|
|
name: CI/CD Pipeline |
|
|
|
|
|
on: |
|
|
push: |
|
|
branches: [ main ] |
|
|
pull_request: |
|
|
branches: [ main ] |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
permissions: |
|
|
contents: read |
|
|
actions: read |
|
|
pull-requests: write |
|
|
issues: write |
|
|
|
|
|
env: |
|
|
PYTHON_VERSION: "3.11" |
|
|
|
|
|
jobs: |
|
|
lint: |
|
|
runs-on: ubuntu-latest |
|
|
steps: |
|
|
- uses: actions/checkout@v4 |
|
|
|
|
|
- name: Set up Python |
|
|
uses: actions/setup-python@v4 |
|
|
with: |
|
|
python-version: ${{ env.PYTHON_VERSION }} |
|
|
|
|
|
- name: Install dependencies |
|
|
run: | |
|
|
python -m pip install --upgrade pip |
|
|
pip install ruff black |
|
|
|
|
|
- name: Run Ruff linter |
|
|
run: ruff check . |
|
|
|
|
|
- name: Run Black formatter check |
|
|
run: black --check . |
|
|
|
|
|
test-unit: |
|
|
runs-on: ubuntu-latest |
|
|
strategy: |
|
|
matrix: |
|
|
python-version: [3.11, 3.12, 3.13] |
|
|
|
|
|
steps: |
|
|
- uses: actions/checkout@v4 |
|
|
|
|
|
- name: Set up Python ${{ matrix.python-version }} |
|
|
uses: actions/setup-python@v4 |
|
|
with: |
|
|
python-version: ${{ matrix.python-version }} |
|
|
|
|
|
- name: Cache pip dependencies |
|
|
uses: actions/cache@v4 |
|
|
with: |
|
|
path: ~/.cache/pip |
|
|
key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} |
|
|
restore-keys: | |
|
|
${{ runner.os }}-pip- |
|
|
|
|
|
- name: Install system dependencies |
|
|
run: | |
|
|
sudo apt-get update |
|
|
sudo apt-get install -y \ |
|
|
tesseract-ocr \ |
|
|
tesseract-ocr-eng \ |
|
|
poppler-utils \ |
|
|
libgl1-mesa-dri \ |
|
|
libglib2.0-0 \ |
|
|
libsm6 \ |
|
|
libxext6 \ |
|
|
libxrender-dev \ |
|
|
libgomp1 |
|
|
|
|
|
- name: Install Python dependencies |
|
|
run: | |
|
|
python -m pip install --upgrade pip |
|
|
pip install -r requirements_lightweight.txt |
|
|
pip install pytest pytest-cov pytest-html pytest-xdist reportlab pillow |
|
|
|
|
|
- name: Download spaCy model |
|
|
run: | |
|
|
python -m spacy download en_core_web_lg |
|
|
|
|
|
- name: Setup test data |
|
|
run: | |
|
|
python .github/scripts/setup_test_data.py |
|
|
echo "Setup script completed. Checking results:" |
|
|
ls -la example_data/ || echo "example_data directory not found" |
|
|
|
|
|
- name: Verify test data files |
|
|
run: | |
|
|
echo "Checking if critical test files exist:" |
|
|
ls -la example_data/ |
|
|
echo "Checking for specific PDF files:" |
|
|
ls -la example_data/*.pdf || echo "No PDF files found" |
|
|
echo "Checking file sizes:" |
|
|
find example_data -name "*.pdf" -exec ls -lh {} \; |
|
|
|
|
|
- name: Clean up problematic config files |
|
|
run: | |
|
|
rm -f config*.py || true |
|
|
|
|
|
- name: Run CLI tests |
|
|
run: | |
|
|
cd test |
|
|
python test.py |
|
|
|
|
|
- name: Run tests with pytest |
|
|
run: | |
|
|
pytest test/test.py -v --tb=short --junitxml=test-results.xml |
|
|
|
|
|
- name: Run tests with coverage |
|
|
run: | |
|
|
pytest test/test.py --cov=. --cov-config=.coveragerc --cov-report=xml --cov-report=html --cov-report=term |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- name: Upload test results |
|
|
uses: actions/upload-artifact@v4 |
|
|
if: always() |
|
|
with: |
|
|
