Skip to content
CI/CD Pipeline

chore(deps): update email-validator requirement from >=2.0.0 to >=2.3.0 in /backend #551

Sign in to view logs

chore(deps): update email-validator requirement from >=2.0.0 to >=2.3.0 in /backend

chore(deps): update email-validator requirement from >=2.0.0 to >=2.3.0 in /backend #551

Workflow file for this run

.github/workflows/ci.yml at 9572b77
name: CI/CD Pipeline
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main ]
# Explicit permissions for security (CodeQL requirement)
permissions:
contents: read
jobs:
# Detect which paths changed
changes:
runs-on: ubuntu-latest
outputs:
backend: ${{ steps.filter.outputs.backend }}
frontend: ${{ steps.filter.outputs.frontend }}
mcp: ${{ steps.filter.outputs.mcp }}
steps:
- uses: actions/checkout@v4
- uses: dorny/paths-filter@v3
id: filter
with:
filters: |
backend:
- 'backend/**'
- 'railway.json'
frontend:
- 'frontend/**'
mcp:
- 'mcp-server/**'
- 'supabase/migrations/**'
test-backend:
name: Backend Tests
needs: changes
if: ${{ needs.changes.outputs.backend == 'true' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.11'
cache: 'pip'
- name: Install dependencies
working-directory: ./backend
run: |
python -m pip install --upgrade pip
pip install pytest pytest-cov httpx flake8
pip install -r requirements.txt
- name: Lint (flake8)
working-directory: ./backend
run: |
flake8 services/ routes/ middleware/ config/ dependencies.py main.py
- name: Run tests
working-directory: ./backend
env:
DEBUG: "true"
API_KEY: "test-secret-key"
SUPABASE_URL: ${{ secrets.SUPABASE_URL }}
SUPABASE_ANON_KEY: ${{ secrets.SUPABASE_ANON_KEY }}
SUPABASE_JWT_SECRET: ${{ secrets.SUPABASE_JWT_SECRET }}
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
PINECONE_API_KEY: ${{ secrets.PINECONE_API_KEY }}
PINECONE_INDEX_NAME: "codeintel-test"
run: |
pytest tests/ -v --cov=services --cov-report=term-missing
test-frontend:
name: Frontend Tests
needs: changes
if: ${{ needs.changes.outputs.frontend == 'true' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Bun
uses: oven-sh/setup-bun@v2
with:
bun-version: latest
- name: Install dependencies
working-directory: ./frontend
run: bun install
- name: Lint (ESLint)
working-directory: ./frontend
run: bun run lint
- name: Check TypeScript
working-directory: ./frontend
run: bun run tsc --noEmit
- name: Build frontend
working-directory: ./frontend
run: bun run build
- name: Run tests
working-directory: ./frontend
run: bun run test
test-mcp:
name: MCP Server Tests
needs: changes
if: ${{ needs.changes.outputs.mcp == 'true' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.13'
cache: 'pip'
- name: Install dependencies
working-directory: ./mcp-server
run: |
python -m pip install --upgrade pip
pip install pytest-cov flake8
pip install -r requirements.txt
- name: Lint (flake8)
working-directory: ./mcp-server
run: |
flake8 .
- name: Run tests
working-directory: ./mcp-server
env:
API_KEY: "test-key"
BACKEND_API_URL: "http://localhost:8000"
run: |
pytest tests/ -v --cov=. --cov-report=term-missing
security-scan:
name: Security Scan
needs: changes
if: ${{ needs.changes.outputs.backend == 'true' || needs.changes.outputs.frontend == 'true' || needs.changes.outputs.mcp == 'true' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
scan-ref: '.'
format: 'table'
severity: 'CRITICAL,HIGH'
exit-code: '1'
- name: Check for secrets
uses: trufflesecurity/trufflehog@main
with:
path: ./
base: main
head: HEAD