Merge pull request #230 from ahmadogo/quest #154
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| on: | |
| push: | |
| branches: [main, develop, 'feat/**'] | |
| pull_request: | |
| branches: [main, develop] | |
| env: | |
| NODE_VERSION: '18.x' | |
| POSTGRES_VERSION: '14' | |
| jobs: | |
| # Code Quality Checks | |
| lint-and-format: | |
| name: π§Ή Code Quality | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: π₯ Checkout code | |
| uses: actions/checkout@v4 | |
| - name: π¦ Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'npm' | |
| - name: π Install dependencies | |
| run: npm ci | |
| - name: π Run ESLint | |
| run: npm run lint | |
| - name: π¨ Check code formatting | |
| run: npm run format:check | |
| - name: π Run type checking | |
| run: npm run type-check | |
| # Security Audit | |
| security-audit: | |
| name: π Security Audit | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: π₯ Checkout code | |
| uses: actions/checkout@v4 | |
| - name: π¦ Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'npm' | |
| - name: π Run security audit | |
| run: npm audit --audit-level=moderate | |
| - name: π‘οΈ Run dependency vulnerability scan | |
| run: | | |
| npx audit-ci --moderate | |
| continue-on-error: true | |
| # Unit Tests | |
| unit-tests: | |
| name: π§ͺ Unit Tests | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| node-version: ['16.x', '18.x', '20.x'] | |
| steps: | |
| - name: π₯ Checkout code | |
| uses: actions/checkout@v4 | |
| - name: π¦ Setup Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| cache: 'npm' | |
| - name: π Install dependencies | |
| run: npm ci | |
| - name: π§ͺ Run unit tests | |
| run: npm run test:unit | |
| env: | |
| NODE_ENV: test | |
| - name: π Generate coverage report | |
| run: npm run test:cov | |
| - name: βοΈ Upload coverage to Codecov | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| file: ./coverage/lcov.info | |
| flags: unit-tests | |
| name: unit-tests-${{ matrix.node-version }} | |
| # Integration Tests | |
| integration-tests: | |
| name: π Integration Tests | |
| runs-on: ubuntu-latest | |
| services: | |
| postgres: | |
| image: postgres:14 | |
| env: | |
| POSTGRES_USER: test_user | |
| POSTGRES_PASSWORD: test_password | |
| POSTGRES_DB: quest_service_test | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| ports: | |
| - 5432:5432 | |
| redis: | |
| image: redis:7-alpine | |
| options: >- | |
| --health-cmd "redis-cli ping" | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| ports: | |
| - 6379:6379 | |
| steps: | |
| - name: π₯ Checkout code | |
| uses: actions/checkout@v4 | |
| - name: π¦ Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'npm' | |
| - name: π Install dependencies | |
| run: npm ci | |
| - name: ποΈ Run database migrations | |
| run: npm run migration:run | |
| env: | |
| DATABASE_HOST: localhost | |
| DATABASE_PORT: 5432 | |
| DATABASE_USER: test_user | |
| DATABASE_PASSWORD: test_password | |
| DATABASE_NAME: quest_service_test | |
| - name: π Run integration tests | |
| run: npm run test:integration | |
| env: | |
| NODE_ENV: test | |
| DATABASE_HOST: localhost | |
| DATABASE_PORT: 5432 | |
| DATABASE_USER: test_user | |
| DATABASE_PASSWORD: test_password | |
| DATABASE_NAME: quest_service_test | |
| REDIS_HOST: localhost | |
| REDIS_PORT: 6379 | |
| JWT_SECRET: test-jwt-secret-key-for-ci | |
| - name: π Upload integration test coverage | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| file: ./coverage/lcov.info | |
| flags: integration-tests | |
| name: integration-tests | |
| # End-to-End Tests | |
| e2e-tests: | |
| name: π E2E Tests | |
| runs-on: ubuntu-latest | |
| services: | |
| postgres: | |
| image: postgres:14 | |
| env: | |
| POSTGRES_USER: test_user | |
| POSTGRES_PASSWORD: test_password | |
| POSTGRES_DB: quest_service_e2e | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| ports: | |
| - 5432:5432 | |
| redis: | |
| image: redis:7-alpine | |
| options: >- | |
| --health-cmd "redis-cli ping" | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| ports: | |
| - 6379:6379 | |
| steps: | |
| - name: π₯ Checkout code | |
| uses: actions/checkout@v4 | |
| - name: π¦ Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'npm' | |
| - name: π Install dependencies | |
| run: npm ci | |
| - name: ποΈ Build application | |
| run: npm run build | |
| - name: ποΈ Setup test database | |
| run: | | |
| npm run migration:run | |
| npm run seed:run | |
| env: | |
| DATABASE_HOST: localhost | |
| DATABASE_PORT: 5432 | |
| DATABASE_USER: test_user | |
| DATABASE_PASSWORD: test_password | |
| DATABASE_NAME: quest_service_e2e | |
| - name: π Run E2E tests | |
| run: npm run test:e2e | |
| env: | |
