Diablo_Rain/LifeRPG_v2.0
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
0f665c5f15
LifeRPG_v2.0/.github/workflows/ci-cd.yml
Copilot 90750ee8df
Strip emoji from docs, fix XSS/hashing vulnerabilities, remediate all failing CI checks (#1) 
* Initial plan

* Fix security vulnerabilities: MD5→SHA-256, XSS via dangerouslySetInnerHTML/innerHTML, insecure randomness, CodeQL config

Co-authored-by: TLimoges33 <125313326+TLimoges33@users.noreply.github.com>

* Clean up README: remove decorative emojis for a professional tone

Remove all emojis from section headers, list item prefixes, and
decorative positions. Replace  phase status markers with '(Complete)'
text. Keep the  in the final call-to-action line. No changes to
links, badges, code blocks, or technical content.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* docs: remove emoji characters from CONTRIBUTING.md

Remove all emoji from section headers and closing line while
preserving links, code blocks, and technical content.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* docs: remove emoji characters from documentation files

Remove all emoji characters from 8 documentation files in docs/.
Replace status-marker checkmarks () with '(Done)' text.
Remove decorative emojis from headers and body text entirely.
Preserve emojis inside code blocks unchanged.
Clean up trailing whitespace introduced by removals.

Files modified:
- DEPLOYMENT_GUIDE.md
- IMPLEMENTATION_PLAN.md
- MILESTONE_6_SUMMARY.md
- PRODUCTION_ROADMAP.md
- PROJECT_STATUS.md
- REPOSITORY_ENHANCEMENT.md
- ROADMAP.md
- SECURITY_AUDIT_ROADMAP.md

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* docs: remove emoji characters from documentation files

Remove all emoji characters from 9 markdown files while preserving
code block content (box-drawing characters, indentation). Emojis
removed from headers, list items, and body text across READMEs,
issue templates, PR template, runbook, and mobile docs.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* Remove excessive emoji from all documentation for professional presentation

Co-authored-by: TLimoges33 <125313326+TLimoges33@users.noreply.github.com>

* Fix PluginWidget initial state and remove || true from security audit steps

Co-authored-by: TLimoges33 <125313326+TLimoges33@users.noreply.github.com>

* Remediate all failing CI checks: update deprecated actions, fix npm vulnerabilities, fix migrations YAML

Co-authored-by: SynOSdev <257853113+SynOSdev@users.noreply.github.com>

* Fix all remaining CI failures: Node 18→20, fix test API contract, fix pytest version, fix Postgres health checks

Co-authored-by: SynOSdev <257853113+SynOSdev@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: TLimoges33 <125313326+TLimoges33@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: SynOSdev <257853113+SynOSdev@users.noreply.github.com>
2026-03-14 08:59:37 -04:00

222 lines
6.0 KiB
YAML
Raw Blame History

name: CI/CD Pipeline
on:
push:
branches: [master, develop]
pull_request:
branches: [master, develop]
jobs:
test-backend:
runs-on: ubuntu-latest
name: Backend Tests & AI Verification
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Cache Python packages
uses: actions/cache@v4
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements*.txt') }}
restore-keys: |
${{ runner.os }}-pip-
- name: Install system dependencies
run: |
sudo apt-get update
sudo apt-get install -y portaudio19-dev libgl1 libglib2.0-0
- name: Install Python dependencies
run: |
cd modern/backend
python -m pip install --upgrade pip
pip install -r requirements.txt
pip install -r requirements_ai.txt
pip install pytest pytest-asyncio pytest-cov
- name: Test AI Model Loading
run: |
cd modern/backend
python -c "
from huggingface_ai import HuggingFaceAI
import asyncio
async def test():
ai = HuggingFaceAI()
result = await ai.parse_habit_from_text('test habit')
print('✅ AI models loaded successfully')
print(f'Test result: {result}')
asyncio.run(test())
"
- name: Run Backend Tests
run: |
cd modern/backend
pytest tests/ -v --cov=. --cov-report=xml
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v5
with:
file: ./modern/backend/coverage.xml
flags: backend
name: backend-coverage
test-frontend:
runs-on: ubuntu-latest
name: Frontend Tests & Build
steps:
- uses: actions/checkout@v4
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: "20"
cache: "npm"
cache-dependency-path: "modern/frontend/package-lock.json"
- name: Install dependencies
run: |
cd modern/frontend
npm ci
- name: Build production bundle
run: |
cd modern/frontend
npm run build
- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: frontend-build
path: modern/frontend/dist/
retention-days: 7
security-scan:
runs-on: ubuntu-latest
name: Security Scanning
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: ["python", "javascript"]
steps:
- uses: actions/checkout@v4
- name: Set up Node.js
if: matrix.language == 'javascript'
uses: actions/setup-node@v4
with:
node-version: "20"
- name: Install npm dependencies
if: matrix.language == 'javascript'
run: |
cd modern/frontend
npm ci
- name: Run security audit (npm)
if: matrix.language == 'javascript'
run: |
cd modern/frontend
npm audit --audit-level=moderate
- name: Set up Python
if: matrix.language == 'python'
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Run security audit (pip)
if: matrix.language == 'python'
run: |
cd modern/backend
pip install safety
safety check -r requirements.txt -r requirements_ai.txt
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
- name: Autobuild
uses: github/codeql-action/autobuild@v3
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{ matrix.language }}"
deploy-preview:
if: github.event_name == 'pull_request'
needs: [test-backend, test-frontend]
runs-on: ubuntu-latest
name: Deploy Preview
steps:
- uses: actions/checkout@v4
- name: Deploy to Vercel Preview
uses: amondnet/vercel-action@v25
with:
vercel-token: ${{ secrets.VERCEL_TOKEN }}
github-token: ${{ secrets.GITHUB_TOKEN }}
vercel-args: "--prod"
vercel-org-id: ${{ secrets.ORG_ID}}
vercel-project-id: ${{ secrets.PROJECT_ID}}
working-directory: ./modern/frontend
deploy-production:
if: github.ref == 'refs/heads/master' && github.event_name == 'push'
needs: [test-backend, test-frontend, security-scan]
runs-on: ubuntu-latest
name: Deploy to Production
steps:
- uses: actions/checkout@v4
- name: Deploy Frontend to Vercel
uses: amondnet/vercel-action@v25
with:
vercel-token: ${{ secrets.VERCEL_TOKEN }}
github-token: ${{ secrets.GITHUB_TOKEN }}
vercel-args: "--prod"
vercel-org-id: ${{ secrets.ORG_ID}}
vercel-project-id: ${{ secrets.PROJECT_ID}}
working-directory: ./modern/frontend
- name: Deploy Backend to Railway
run: |
echo "Backend deployment would happen here"
echo "Using Railway CLI or API"
# railway deploy --service=liferpg-backend
- name: Create Release
if: github.event_name == 'push'
uses: softprops/action-gh-release@v2
with:
tag_name: v${{ github.run_number }}
name: Release v${{ github.run_number }}
body: |
## What's New
- Automated deployment from commit ${{ github.sha }}
- Backend and frontend updated
- AI models: HuggingFace Transformers
## Technical Details
- Build: ${{ github.run_number }}
- Commit: ${{ github.sha }}
- Branch: ${{ github.ref }}
draft: false
prerelease: false
Reference in New Issue View Git Blame Copy Permalink