完善代码实现 #52
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| on: | |
| push: | |
| branches: [ main, develop ] | |
| pull_request: | |
| branches: [ main, develop ] | |
| env: | |
| PYTHON_VERSION: '3.9' | |
| NODE_VERSION: '18' | |
| jobs: | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| services: | |
| mysql: | |
| image: mysql:8.0 | |
| env: | |
| MYSQL_ROOT_PASSWORD: testpassword | |
| MYSQL_DATABASE: emotional_chat_test | |
| ports: | |
| - 3306:3306 | |
| options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3 | |
| redis: | |
| image: redis:7 | |
| ports: | |
| - 6379:6379 | |
| options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Cache Python dependencies | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip- | |
| - name: Install Python dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| pip install pytest pytest-asyncio pytest-cov black flake8 mypy | |
| - name: Set up environment variables | |
| run: | | |
| echo "DB_HOST=localhost" >> $GITHUB_ENV | |
| echo "DB_PORT=3306" >> $GITHUB_ENV | |
| echo "DB_USERNAME=root" >> $GITHUB_ENV | |
| echo "DB_PASSWORD=testpassword" >> $GITHUB_ENV | |
| echo "DB_DATABASE=emotional_chat_test" >> $GITHUB_ENV | |
| echo "REDIS_HOST=localhost" >> $GITHUB_ENV | |
| echo "REDIS_PORT=6379" >> $GITHUB_ENV | |
| echo "OPENAI_API_KEY=test-key" >> $GITHUB_ENV | |
| echo "ENVIRONMENT=testing" >> $GITHUB_ENV | |
| echo "DEBUG=true" >> $GITHUB_ENV | |
| - name: Wait for services | |
| run: | | |
| sleep 10 | |
| - name: Run linting | |
| run: | | |
| flake8 backend/ --count --select=E9,F63,F7,F82 --show-source --statistics | |
| flake8 backend/ --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics | |
| - name: Run type checking | |
| run: | | |
| mypy backend/ --ignore-missing-imports | |
| - name: Run formatting check | |
| run: | | |
| black --check backend/ | |
| - name: Run unit tests | |
| run: | | |
| pytest backend/tests/unit/ -v --cov=backend --cov-report=xml --cov-report=html || echo "Unit tests failed" | |
| - name: Run integration tests | |
| run: | | |
| pytest backend/tests/integration/ -v || echo "No integration tests found or tests failed" | |
| continue-on-error: true | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| file: ./coverage.xml | |
| flags: unittests | |
| name: codecov-umbrella | |
| fail_ci_if_error: false | |
| security: | |
| name: Security Scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install security tools | |
| run: | | |
| pip install bandit safety | |
| - name: Run bandit security scan | |
| run: | | |
| if [ -f .bandit ]; then | |
| bandit -r backend/ -f json -o bandit-report.json -c .bandit --severity-level high || echo "Bandit scan completed with issues" | |
| else | |
| bandit -r backend/ -f json -o bandit-report.json --severity-level high || echo "Bandit scan completed with issues" | |
| fi | |
| - name: Run safety check | |
| run: | | |
| safety check --json --output safety-report.json || echo "Safety check completed with issues" | |
| - name: Upload security reports | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: security-reports | |
| path: | | |
| bandit-report.json | |
| safety-report.json | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| needs: [test, security] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| - name: Build Docker image | |
| run: | | |
| docker build -t emotional-chat:latest . | |
| - name: Test Docker image | |
| run: | | |
| docker run --rm -d -p 8000:8000 --name test-container emotional-chat:latest | |
| sleep 10 | |
| curl -f http://localhost:8000/health || exit 1 | |
| docker stop test-container | |
| deploy-staging: | |
| name: Deploy to Staging | |
| runs-on: ubuntu-latest | |
| needs: [build] | |
| if: github.ref == 'refs/heads/develop' | |
| environment: staging | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Deploy to staging | |
| run: | | |
| echo "Deploying to staging environment..." | |
| # Add actual deployment commands here | |
| # Example: kubectl apply -f k8s/staging/ | |
| # Example: ansible-playbook deploy-staging.yml | |
| deploy-production: | |
| name: Deploy to Production | |
| runs-on: ubuntu-latest | |
| needs: [build] | |
| if: github.ref == 'refs/heads/main' | |
| environment: production | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Deploy to production | |
| run: | | |
| echo "Deploying to production environment..." | |
| # Add actual deployment commands here | |
| # Example: kubectl apply -f k8s/production/ | |
| # Example: ansible-playbook deploy-production.yml | |
| performance-test: | |
| name: Performance Test | |
| runs-on: ubuntu-latest | |
| needs: [deploy-staging] | |
| if: github.ref == 'refs/heads/develop' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install performance testing tools | |
| run: | | |
| pip install locust | |
| - name: Run performance tests | |
| run: | | |
| # Add performance test commands | |
| echo "Running performance tests..." | |
| # locust -f tests/performance/locustfile.py --host=https://staging-api.example.com | |
| notification: | |
| name: Notification | |
| runs-on: ubuntu-latest | |
| needs: [deploy-production, deploy-staging] | |
| if: always() | |
| steps: | |
| - name: Notify deployment status | |
| run: | | |
| if [ "${{ needs.deploy-production.result }}" == "success" ]; then | |
| echo "✅ Production deployment successful" | |
| elif [ "${{ needs.deploy-staging.result }}" == "success" ]; then | |
| echo "✅ Staging deployment successful" | |
| else | |
| echo "❌ Deployment failed" | |
| fi |