name: CI/CD Pipeline on: push: branches: [main, develop, '001-*'] pull_request: branches: [main, develop] jobs: # NixOS VM integration tests (PostgreSQL + MinIO native services) nixos-vm-tests: name: VM Test - ${{ matrix.test }} runs-on: nixos strategy: fail-fast: false matrix: test: - backend-integration - full-stack - performance - security steps: - name: Checkout repository uses: actions/checkout@v4 - name: Configure Attic cache run: | attic login lan http://127.0.0.1:2343 ${{ secrets.ATTIC_TOKEN }} - name: Run NixOS VM test run: | echo "Running ${{ matrix.test }} test..." nix build .#checks.x86_64-linux.${{ matrix.test }} --quiet --accept-flake-config - name: Push to Attic cache if: success() run: | nix build .#checks.x86_64-linux.${{ matrix.test }} --print-out-paths | attic push lan:webref --stdin # Quick checks (linting & formatting) lint: name: Linting & Formatting runs-on: nixos steps: - name: Checkout repository uses: actions/checkout@v4 - name: Configure Attic cache run: attic login lan http://127.0.0.1:2343 ${{ secrets.ATTIC_TOKEN }} - name: Backend - Ruff check run: nix develop --command bash -c "cd backend && ruff check app/" - name: Backend - Ruff format check run: nix develop --command bash -c "cd backend && ruff format --check app/" # Frontend linting temporarily disabled (Phase 3 - minimal frontend code) # Will re-enable when more frontend code is written (Phase 6+) # - name: Frontend - Install deps # run: nix develop --command bash -c "cd frontend && npm install --ignore-scripts" # # - name: Frontend - ESLint # run: nix develop --command bash -c "cd frontend && npm run lint" # # - name: Frontend - Prettier check # run: nix develop --command bash -c "cd frontend && npx prettier --check ." # # - name: Frontend - Svelte check # run: nix develop --command bash -c "cd frontend && npm run check" - name: Nix - Flake check run: nix flake check --quiet --accept-flake-config # Unit tests - DISABLED until tests are written (Phase 23) # unit-tests: # name: Unit Tests # runs-on: nixos # # steps: # - name: Checkout repository # uses: actions/checkout@v4 # # - name: Configure Attic cache # run: attic login lan http://127.0.0.1:2343 ${{ secrets.ATTIC_TOKEN }} # # - name: Backend unit tests # run: | # nix develop --command bash -c " # cd backend && # pytest tests/unit/ -v \ # --cov=app \ # --cov-report=xml \ # --cov-report=term-missing # " # # - name: Frontend - Install deps # run: nix develop --command bash -c "cd frontend && npm install --ignore-scripts" # # - name: Frontend unit tests # run: nix develop --command bash -c "cd frontend && npm run test:coverage" # Build packages build: name: Build Packages runs-on: nixos steps: - name: Checkout repository uses: actions/checkout@v4 - name: Configure Attic cache run: attic login lan http://127.0.0.1:2343 ${{ secrets.ATTIC_TOKEN }} - name: Build backend package run: | echo "Building backend package..." nix build .#backend --quiet --accept-flake-config - name: Push backend to Attic if: success() run: nix build .#backend --print-out-paths | attic push lan:webref --stdin - name: Build frontend package run: | echo "Building frontend package..." nix build .#frontend --quiet --accept-flake-config - name: Push frontend to Attic if: success() run: nix build .#frontend --print-out-paths | attic push lan:webref --stdin # Summary summary: name: CI Summary runs-on: nixos needs: [nixos-vm-tests, lint, unit-tests, build] if: always() steps: - name: Check results run: | echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "📊 CI Pipeline Results" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "NixOS VMs: ${{ needs.nixos-vm-tests.result }}" echo "Linting: ${{ needs.lint.result }}" echo "Unit Tests: ${{ needs.unit-tests.result }}" echo "Build: ${{ needs.build.result }}" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" if [[ "${{ needs.nixos-vm-tests.result }}" != "success" ]] || \ [[ "${{ needs.lint.result }}" != "success" ]] || \ [[ "${{ needs.unit-tests.result }}" != "success" ]] || \ [[ "${{ needs.build.result }}" != "success" ]]; then echo "❌ Pipeline Failed" exit 1 fi echo "✅ All Checks Passed"