diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ea743c9..7c382bb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -3,6 +3,7 @@ name: CI on: pull_request: paths-ignore: + - '**.md' - 'extra/**' - 'capture/**' - 'ansible/**' diff --git a/.github/workflows/deps_security.yml b/.github/workflows/deps_security.yml new file mode 100644 index 0000000..6b8b346 --- /dev/null +++ b/.github/workflows/deps_security.yml @@ -0,0 +1,42 @@ +name: Dependency Security & Compatibility Test + +on: + pull_request: + paths: + - 'requirements.txt' + - '**.py' + +jobs: + test-deps: + runs-on: ubuntu-latest + strategy: + matrix: + python-version: ['3.10', '3.11', '3.12'] + + steps: + - name: Checkout code + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v5 + with: + python-version: ${{ matrix.python-version }} + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install -r requirements.txt + + - name: Run pip-audit to report vulnerabilities + run: | + pip install pip-audit + pip-audit || true + + - name: Deploy cxp + run: | + bash ./start.sh & + sleep 5 + + - name: Run Application Health Check + run: | + bash ./scripts/healthcheck-ci.sh \ No newline at end of file diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index f96f5c5..396bca0 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -18,6 +18,7 @@ on: pull_request: paths-ignore: + - '**.md' - 'extra/**' - 'capture/**' - 'ansible/**' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 84de602..2b1ac48 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,6 +11,7 @@ on: - 'scripts/**' - '.gitignore' - 'LICENSE' + - '.github/workflows/**' branches: - master