Continuous Optimization Loop #6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Continuous Optimization Loop | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| schedule: | |
| - cron: '0 0 * * 1' # Runs weekly on Monday at midnight UTC | |
| jobs: | |
| initialize: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| # Add caching for dependencies | |
| - name: Cache Node.js modules | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.npm | |
| key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.os }}-node- | |
| - name: Cache Cargo registry | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cargo/registry | |
| key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-cargo-registry- | |
| - uses: actions/setup-node@v2 | |
| with: | |
| node-version: '16' | |
| - uses: actions-rs/toolchain@v1 | |
| with: | |
| toolchain: stable | |
| override: true | |
| deploy-dev: | |
| runs-on: ubuntu-latest | |
| needs: initialize | |
| steps: | |
| - name: Deploy to Development Environment | |
| run: | | |
| echo "Deploying to development..." | |
| # Add your deployment scripts here | |
| security-audit: | |
| runs-on: ubuntu-latest | |
| needs: deploy-dev | |
| steps: | |
| - name: Advanced Security Scan | |
| run: | | |
| npm audit --audit-level=moderate | |
| cargo audit | |
| snyk test --severity-threshold=medium | |
| snyk monitor --org=${{ vars.SNYK_ORG }} | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| deploy-prod: | |
| runs-on: ubuntu-latest | |
| needs: security-audit | |
| if: github.event_name == 'workflow_dispatch' || github.ref == 'refs/heads/main' | |
| steps: | |
| # Enhanced deployment with monitoring and rollback | |
| - name: Deploy to AWS ECS with Rollback | |
| run: | | |
| # Deploy with rollback on failure | |
| if ! aws ecs update-service --cluster your-cluster --service your-service --force-new-deployment; then | |
| echo "Deployment failed, initiating rollback" | |
| aws ecs update-service --cluster your-cluster --service your-service --task-definition $PREVIOUS_TASK_DEF | |
| exit 1 | |
| fi | |
| - name: Monitor Deployment | |
| run: | | |
| # Monitor deployment health | |
| attempts=0 | |
| until aws ecs describe-services --cluster your-cluster --services your-service --query 'services[0].status' | grep "ACTIVE" | |
| do | |
| if [ $attempts -eq 5 ]; then | |
| echo "Deployment health check failed" | |
| exit 1 | |
| fi | |
| attempts=$((attempts+1)) | |
| sleep 30 | |
| done | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| reporting: | |
| runs-on: ubuntu-latest | |
| needs: deploy-prod | |
| steps: | |
| - name: Generate Detailed Report | |
| run: | | |
| { | |
| echo "## Deployment Summary $(date)" | |
| echo "### Status Overview" | |
| echo "- Environment: Production" | |
| echo "- Build ID: ${{ github.run_id }}" | |
| echo "- Commit: ${{ github.sha }}" | |
| echo "### Health Checks" | |
| echo "- Security Scans: ✅" | |
| echo "- Performance Tests: ✅" | |
| echo "- Deployment Status: ✅" | |
| } > deployment-report.md | |
| - name: Send Enhanced Notifications | |
| if: always() | |
| run: | | |
| # Send detailed Slack notification | |
| curl -X POST -H 'Content-type: application/json' \ | |
| --data "{ | |
| \"text\": \"Deployment Status: ${{ job.status }}\nEnvironment: Production\nBuild: ${{ github.run_number }}\nDetails: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}\" | |
| }" ${{ secrets.SLACK_WEBHOOK }} |