============================================================================ | |
| # DEPLOY TO PRODUCTION VM | |
| # Deploys all services to production after successful image builds | |
| # ============================================================================ | |
| deploy: | |
| name: Deploy to Production | |
| if: github.ref == 'refs/heads/main' && github.event_name == 'push' | |
| needs: [build-images] | |
| runs-on: ubuntu-latest | |
| environment: production | |
| steps: | |
| - name: Deploy via SSH | |
| uses: appleboy/ssh-action@v1.0.3 | |
| env: | |
| IMAGE_TAG: ${{ needs.build-images.outputs.image_tag }} | |
| GITHUB_REPOSITORY: ${{ github.repository }} | |
| GHCR_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| host: ${{ secrets.SSH_HOST }} | |
| username: ${{ secrets.SSH_USER }} | |
| key: ${{ secrets.SSH_PRIVATE_KEY }} | |
| port: ${{ secrets.SSH_PORT }} | |
| envs: IMAGE_TAG,GITHUB_REPOSITORY,GHCR_TOKEN | |
| script: | | |
| set -e | |
| cd /opt/syfthub | |
| echo "==========================================" | |
| echo "Deploying SyftHub: $IMAGE_TAG" | |
| echo "Repository: $GITHUB_REPOSITORY" | |
| echo "==========================================" | |
| # Login to GHCR | |
| echo "$GHCR_TOKEN" | docker login ghcr.io -u github-actions --password-stdin | |
| # Export for docker-compose | |
| export IMAGE_TAG | |
| export GITHUB_REPOSITORY | |
| # Run deployment script | |
| ./deploy.sh | |
| - name: Deployment notification | |
| if: always() | |
| run: | | |
| if [ "${{ job.status }}" == "success" ]; then | |
| echo "✅ Deployment successful: ${{ needs.build-images.outputs.image_tag }}" | |
| else | |
| echo "❌ Deployment failed" | |
| fi |