Model changes #454

Workflow file for this run

	name: CI Pipeline

	on:
	push:
	pull_request:

	jobs:
	lint:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Set up Python
	uses: actions/setup-python@v4
	with:
	python-version: '3.13'

	- name: Cache pip dependencies
	uses: actions/cache@v3
	with:
	path: ~/.cache/pip
	key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
	restore-keys: \|
	${{ runner.os }}-pip-

	- name: Install dependencies
	run: \|
	python -m pip install --upgrade pip
	pip install -r requirements.txt
	pip install black ruff mypy

	- name: Run Ruff (auto-fix)
	run: ruff check --fix --output-format=github

	- name: Ruff lint (warnings only)
	run: ruff src/ --output-format=github \|\| true

	- name: Run mypy
	run: mypy src/ \|\| true

	security:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	steps:
	- uses: actions/checkout@v4

	- name: Set up Python
	uses: actions/setup-python@v4
	with:
	python-version: '3.13'

	- name: Install security tools
	run: \|
	python -m pip install --upgrade pip
	pip install bandit safety

	- name: Run bandit
	run: bandit -r src/ -f json -o bandit-report.json --skip B101 --exclude '_test.py,test_.py' --exit-zero

	- name: Verify bandit report exists
	run: \|
	ls -lah
	file bandit-report.json \|\| echo "Report missing!"

	- name: Upload bandit report
	uses: actions/upload-artifact@v4
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	name: bandit-report
	path: bandit-report.json

	- name: Run safety (Dependency Security)
	uses: pyupio/safety-action@v1
	with:
	api-key: ${{ secrets.SAFETY_API_KEY }}
	output-format: json
	args: --detailed-output --save-as json safety-report.json

	- name: Upload safety report
	uses: actions/upload-artifact@v4
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	name: safety-report
	path: safety-report.json

	docker:
	runs-on: ubuntu-latest
	env:
	DB_HOST: ${{ secrets.DB_HOST }}
	DB_PORT: ${{ secrets.DB_PORT }}
	DB_NAME: ${{ secrets.DB_NAME }}
	DB_USER: ${{ secrets.DB_USER }}
	DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
	steps:
	- uses: actions/checkout@v4

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Build Docker image
	run: \|
	docker build -t analytics-dashboard:test .

	- name: Test Docker image
	run: \|
	# Test that the container starts successfully
	docker run -d --name test-container analytics-dashboard:test
	sleep 10

	# Check if container is running
	if docker ps \| grep -q test-container; then
	echo "✅ Docker container started successfully"
	else
	echo "❌ Docker container failed to start"
	docker logs test-container
	exit 1
	fi

	# Cleanup
	docker stop test-container
	docker rm test-container

	test:
	runs-on: ubuntu-latest
	needs: docker

	steps:
	- uses: actions/checkout@v4

	- name: Build Docker container for tests
	run: \|
	docker build -t analytics-dashboard:test .

	- name: Run tests
	run: \|
	docker run --rm analytics-dashboard:test pytest --cov=src --cov-report=xml

	# Upload coverage XML as artifact
	- name: Upload coverage XML
	uses: actions/upload-artifact@v4
	with:
	name: coverage-xml
	path: coverage.xml

	# Upload HTML coverage report as artifact
	- name: Upload coverage HTML
	uses: actions/upload-artifact@v4
	with:
	name: coverage-html
	path: htmlcov

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Model changes #454

Workflow file

Model changes #454

Uh oh!

Workflow file for this run