oib/aitbc
1
0
Fork 0
Code Issues Pull Requests Actions 7 Packages Projects Releases Wiki Activity
Files
bb08070e0523ac5eb96846d3473d9aca6b4a3e1e
aitbc/.github/workflows/ci-cd.yml
dependabot[bot] bb08070e05 ci(deps): bump actions/download-artifact from 3 to 8 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 8.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v3...v8)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '8'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-03-08 10:27:15 +00:00

506 lines
14 KiB
YAML
Raw Blame History

name: AITBC CI/CD Pipeline
on:
push:
branches: [ main, develop, feature/*, hotfix/* ]
pull_request:
branches: [ main, develop ]
release:
types: [ published ]
env:
PYTHON_VERSION: "3.13"
NODE_VERSION: "18"
jobs:
# Code Quality and Testing
lint-and-test:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ["3.11", "3.12", "3.13"]
steps:
- name: Checkout code
uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v6
with:
python-version: ${{ matrix.python-version }}
- name: Cache pip dependencies
uses: actions/cache@v3
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ matrix.python-version }}-${{ hashFiles('**/requirements*.txt') }}
restore-keys: |
${{ runner.os }}-pip-${{ matrix.python-version }}-
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
pip install -r requirements-dev.txt
pip install -r requirements-test.txt
- name: Lint Python code
run: |
flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
black --check .
isort --check-only --diff .
mypy . --ignore-missing-imports
- name: Run unit tests
run: |
pytest tests/unit/ -v --cov=aitbc_cli --cov-report=xml --cov-report=html --cov-report=term
- name: Run integration tests
run: |
pytest tests/integration/ -v --tb=short
- name: Run performance tests
run: |
pytest tests/performance/ -v --tb=short
- name: Run security tests
run: |
pytest tests/security/ -v --tb=short
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
with:
file: ./coverage.xml
flags: unittests
name: codecov-umbrella
# CLI Testing
test-cli:
runs-on: ubuntu-latest
needs: lint-and-test
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: "3.13"
- name: Install CLI
run: |
cd cli
python -m pip install -e .
- name: Test CLI commands
run: |
cd cli
python -m aitbc_cli.main --help
python -m aitbc_cli.main wallet --help
python -m aitbc_cli.main blockchain --help
python -m aitbc_cli.main multisig --help
python -m aitbc_cli.main genesis-protection --help
python -m aitbc_cli.main transfer-control --help
python -m aitbc_cli.main compliance --help
python -m aitbc_cli.main exchange --help
python -m aitbc_cli.main oracle --help
python -m aitbc_cli.main market-maker --help
- name: Test CLI functionality
run: |
cd cli
python -m aitbc_cli.main --test-mode multisig create --threshold 3 --owners "owner1,owner2,owner3"
python -m aitbc_cli.main --test-mode transfer-control set-limit --wallet test_wallet --max-daily 1000
# Multi-Chain Service Testing
test-services:
runs-on: ubuntu-latest
needs: lint-and-test
services:
redis:
image: redis:7
ports:
- 6379:6379
postgres:
image: postgres:15
env:
POSTGRES_PASSWORD: postgres
POSTGRES_DB: aitbc_test
ports:
- 5432:5432
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: "3.13"
- name: Install dependencies
run: |
pip install -r requirements.txt
pip install -r requirements-dev.txt
pip install -r requirements-test.txt
- name: Test blockchain service
run: |
cd apps/blockchain-node
python -m pytest tests/ -v -k "test_blockchain"
- name: Test coordinator service
run: |
cd apps/coordinator-api
python -m pytest tests/ -v -k "test_coordinator"
- name: Test consensus service
run: |
cd apps/consensus-node
python -m pytest tests/ -v -k "test_consensus"
- name: Test network service
run: |
cd apps/network-node
python -m pytest tests/ -v -k "test_network"
- name: Test explorer service
run: |
cd apps/explorer
python -m pytest tests/ -v -k "test_explorer"
# Production Services Testing
test-production-services:
runs-on: ubuntu-latest
needs: lint-and-test
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: "3.13"
- name: Install dependencies
run: |
pip install -r requirements.txt
pip install -r requirements-dev.txt
pip install -r requirements-test.txt
- name: Test exchange service
run: |
cd apps/exchange-integration
python -m pytest tests/ -v -k "test_exchange"
- name: Test compliance service
run: |
cd apps/compliance-service
python -m pytest tests/ -v -k "test_compliance"
- name: Test trading engine
run: |
cd apps/trading-engine
python -m pytest tests/ -v -k "test_trading"
- name: Test plugin registry
run: |
cd apps/plugin-registry
python -m pytest tests/ -v -k "test_plugin_registry"
- name: Test plugin marketplace
run: |
cd apps/plugin-marketplace
python -m pytest tests/ -v -k "test_plugin_marketplace"
- name: Test global infrastructure
run: |
cd apps/global-infrastructure
python -m pytest tests/ -v -k "test_global_infrastructure"
- name: Test AI agents
run: |
cd apps/global-ai-agents
python -m pytest tests/ -v -k "test_ai_agents"
# Security Scanning
security-scan:
runs-on: ubuntu-latest
needs: lint-and-test
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
scan-ref: '.'
