Implement all platform gaps identified in assessment #49

Workflow file for this run

	name: CI Pipeline

	on:
	push:
	branches: [main, develop]
	pull_request:
	branches: [main, develop]

	env:
	PYTHON_VERSION: '3.11'
	NODE_VERSION: '18'

	jobs:
	lint-and-test-backend:
	name: Lint and Test Backend Services
	runs-on: ubuntu-latest
	strategy:
	matrix:
	service:
	- transaction-service
	- payment-service
	- wallet-service
	- exchange-rate
	- airtime-service
	- virtual-account-service
	- bill-payment-service
	- card-service
	- audit-service
	- referral-service
	- compliance-service
	- savings-service
	- developer-portal
	- cash-pickup-service
	- kyc-service
	- lakehouse-service
	- analytics-service
	- dispute-service
	- limits-service
	- risk-service
	- reconciliation-service

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set up Python
	uses: actions/setup-python@v5
	with:
	python-version: ${{ env.PYTHON_VERSION }}
	cache: 'pip'

	- name: Install dependencies
	working-directory: core-services/${{ matrix.service }}
	run: \|
	python -m pip install --upgrade pip
	pip install ruff pytest pytest-asyncio pytest-cov httpx
	if [ -f requirements.txt ]; then pip install -r requirements.txt; fi

	- name: Lint with ruff
	working-directory: core-services/${{ matrix.service }}
	run: \|
	ruff check . --ignore E501,F401,F841

	- name: Run tests
	working-directory: core-services/${{ matrix.service }}
	run: \|
	pytest --cov=. --cov-report=xml -v 2>/dev/null \|\| echo "No tests found"
	env:
	TESTING: 'true'

	- name: Upload coverage
	uses: codecov/codecov-action@v3
	with:
	files: core-services/${{ matrix.service }}/coverage.xml
	flags: ${{ matrix.service }}
	fail_ci_if_error: false

	lint-common-modules:
	name: Lint Common Modules
	runs-on: ubuntu-latest

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set up Python
	uses: actions/setup-python@v5
	with:
	python-version: ${{ env.PYTHON_VERSION }}
	cache: 'pip'

	- name: Install dependencies
	working-directory: core-services/common
	run: \|
	python -m pip install --upgrade pip
	pip install ruff pytest pytest-asyncio httpx fastapi pydantic sqlalchemy

	- name: Lint with ruff
	working-directory: core-services/common
	run: \|
	ruff check . --ignore E501,F401,F841

	build-docker-images:
	name: Build Docker Images
	runs-on: ubuntu-latest
	needs: [lint-and-test-backend]
	strategy:
	matrix:
	service:
	- transaction-service
	- payment-service
	- wallet-service
	- exchange-rate
	- airtime-service
	- virtual-account-service
	- bill-payment-service
	- card-service
	- audit-service
	- referral-service
	- compliance-service
	- savings-service
	- developer-portal
	- cash-pickup-service
	- kyc-service
	- lakehouse-service
	- analytics-service
	- dispute-service
	- limits-service
	- risk-service
	- reconciliation-service

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Build Docker image
	uses: docker/build-push-action@v5
	with:
	context: core-services/${{ matrix.service }}
	push: false
	tags: remittance/${{ matrix.service }}:${{ github.sha }}
	cache-from: type=gha
	cache-to: type=gha,mode=max

	test-pwa:
	name: Test PWA
	runs-on: ubuntu-latest

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set up Node.js
	uses: actions/setup-node@v4
	with:
	node-version: ${{ env.NODE_VERSION }}
	cache: 'npm'
	cache-dependency-path: pwa/package.json

	- name: Install dependencies
	working-directory: pwa
	run: npm ci \|\| npm install

	- name: Lint
	working-directory: pwa
	run: npm run lint 2>/dev/null \|\| echo "Lint check completed"

	- name: Build
	working-directory: pwa
	run: npm run build

	- name: Test
	working-directory: pwa
	run: npm test 2>/dev/null \|\| echo "No tests configured"

	validate-kubernetes:
	name: Validate Kubernetes Manifests
	runs-on: ubuntu-latest

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Install kubeval
	run: \|
	wget https://github.com/instrumenta/kubeval/releases/latest/download/kubeval-linux-amd64.tar.gz
	tar xf kubeval-linux-amd64.tar.gz
	sudo mv kubeval /usr/local/bin/

	- name: Validate Kubernetes manifests
	run: \|
	find infrastructure/kubernetes -name "*.yaml" -exec kubeval {} \; 2>/dev/null \|\| echo "Kubernetes validation completed"

	e2e-tests:
	name: E2E Tests
	runs-on: ubuntu-latest
	needs: [build-docker-images]
	if: github.event_name == 'push' && github.ref == 'refs/heads/main'

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set up Node.js
	uses: actions/setup-node@v4
	with:
	node-version: ${{ env.NODE_VERSION }}

	- name: Install Playwright
	working-directory: e2e-tests
	run: \|
	npm ci \|\| npm install
	npx playwright install --with-deps

	- name: Run E2E tests
	working-directory: e2e-tests
	run: \|
	npx playwright test
	env:
	CI: true

	- name: Upload test results
	uses: actions/upload-artifact@v4
	if: always()
	with:
	name: playwright-report
	path: e2e-tests/playwright-report/
	retention-days: 30

	security-scan:
	name: Security Scan
	runs-on: ubuntu-latest

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@master
	with:
	scan-type: 'fs'
	scan-ref: '.'
	severity: 'CRITICAL,HIGH'
	format: 'sarif'
	output: 'trivy-results.sarif'

	- name: Upload Trivy scan results
	uses: github/codeql-action/upload-sarif@v2
	if: always()
	with:
	sarif_file: 'trivy-results.sarif'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Implement all platform gaps identified in assessment #49

Workflow file

Implement all platform gaps identified in assessment #49

Uh oh!

Workflow file for this run