| NODE_ENV: test | |
| DATABASE_HOST: localhost | |
| DATABASE_PORT: 5432 | |
| DATABASE_USER: test_user | |
| DATABASE_PASSWORD: test_password | |
| DATABASE_NAME: quest_service_e2e | |
| REDIS_HOST: localhost | |
| REDIS_PORT: 6379 | |
| JWT_SECRET: test-jwt-secret-key-for-e2e | |
| - name: πΈ Upload E2E test artifacts | |
| uses: actions/upload-artifact@v3 | |
| if: failure() | |
| with: | |
| name: e2e-test-results | |
| path: | | |
| test-results/ | |
| screenshots/ | |
| videos/ | |
| # Performance Tests | |
| performance-tests: | |
| name: β‘ Performance Tests | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/develop') | |
| services: | |
| postgres: | |
| image: postgres:14 | |
| env: | |
| POSTGRES_USER: perf_user | |
| POSTGRES_PASSWORD: perf_password | |
| POSTGRES_DB: quest_service_perf | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| ports: | |
| - 5432:5432 | |
| steps: | |
| - name: π₯ Checkout code | |
| uses: actions/checkout@v4 | |
| - name: π¦ Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'npm' | |
| - name: π Install dependencies | |
| run: npm ci | |
| - name: ποΈ Build application | |
| run: npm run build | |
| - name: ποΈ Setup performance database | |
| run: | | |
| npm run migration:run | |
| npm run seed:perf | |
| env: | |
| DATABASE_HOST: localhost | |
| DATABASE_PORT: 5432 | |
| DATABASE_USER: perf_user | |
| DATABASE_PASSWORD: perf_password | |
| DATABASE_NAME: quest_service_perf | |
| - name: β‘ Run performance tests | |
| run: npm run test:performance | |
| env: | |
| DATABASE_HOST: localhost | |
| DATABASE_PORT: 5432 | |
| DATABASE_USER: perf_user | |
| DATABASE_PASSWORD: perf_password | |
| DATABASE_NAME: quest_service_perf | |
| - name: π Upload performance results | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: performance-results | |
| path: performance-results/ | |
| # Build and Push Docker Image | |
| build-and-push: | |
| name: π³ Build & Push Docker Image | |
| runs-on: ubuntu-latest | |
| needs: [lint-and-format, unit-tests, integration-tests] | |
| if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/develop') | |
| steps: | |
| - name: π₯ Checkout code | |
| uses: actions/checkout@v4 | |
| - name: π Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: π·οΈ Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: quest-service | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=sha | |
| - name: ποΈ Build and push Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| # Deploy to Staging | |
| deploy-staging: | |
| name: π Deploy to Staging | |
| runs-on: ubuntu-latest | |
| needs: [e2e-tests, build-and-push] | |
| if: github.ref == 'refs/heads/develop' | |
| environment: staging | |
| steps: | |
| - name: π₯ Checkout code | |
| uses: actions/checkout@v4 | |
| - name: π Deploy to staging | |
| run: | | |
| echo "Deploying to staging environment..." | |
| # Add actual deployment commands here | |
| # e.g., kubectl apply, helm upgrade, etc. | |
| env: | |
| STAGING_KUBECONFIG: ${{ secrets.STAGING_KUBECONFIG }} | |
| - name: π§ͺ Run smoke tests | |
| run: | | |
| echo "Running smoke tests against staging..." | |
| # Add smoke test commands here | |
| npm run test:smoke -- --env=staging | |
| env: | |
| STAGING_API_URL: ${{ secrets.STAGING_API_URL }} | |
| # Deploy to Production | |
| deploy-production: | |
| name: π Deploy to Production | |
| runs-on: ubuntu-latest | |
| needs: [e2e-tests, build-and-push, performance-tests] | |
| if: github.ref == 'refs/heads/main' | |
| environment: production | |
| steps: | |
| - name: π₯ Checkout code | |
| uses: actions/checkout@v4 | |
| - name: π Deploy to production | |
| run: | | |
| echo "Deploying to production environment..." | |
| # Add actual deployment commands here | |
| env: | |
| PRODUCTION_KUBECONFIG: ${{ secrets.PRODUCTION_KUBECONFIG }} | |
| - name: π§ͺ Run production smoke tests | |
| run: | | |
| echo "Running smoke tests against production..." | |
| npm run test:smoke -- --env=production | |
| env: | |
| PRODUCTION_API_URL: ${{ secrets.PRODUCTION_API_URL }} | |
| - name: π’ Notify deployment success | |
| uses: 8398a7/action-slack@v3 | |
| with: | |
| status: success | |
| text: 'π Quest Service successfully deployed to production!' | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| # Cleanup | |
| cleanup: | |
| name: π§Ή Cleanup | |
| runs-on: ubuntu-latest | |
| needs: [deploy-staging, deploy-production] | |
| if: always() | |
| steps: | |
| - name: π§Ή Clean up old artifacts | |
| run: | | |
| echo "Cleaning up old build artifacts..." | |
| # Add cleanup commands here | |
| - name: π Update deployment metrics | |
| run: | | |
| echo "Updating deployment metrics..." | |
| # Add metrics update commands here |