format: 'sarif'
output: 'trivy-results.sarif'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v4
with:
sarif_file: 'trivy-results.sarif'
- name: Run CodeQL Analysis
uses: github/codeql-action/analyze@v4
with:
languages: python
- name: Run Bandit security linter
run: |
pip install bandit
bandit -r . -f json -o bandit-report.json
bandit -r . -f text
- name: Run Safety check
run: |
pip install safety
safety check --json --output safety-report.json
- name: Run semgrep security scan
uses: semgrep/semgrep-action@v1
with:
config: >-
p:security
p:owertools
# Build and Package
build:
runs-on: ubuntu-latest
needs: [test-cli, test-services, test-production-services]
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: "3.13"
- name: Build CLI package
run: |
cd cli
python -m build
- name: Build services packages
run: |
for service in apps/*/; do
if [ -f "$service/pyproject.toml" ]; then
cd "$service"
python -m build
cd - > /dev/null
fi
done
- name: Upload build artifacts
uses: actions/upload-artifact@v3
with:
name: build-artifacts
path: |
cli/dist/*
apps/*/dist/*
retention-days: 30
# Deployment to Staging
deploy-staging:
runs-on: ubuntu-latest
needs: build
if: github.ref == 'refs/heads/develop'
environment: staging
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Download build artifacts
uses: actions/download-artifact@v8
with:
name: build-artifacts
- name: Deploy CLI to staging
run: |
echo "Deploying CLI to staging environment"
# Add actual deployment commands here
- name: Deploy services to staging
run: |
echo "Deploying services to staging environment"
# Add actual deployment commands here
- name: Run smoke tests on staging
run: |
echo "Running smoke tests on staging"
# Add smoke test commands here
# Deployment to Production
deploy-production:
runs-on: ubuntu-latest
needs: deploy-staging
if: github.event_name == 'release'
environment: production
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Download build artifacts
uses: actions/download-artifact@v8
with:
name: build-artifacts
- name: Deploy CLI to production
run: |
echo "Deploying CLI to production environment"
# Add actual deployment commands here
- name: Deploy services to production
run: |
echo "Deploying services to production environment"
# Add actual deployment commands here
- name: Run health checks on production
run: |
echo "Running health checks on production"
# Add health check commands here
- name: Notify deployment success
run: |
echo "Deployment to production completed successfully"
# Performance Testing
performance-test:
runs-on: ubuntu-latest
needs: deploy-staging
if: github.event_name == 'pull_request'
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: "3.13"
- name: Install dependencies
run: |
pip install -r requirements-test.txt
pip install locust
- name: Run performance tests
run: |
cd tests/performance
python -m pytest test_performance.py::TestPerformance::test_cli_performance -v
python -m pytest test_performance.py::TestPerformance::test_concurrent_cli_operations -v
- name: Run load tests
run: |
cd tests/performance
locust -f locustfile.py --headless -u 10 -r 1 -t 30s --host http://staging.aitbc.dev
# Documentation Generation
docs:
runs-on: ubuntu-latest
needs: lint-and-test
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: "3.13"
- name: Install documentation dependencies
run: |
pip install sphinx sphinx-rtd-theme myst-parser
- name: Generate documentation
run: |
cd docs
make html
- name: Deploy documentation
uses: peaceiris/actions-gh-pages@v3
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: ./docs/_build/html
# Release Management
release:
runs-on: ubuntu-latest
needs: [build, security-scan]
if: github.event_name == 'release'
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Download build artifacts
uses: actions/download-artifact@v8
with:
name: build-artifacts
- name: Create Release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: AITBC Release ${{ github.ref }}
draft: false
prerelease: false
- name: Upload CLI Release Asset
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: cli/dist/*
asset_name: aitbc-cli-${{ github.ref_name }}.tar.gz
asset_content_type: application/gzip
- name: Upload Services Release Asset
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: apps/*/dist/*
asset_name: aitbc-services-${{ github.ref_name }}.tar.gz
asset_content_type: application/gzip
# Notification
notify:
runs-on: ubuntu-latest
needs: [lint-and-test, test-cli, test-services, test-production-services, security-scan]
if: always()
steps:
- name: Notify on success
if: needs.lint-and-test.result == 'success' && needs.test-cli.result == 'success' && needs.test-services.result == 'success' && needs.test-production-services.result == 'success' && needs.security-scan.result == 'success'
run: |
echo "✅ All tests passed successfully!"
# Add Slack/Discord notification here
- name: Notify on failure
if: needs.lint-and-test.result == 'failure' || needs.test-cli.result == 'failure' || needs.test-services.result == 'failure' || needs.test-production-services.result == 'failure' || needs.security-scan.result == 'failure'
run: |
echo "❌ Some tests failed!"
# Add Slack/Discord notification here
Reference in New Issue View Git Blame Copy Permalink