Update ci.yml #15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Name of the workflow | |
| name: CI Pipeline | |
| # Events that trigger the workflow | |
| on: | |
| push: | |
| branches: [ main, develop ] # Trigger on push to main and develop branches | |
| pull_request: | |
| branches: [ main, develop ] # Trigger on pull request to main and develop branches | |
| # Define jobs in the workflow | |
| jobs: | |
| setup: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 # Checkout the repository code | |
| # Set up Python environment | |
| - name: Set up Python 3.11 | |
| uses: actions/setup-python@v3 | |
| with: | |
| python-version: 3.11 # Use Python version 3.11 | |
| # Install project dependencies | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip # Upgrade pip | |
| pip install -r requirements.txt # Install dependencies from requirements.txt | |
| test: | |
| needs: setup | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| - name: Set up Python 3.11 | |
| uses: actions/setup-python@v3 | |
| with: | |
| python-version: 3.11 | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| # Run test suite | |
| - name: Run tests | |
| run: | | |
| pytest # Execute tests using pytest | |
| security: | |
| needs: setup | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| - name: Set up Python 3.11 | |
| uses: actions/setup-python@v3 | |
| with: | |
| python-version: 3.11 | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| # Run security checks | |
| - name: Run security checks | |
| run: | | |
| pip install bandit # Install Bandit for security checks | |
| bandit -r . # Run Bandit on the codebase | |
| build: | |
| needs: [setup, test, security] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| - name: Set up Python 3.11 | |
| uses: actions/setup-python@v3 | |
| with: | |
| python-version: 3.11 | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| # Build the Docker image | |
| - name: Build Docker image | |
| run: | | |
| docker build -t transcendence . | |
| deploy: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| # Log in to Docker Hub | |
| - name: Deploy to Docker Hub | |
| env: | |
| DOCKER_HUB_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }} | |
| DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }} | |
| run: | | |
| echo "${DOCKER_HUB_PASSWORD}" | docker login -u "${DOCKER_HUB_USERNAME}" --password-stdin | |
| docker tag transcendence ${DOCKER_HUB_USERNAME}/transcendence:latest | |
| docker push ${DOCKER_HUB_USERNAME}/transcendence:latest | |
| # Deploy to the server | |
| - name: Deploy to server | |
| run: | | |
| ssh user@server "docker pull ${DOCKER_HUB_USERNAME}/transcendence:latest && docker-compose up --build -d" |