name: test-results-python-${{ matrix.python-version }} |
|
|
path: | |
|
|
test-results.xml |
|
|
htmlcov/ |
|
|
coverage.xml |
|
|
|
|
|
test-integration: |
|
|
runs-on: ubuntu-latest |
|
|
needs: [lint, test-unit] |
|
|
|
|
|
steps: |
|
|
- uses: actions/checkout@v4 |
|
|
|
|
|
- name: Set up Python |
|
|
uses: actions/setup-python@v4 |
|
|
with: |
|
|
python-version: ${{ env.PYTHON_VERSION }} |
|
|
|
|
|
- name: Install dependencies |
|
|
run: | |
|
|
python -m pip install --upgrade pip |
|
|
pip install -r requirements_lightweight.txt |
|
|
pip install pytest pytest-cov reportlab pillow |
|
|
|
|
|
- name: Install system dependencies |
|
|
run: | |
|
|
sudo apt-get update |
|
|
sudo apt-get install -y \ |
|
|
tesseract-ocr \ |
|
|
tesseract-ocr-eng \ |
|
|
poppler-utils \ |
|
|
libgl1-mesa-dri \ |
|
|
libglib2.0-0 |
|
|
|
|
|
- name: Download spaCy model |
|
|
run: | |
|
|
python -m spacy download en_core_web_lg |
|
|
|
|
|
- name: Setup test data |
|
|
run: | |
|
|
python .github/scripts/setup_test_data.py |
|
|
echo "Setup script completed. Checking results:" |
|
|
ls -la example_data/ || echo "example_data directory not found" |
|
|
|
|
|
- name: Verify test data files |
|
|
run: | |
|
|
echo "Checking if critical test files exist:" |
|
|
ls -la example_data/ |
|
|
echo "Checking for specific PDF files:" |
|
|
ls -la example_data/*.pdf || echo "No PDF files found" |
|
|
echo "Checking file sizes:" |
|
|
find example_data -name "*.pdf" -exec ls -lh {} \; |
|
|
|
|
|
- name: Run integration tests |
|
|
run: | |
|
|
cd test |
|
|
python demo_single_test.py |
|
|
|
|
|
- name: Test CLI help |
|
|
run: | |
|
|
python cli_redact.py --help |
|
|
|
|
|
- name: Test CLI version |
|
|
run: | |
|
|
python -c "import sys; print(f'Python {sys.version}')" |
|
|
|
|
|
security: |
|
|
runs-on: ubuntu-latest |
|
|
steps: |
|
|
- uses: actions/checkout@v4 |
|
|
|
|
|
- name: Set up Python |
|
|
uses: actions/setup-python@v4 |
|
|
with: |
|
|
python-version: ${{ env.PYTHON_VERSION }} |
|
|
|
|
|
- name: Install dependencies |
|
|
run: | |
|
|
python -m pip install --upgrade pip |
|
|
pip install safety bandit |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- name: Run bandit security check |
|
|
run: | |
|
|
bandit -r . -f json -o bandit-report.json || true |
|
|
|
|
|
- name: Upload security report |
|
|
uses: actions/upload-artifact@v4 |
|
|
if: always() |
|
|
with: |
|
|
name: security-report |
|
|
path: bandit-report.json |
|
|
|
|
|
build: |
|
|
runs-on: ubuntu-latest |
|
|
needs: [lint, test-unit] |
|
|
if: github.event_name == 'push' && github.ref == 'refs/heads/main' |
|
|
|
|
|
steps: |
|
|
- uses: actions/checkout@v4 |
|
|
|
|
|
- name: Set up Python |
|
|
uses: actions/setup-python@v4 |
|
|
with: |
|
|
python-version: ${{ env.PYTHON_VERSION }} |
|
|
|
|
|
- name: Install build dependencies |
|
|
run: | |
|
|
python -m pip install --upgrade pip |
|
|
pip install build twine |
|
|
|
|
|
- name: Build package |
|
|
run: | |
|
|
python -m build |
|
|
|
|
|
- name: Check package |
|
|
run: | |
|
|
twine check dist/* |
|
|
|
|
|
- name: Upload build artifacts |
|
|
uses: actions/upload-artifact@v4 |
|
|
with: |
|
|
name: dist |
|
|
path: dist/ |
|
|
|
