Samir Boulahtit
e9253fbd84
Replace all ~1,086 occurrences of Wizamart/wizamart/WIZAMART/WizaMart with Orion/orion/ORION across 184 files. This includes database identifiers, email addresses, domain references, R2 bucket names, DNS prefixes, encryption salt, Celery app name, config defaults, Docker configs, CI configs, documentation, seed data, and templates. Renames homepage-wizamart.html template to homepage-orion.html. Fixes duplicate file_pattern key in api.yaml architecture rule. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
184 lines
5.2 KiB
YAML
184 lines
5.2 KiB
YAML
# Gitea Actions CI/CD Configuration
|
|
# ==================================
|
|
# Equivalent of the GitLab CI pipeline, using GitHub Actions-compatible syntax.
|
|
# Requires Gitea 1.19+ with Actions enabled.
|
|
|
|
name: CI
|
|
|
|
on:
|
|
push:
|
|
branches: [master]
|
|
pull_request:
|
|
branches: [master]
|
|
|
|
env:
|
|
PYTHON_VERSION: "3.11"
|
|
|
|
jobs:
|
|
# ---------------------------------------------------------------------------
|
|
# Lint
|
|
# ---------------------------------------------------------------------------
|
|
ruff:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: actions/setup-python@v5
|
|
with:
|
|
python-version: ${{ env.PYTHON_VERSION }}
|
|
|
|
- name: Install uv
|
|
run: pip install uv
|
|
|
|
- name: Install dependencies
|
|
run: uv pip install --system -r requirements.txt -r requirements-dev.txt
|
|
|
|
- name: Run ruff
|
|
run: ruff check .
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Tests
|
|
# ---------------------------------------------------------------------------
|
|
pytest:
|
|
runs-on: ubuntu-latest
|
|
services:
|
|
postgres:
|
|
image: postgres:15
|
|
env:
|
|
POSTGRES_DB: orion_test
|
|
POSTGRES_USER: test_user
|
|
POSTGRES_PASSWORD: test_password
|
|
options: >-
|
|
--health-cmd "pg_isready -U test_user -d orion_test"
|
|
--health-interval 10s
|
|
--health-timeout 5s
|
|
--health-retries 5
|
|
|
|
env:
|
|
# act_runner executes jobs in Docker containers on the same network as services,
|
|
# so use the service name (postgres) as hostname with the internal port (5432)
|
|
TEST_DATABASE_URL: "postgresql://test_user:test_password@postgres:5432/orion_test"
|
|
DATABASE_URL: "postgresql://test_user:test_password@postgres:5432/orion_test"
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: actions/setup-python@v5
|
|
with:
|
|
python-version: ${{ env.PYTHON_VERSION }}
|
|
|
|
- name: Install uv
|
|
run: pip install uv
|
|
|
|
- name: Install dependencies
|
|
run: uv pip install --system -r requirements.txt -r requirements-test.txt
|
|
|
|
- name: Run tests
|
|
run: python -m pytest tests/ -v --tb=short
|
|
|
|
architecture:
|
|
runs-on: ubuntu-latest
|
|
env:
|
|
DATABASE_URL: "postgresql://dummy:dummy@localhost:5432/dummy"
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: actions/setup-python@v5
|
|
with:
|
|
python-version: ${{ env.PYTHON_VERSION }}
|
|
|
|
- name: Install uv
|
|
run: pip install uv
|
|
|
|
- name: Install dependencies
|
|
run: uv pip install --system -r requirements.txt
|
|
|
|
- name: Validate architecture
|
|
run: python scripts/validate/validate_architecture.py
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Security (non-blocking)
|
|
# ---------------------------------------------------------------------------
|
|
dependency-scanning:
|
|
runs-on: ubuntu-latest
|
|
continue-on-error: true
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: actions/setup-python@v5
|
|
with:
|
|
python-version: ${{ env.PYTHON_VERSION }}
|
|
|
|
- name: Install pip-audit
|
|
run: pip install pip-audit
|
|
|
|
- name: Run pip-audit
|
|
run: pip-audit --requirement requirements.txt || true
|
|
|
|
audit:
|
|
runs-on: ubuntu-latest
|
|
continue-on-error: true
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: actions/setup-python@v5
|
|
with:
|
|
python-version: ${{ env.PYTHON_VERSION }}
|
|
|
|
- name: Install uv
|
|
run: pip install uv
|
|
|
|
- name: Install dependencies
|
|
run: uv pip install --system -r requirements.txt -r requirements-dev.txt
|
|
|
|
- name: Run audit
|
|
run: python scripts/validate/validate_audit.py
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Build (docs - only on push to master)
|
|
# ---------------------------------------------------------------------------
|
|
docs:
|
|
runs-on: ubuntu-latest
|
|
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
|
|
needs: [ruff, pytest, architecture]
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: actions/setup-python@v5
|
|
with:
|
|
python-version: ${{ env.PYTHON_VERSION }}
|
|
|
|
- name: Install uv
|
|
run: pip install uv
|
|
|
|
- name: Install dependencies
|
|
run: uv pip install --system -r requirements.txt -r requirements-docs.txt
|
|
|
|
- name: Build docs
|
|
run: mkdocs build
|
|
|
|
- name: Upload docs artifact
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: docs-site
|
|
path: site/
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Deploy (master-only, after lint + tests + architecture pass)
|
|
# ---------------------------------------------------------------------------
|
|
deploy:
|
|
runs-on: ubuntu-latest
|
|
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
|
|
needs: [ruff, pytest, architecture]
|
|
steps:
|
|
- name: Deploy to production
|
|
uses: appleboy/ssh-action@v1
|
|
with:
|
|
host: ${{ secrets.DEPLOY_HOST }}
|
|
username: ${{ secrets.DEPLOY_USER }}
|
|
key: ${{ secrets.DEPLOY_SSH_KEY }}
|
|
port: 22
|
|
command_timeout: 10m
|
|
script: cd ${{ secrets.DEPLOY_PATH }} && bash scripts/deploy.sh
|