diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 2b20e73..6c34984 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -1,153 +1,175 @@ +# ============================================= +# Name: CodeCampus CI/CD Pipeline +# Description: +# This workflow performs CI/CD tasks including: +# - Testing and linting frontend/backend +# - Building applications +# - Building and pushing Docker images +# Triggers: +# - On push or pull request to main/sahil-dev/soro-dev branches +# - Manual trigger via workflow_dispatch +# ============================================= + name: CodeCampus CI/CD Pipeline on: push: - branches: [ main, sahil-dev ] + branches: [ main, sahil-dev ] # Trigger on push to main or sahil-dev pull_request: - branches: [ main, sahil-dev ] - workflow_dispatch: # Allow manual trigger + branches: [ main, sahil-dev ] # Trigger on PR to main or sahil-dev + workflow_dispatch: # Allow manual trigger from GitHub UI env: - NODE_VERSION: '18.x' + NODE_VERSION: '18.x' # Node.js version to use in all jobs jobs: + # ========================================================= # Job 1: Test & Quality Check (Backend) + # ========================================================= test-backend: name: ๐Ÿงช Test & Quality Check (backend) runs-on: ubuntu-latest - + steps: - name: ๐Ÿ“ฅ Checkout code - uses: actions/checkout@v4 - + uses: actions/checkout@v4 # Checkout the codebase + - name: ๐ŸŸข Setup Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@v4 + uses: actions/setup-node@v4 # Setup Node.js environment with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' cache-dependency-path: backend/package-lock.json - + - name: ๐Ÿ“ฆ Install dependencies working-directory: backend - run: npm ci - + run: npm ci # Clean install backend dependencies + - name: ๐Ÿ”ง TypeScript compilation check working-directory: backend - run: npx tsc --noEmit - + run: npx tsc --noEmit # Ensure TS compiles without errors + - name: ๐Ÿงช Run tests working-directory: backend - run: npm test -- --coverage --watchAll=false + run: npm test -- --coverage --watchAll=false # Run unit tests with coverage env: CI: true - + - name: ๐Ÿ”’ Security audit working-directory: backend - run: npm audit --audit-level high - continue-on-error: true + run: npm audit --audit-level high # Perform dependency audit + continue-on-error: true # Do not fail pipeline if vulnerabilities found + # ========================================================= # Job 2: Test & Quality Check (Frontend) + # ========================================================= test-frontend: name: ๐Ÿงช Test & Quality Check (frontend) runs-on: ubuntu-latest - + steps: - name: ๐Ÿ“ฅ Checkout code uses: actions/checkout@v4 - + - name: ๐ŸŸข Setup Node.js ${{ env.NODE_VERSION }} uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' cache-dependency-path: frontend/package-lock.json - + - name: ๐Ÿ“ฆ Install dependencies working-directory: frontend run: npm ci - + - name: ๐Ÿ” Run ESLint working-directory: frontend - run: npm run lint + run: npm run lint # Lint the codebase continue-on-error: true - + - name: ๐Ÿ”ง TypeScript compilation check working-directory: frontend run: npx tsc --noEmit - + - name: ๐Ÿงช Run tests working-directory: frontend run: npm test -- --coverage --watchAll=false env: CI: true - + - name: ๐Ÿ”’ Security audit working-directory: frontend run: npm audit --audit-level high continue-on-error: true + # ========================================================= # Job 3: Build Applications (Backend) + # Depends on: test-backend + # ========================================================= build-backend: name: ๐Ÿ—๏ธ Build Applications (backend) runs-on: ubuntu-latest - needs: test-backend - + needs: test-backend # Only run if backend tests pass + steps: - name: ๐Ÿ“ฅ Checkout code uses: actions/checkout@v4 - + - name: ๐ŸŸข Setup Node.js ${{ env.NODE_VERSION }} uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' cache-dependency-path: backend/package-lock.json - + - name: ๐Ÿ“ฆ Install dependencies working-directory: backend run: npm ci - + - name: ๐Ÿ—๏ธ Build backend working-directory: backend run: npm run build env: - NODE_ENV: production - + NODE_ENV: production # Ensure build uses production settings + - name: ๐Ÿ“„ Upload build artifacts uses: actions/upload-artifact@v4 with: name: build-backend path: backend/dist/ - retention-days: 30 + retention-days: 30 # Store build artifacts for 30 days + # ========================================================= # Job 4: Build Applications (Frontend) + # Depends on: test-frontend + # ========================================================= build-frontend: name: ๐Ÿ—๏ธ Build Applications (frontend) runs-on: ubuntu-latest needs: test-frontend - + steps: - name: ๐Ÿ“ฅ Checkout code uses: actions/checkout@v4 - + - name: ๐ŸŸข Setup Node.js ${{ env.NODE_VERSION }} uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' cache-dependency-path: frontend/package-lock.json - + - name: ๐Ÿ“ฆ Install dependencies working-directory: frontend run: npm ci - + - name: ๐Ÿ—๏ธ Build frontend working-directory: frontend run: npm run build env: NODE_ENV: production - NEXT_PUBLIC_API_URL: ${{ secrets.NEXT_PUBLIC_API_URL || 'http://localhost:5000' }} - + NEXT_PUBLIC_API_URL: ${{ secrets.NEXT_PUBLIC_API_URL || 'http://localhost:5000' }} # Use secret API URL or fallback + - name: ๐Ÿ“„ Upload build artifacts uses: actions/upload-artifact@v4 with: @@ -155,30 +177,34 @@ jobs: path: frontend/.next/ retention-days: 30 + # ========================================================= # Job 5: Build & Push Docker Images + # Only on push to main or sahil-dev + # Depends on: build-backend, build-frontend + # ========================================================= docker: name: ๐Ÿณ Build & Push Docker Images runs-on: ubuntu-latest needs: [build-backend, build-frontend] if: (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/sahil-dev') && github.event_name == 'push' - + strategy: matrix: - component: [backend, frontend] - + component: [backend, frontend] # Build both backend and frontend images + steps: - name: ๐Ÿ“ฅ Checkout code uses: actions/checkout@v4 - + - name: ๐Ÿณ Set up Docker Buildx uses: docker/setup-buildx-action@v3 - + - name: ๐Ÿ”‘ Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - + - name: ๐Ÿท๏ธ Generate tags and labels id: meta uses: docker/metadata-action@v5 @@ -189,16 +215,15 @@ jobs: type=ref,event=pr type=sha,prefix={{branch}}- type=raw,value=latest,enable={{is_default_branch}} - + - name: ๐Ÿ—๏ธ Build and push Docker image uses: docker/build-push-action@v5 with: context: ./${{ matrix.component }} file: ./${{ matrix.component }}/Dockerfile - push: true + push: true # Push image to Docker Hub tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha + cache-from: type=gha # Enable caching cache-to: type=gha,mode=max - platforms: linux/amd64,linux/arm64 - \ No newline at end of file + platforms: linux/amd64,linux/arm64 # Build for multiple platforms