Skip to content
CI/CD Pipeline

CI/CD Pipeline #1

Sign in to view logs

CI/CD Pipeline

CI/CD Pipeline #1

Workflow file for this run

.github/workflows/ci-cd.yml at ca5c422
name: CI/CD Pipeline
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main, develop ]
release:
types: [published]
jobs:
test:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
python-version: [3.8, 3.9, "3.10", "3.11"]
exclude:
# Exclude some combinations to reduce job count
- os: macos-latest
python-version: 3.8
- os: windows-latest
python-version: 3.8
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- name: Install system dependencies (Ubuntu)
if: matrix.os == 'ubuntu-latest'
run: |
sudo apt-get update
sudo apt-get install -y ffmpeg libsm6 libxext6 libxrender-dev libglib2.0-0
sudo apt-get install -y cmake build-essential
- name: Install system dependencies (macOS)
if: matrix.os == 'macos-latest'
run: |
brew install ffmpeg cmake
- name: Install system dependencies (Windows)
if: matrix.os == 'windows-latest'
run: |
choco install ffmpeg cmake
- name: Cache pip dependencies
uses: actions/cache@v3
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
restore-keys: |
${{ runner.os }}-pip-
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -e .[dev]
- name: Lint with flake8
run: |
flake8 src tests --count --select=E9,F63,F7,F82 --show-source --statistics
flake8 src tests --count --exit-zero --max-complexity=10 --max-line-length=88 --statistics
- name: Format check with black
run: |
black --check src tests
- name: Type check with mypy
run: |
mypy src
- name: Test with pytest
run: |
pytest tests/ -v --cov=src --cov-report=xml --cov-report=term-missing
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
with:
file: ./coverage.xml
flags: unittests
name: codecov-umbrella
fail_ci_if_error: false
integration-test:
runs-on: ubuntu-latest
needs: test
if: github.event_name == 'push' || github.event_name == 'pull_request'
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.9
uses: actions/setup-python@v4
with:
python-version: 3.9
- name: Install system dependencies
run: |
sudo apt-get update
sudo apt-get install -y ffmpeg libsm6 libxext6 libxrender-dev libglib2.0-0
sudo apt-get install -y cmake build-essential
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -e .[all]
- name: Download test data
run: |
# Create test data directory
mkdir -p tests/data
# Download sample video (replace with actual test data)
curl -o tests/data/sample_video.mp4 "https://sample-videos.com/zip/10/mp4/SampleVideo_360x240_1mb.mp4"
- name: Run integration tests
run: |
pytest tests/ -v -m integration --cov=src --cov-report=xml
- name: Test CLI interface
run: |
uv run python -m src.cli --help
uv run python -m src.cli server --help
performance-test:
runs-on: ubuntu-latest
needs: test
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.9
uses: actions/setup-python@v4
with:
python-version: 3.9
- name: Install system dependencies
run: |
sudo apt-get update
sudo apt-get install -y ffmpeg libsm6 libxext6 libxrender-dev libglib2.0-0
sudo apt-get install -y cmake build-essential
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -e .[all]
- name: Download test data
run: |
mkdir -p tests/data
curl -o tests/data/sample_video.mp4 "https://sample-videos.com/zip/10/mp4/SampleVideo_360x240_1mb.mp4"
- name: Run performance tests
run: |
pytest tests/ -v -m performance --benchmark-only --benchmark-json=benchmark.json
- name: Store benchmark result
uses: benchmark-action/github-action-benchmark@v1
with:
name: Python Benchmark
tool: 'pytest'
output-file-path: benchmark.json
github-token: ${{ secrets.GITHUB_TOKEN }}
auto-push: true
security-scan:
runs-on: ubuntu-latest
needs: test
steps:
- uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
scan-ref: '.'
format: 'sarif'
output: 'trivy-results.sarif'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivy-results.sarif'
build-and-publish:
runs-on: ubuntu-latest
needs: [test, integration-test]
if: github.event_name == 'release' && github.event.action == 'published'
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.9
uses: actions/setup-python@v4
with:
python-version: 3.9
- name: Install build dependencies
run: |
python -m pip install --upgrade pip
pip install build twine
- name: Build package
run: |
python -m build
- name: Check package
run: |
twine check dist/*
- name: Publish to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}
docker-build:
runs-on: ubuntu-latest
needs: [test, integration-test]
if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/develop')
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v4
with:
images: videoannotator/videoannotator
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=raw,value=latest,enable={{is_default_branch}}
- name: Build and push Docker image
uses: docker/build-push-action@v4
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max