137 lines
3.5 KiB
YAML
137 lines
3.5 KiB
YAML
name: CI/CD Pipeline
|
|
|
|
on:
|
|
push:
|
|
branches: [ main, develop ]
|
|
pull_request:
|
|
branches: [ main, develop ]
|
|
|
|
jobs:
|
|
# Flutter Mobile App CI
|
|
flutter-test:
|
|
name: Flutter Tests
|
|
runs-on: ubuntu-latest
|
|
defaults:
|
|
run:
|
|
working-directory: ./mobile
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Setup Flutter
|
|
uses: subosito/flutter-action@v2
|
|
with:
|
|
flutter-version: '3.16.0'
|
|
channel: 'stable'
|
|
|
|
- name: Get dependencies
|
|
run: flutter pub get
|
|
|
|
- name: Analyze code
|
|
run: flutter analyze
|
|
|
|
- name: Run tests
|
|
run: flutter test
|
|
|
|
- name: Generate coverage
|
|
run: flutter test --coverage
|
|
|
|
- name: Upload coverage to Codecov
|
|
uses: codecov/codecov-action@v3
|
|
with:
|
|
file: ./mobile/coverage/lcov.info
|
|
|
|
# .NET Backend API CI
|
|
dotnet-test:
|
|
name: .NET Tests
|
|
runs-on: ubuntu-latest
|
|
defaults:
|
|
run:
|
|
working-directory: ./backend
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Setup .NET
|
|
uses: actions/setup-dotnet@v3
|
|
with:
|
|
dotnet-version: '8.0.x'
|
|
|
|
- name: Restore dependencies
|
|
run: dotnet restore
|
|
|
|
- name: Build
|
|
run: dotnet build --no-restore --configuration Release
|
|
|
|
- name: Test
|
|
run: dotnet test --no-build --configuration Release --verbosity normal --collect:"XPlat Code Coverage"
|
|
|
|
- name: Upload coverage to Codecov
|
|
uses: codecov/codecov-action@v3
|
|
with:
|
|
file: ./backend/TestResults/*/coverage.cobertura.xml
|
|
|
|
# Security and Quality Checks
|
|
security-scan:
|
|
name: Security Scan
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Run Trivy vulnerability scanner
|
|
uses: aquasecurity/trivy-action@master
|
|
with:
|
|
scan-type: 'fs'
|
|
scan-ref: '.'
|
|
format: 'sarif'
|
|
output: 'trivy-results.sarif'
|
|
|
|
- name: Upload Trivy scan results to GitHub Security tab
|
|
uses: github/codeql-action/upload-sarif@v2
|
|
with:
|
|
sarif_file: 'trivy-results.sarif'
|
|
|
|
# Build and Deploy to Staging (develop branch only)
|
|
deploy-staging:
|
|
name: Deploy to Staging
|
|
needs: [flutter-test, dotnet-test]
|
|
runs-on: ubuntu-latest
|
|
if: github.ref == 'refs/heads/develop' && github.event_name == 'push'
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Configure AWS credentials
|
|
uses: aws-actions/configure-aws-credentials@v2
|
|
with:
|
|
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
|
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
|
aws-region: us-west-2
|
|
|
|
- name: Deploy to staging
|
|
run: |
|
|
echo "Deploying to staging environment"
|
|
# Add actual deployment commands here
|
|
|
|
# Build and Deploy to Production (main branch only)
|
|
deploy-production:
|
|
name: Deploy to Production
|
|
needs: [flutter-test, dotnet-test, security-scan]
|
|
runs-on: ubuntu-latest
|
|
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
|
|
environment: production
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Configure AWS credentials
|
|
uses: aws-actions/configure-aws-credentials@v2
|
|
with:
|
|
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
|
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
|
aws-region: us-west-2
|
|
|
|
- name: Deploy to production
|
|
run: |
|
|
echo "Deploying to production environment"
|
|
# Add actual deployment commands here |