Skip to content

feat: Comprehensive Platform Audit — Wire Orphan Services, Add CRM/Billing/Mobile Money, Fix Mocks, Flutter Parity #22

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
devin-ai-integration wants to merge 1 commit into
base: devin/1777739786-production-ready-platform
Choose a base branch
from
Open

feat: Comprehensive Platform Audit — Wire Orphan Services, Add CRM/Billing/Mobile Money, Fix Mocks, Flutter Parity #22

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
384 changes: 384 additions & 0 deletions .github/workflows/ci-cd.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,384 @@
name: Banking-CRM Integration CI/CD

on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main, develop ]
release:
types: [ published ]

env:
REGISTRY: ghcr.io
GO_VERSION: '1.21'
PYTHON_VERSION: '3.11'
NODE_VERSION: '18'

jobs:
lint:
name: Lint Code
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}

- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}

- name: Set up Node.js
uses: actions/setup-node@v3
with:
node-version: ${{ env.NODE_VERSION }}

- name: Install Go linters
run: |
go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest

- name: Install Python linters
run: |
python -m pip install --upgrade pip
pip install flake8 black isort mypy

- name: Lint Go code
run: |
golangci-lint run ./go/...

- name: Lint Python code
run: |
flake8 ./python/
black --check ./python/
isort --check ./python/
mypy ./python/

test:
name: Run Tests
runs-on: ubuntu-latest
needs: lint
steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}

- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}

- name: Install Go dependencies
run: |
go mod download

- name: Install Python dependencies
run: |
python -m pip install --upgrade pip
pip install -r python/ai_integration/requirements.txt
pip install pytest pytest-cov

- name: Run Go tests
run: |
go test -v -race -coverprofile=coverage.txt -covermode=atomic ./go/...

- name: Run Python tests
run: |
pytest python/ai_integration/tests/ --cov=python/ai_integration --cov-report=xml

- name: Upload coverage reports
uses: codecov/codecov-action@v3
with:
files: ./coverage.txt,./coverage.xml
fail_ci_if_error: true

build:
name: Build Images
runs-on: ubuntu-latest
needs: test
strategy:
matrix:
service: [banking-service, crm-service, ai-service, fluvio-service, temporal-service]
steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2

- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Extract metadata
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.REGISTRY }}/${{ github.repository }}/${{ matrix.service }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=sha,format=short

- name: Build and push
uses: docker/build-push-action@v4
with:
context: .
file: ./${{ matrix.service }}/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max

scan:
name: Security Scan
runs-on: ubuntu-latest
needs: build
if: github.event_name != 'pull_request'
steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: ${{ env.REGISTRY }}/${{ github.repository }}/banking-service:sha-${{ github.sha }}
format: 'sarif'
output: 'trivy-results.sarif'

- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivy-results.sarif'

deploy-dev:
name: Deploy to Development
runs-on: ubuntu-latest
needs: scan
if: github.ref == 'refs/heads/develop'
environment: development
steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Set up kubectl
uses: azure/setup-kubectl@v3
with:
version: 'latest'

- name: Set up Helm
uses: azure/setup-helm@v3
with:
version: 'latest'

- name: Configure Kubernetes context
uses: azure/k8s-set-context@v3
with:
kubeconfig: ${{ secrets.KUBE_CONFIG_DEV }}

- name: Deploy to development
run: |
./scripts/deploy-all.sh --environment development

- name: Run integration tests
run: |
./scripts/run-integration-tests.sh --environment development

deploy-staging:
name: Deploy to Staging
runs-on: ubuntu-latest
needs: deploy-dev
if: github.ref == 'refs/heads/main'
environment: staging
steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Set up kubectl
uses: azure/setup-kubectl@v3
with:
version: 'latest'

- name: Set up Helm
uses: azure/setup-helm@v3
with:
version: 'latest'

- name: Configure Kubernetes context
uses: azure/k8s-set-context@v3
with:
kubeconfig: ${{ secrets.KUBE_CONFIG_STAGING }}

- name: Deploy to staging
run: |
./scripts/deploy-all.sh --environment staging

- name: Run integration tests
run: |
./scripts/run-integration-tests.sh --environment staging

- name: Run performance tests
run: |
./scripts/run-performance-tests.sh --environment staging

deploy-production:
name: Deploy to Production
runs-on: ubuntu-latest
needs: deploy-staging
if: github.event_name == 'release' && github.event.action == 'published'
environment: production
steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Set up kubectl
uses: azure/setup-kubectl@v3
with:
version: 'latest'

- name: Set up Helm
uses: azure/setup-helm@v3
with:
version: 'latest'

- name: Configure Kubernetes context
uses: azure/k8s-set-context@v3
with:
kubeconfig: ${{ secrets.KUBE_CONFIG_PROD }}

- name: Deploy to production
run: |
./scripts/deploy-all.sh --environment production

- name: Verify deployment
run: |
./scripts/verify-deployment.sh --environment production

notify:
name: Send Notifications
runs-on: ubuntu-latest
needs: [deploy-dev, deploy-staging, deploy-production]
if: always()
steps:
- name: Notify on success
if: ${{ success() }}
uses: slackapi/slack-github-action@v1.23.0
with:
payload: |
{
"text": "✅ CI/CD pipeline completed successfully for ${{ github.repository }}",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "✅ *CI/CD pipeline completed successfully*"
}
},
{
"type": "section",
"fields": [
{
"type": "mrkdwn",
"text": "*Repository:*\n${{ github.repository }}"
},
{
"type": "mrkdwn",
"text": "*Branch:*\n${{ github.ref_name }}"
},
{
"type": "mrkdwn",
"text": "*Commit:*\n${{ github.sha }}"
},
{
"type": "mrkdwn",
"text": "*Triggered by:*\n${{ github.actor }}"
}
]
},
{
"type": "actions",
"elements": [
{
"type": "button",
"text": {
"type": "plain_text",
"text": "View Workflow"
},
"url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
}
]
}
]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK

- name: Notify on failure
if: ${{ failure() }}
uses: slackapi/slack-github-action@v1.23.0
with:
payload: |
{
"text": "❌ CI/CD pipeline failed for ${{ github.repository }}",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "❌ *CI/CD pipeline failed*"
}
},
{
"type": "section",
"fields": [
{
"type": "mrkdwn",
"text": "*Repository:*\n${{ github.repository }}"
},
{
"type": "mrkdwn",
"text": "*Branch:*\n${{ github.ref_name }}"
},
{
"type": "mrkdwn",
"text": "*Commit:*\n${{ github.sha }}"
},
{
"type": "mrkdwn",
"text": "*Triggered by:*\n${{ github.actor }}"
}
]
},
{
"type": "actions",
"elements": [
{
"type": "button",
"text": {
"type": "plain_text",
"text": "View Workflow"
},
"url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
}
]
}
]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK

Loading