semaphoreio
diff --git a/‎front/workflow_templates/saas_new/properties/phoenix_docker.properties.json
Lines changed: 5 additions & 4 deletions b/‎front/workflow_templates/saas_new/properties/phoenix_docker.properties.json
Lines changed: 5 additions & 4 deletions
diff --git a/‎front/workflow_templates/saas_new/properties/phoenix_saas.properties.json
Lines changed: 3 additions & 2 deletions b/‎front/workflow_templates/saas_new/properties/phoenix_saas.properties.json
Lines changed: 3 additions & 2 deletions
diff --git a/‎front/workflow_templates/saas_new/properties/python_docker.properties.json
Lines changed: 4 additions & 3 deletions b/‎front/workflow_templates/saas_new/properties/python_docker.properties.json
Lines changed: 4 additions & 3 deletions
diff --git a/‎front/workflow_templates/saas_new/properties/python_saas.properties.json
Lines changed: 4 additions & 3 deletions b/‎front/workflow_templates/saas_new/properties/python_saas.properties.json
Lines changed: 4 additions & 3 deletions
diff --git a/‎front/workflow_templates/saas_new/templates/phoenix_docker.yml
Lines changed: 89 additions & 107 deletions b/‎front/workflow_templates/saas_new/templates/phoenix_docker.yml
Lines changed: 89 additions & 107 deletions
@@ -1,11 +1,12 @@
 {
-  "title": "Elixir - Phoenix",
-  "description": "Run tests and build Docker images for your Phoenix app with PostgreSQL and Redis support. <div class='flex items-center mt1 mb3'><span class='f6 normal mr1 ph1 br2 bg-orange white'>Phoenix</span><span class='f6 normal mr1 ph1 br2 bg-green white'>Docker</span><span class='f6 normal mr1 ph1 br2 bg-blue white'>PostgreSQL</span><span class='f6 normal mr1 ph1 br2 bg-red white'>Redis</span></div>",
-  "short_description": "Containerized CI/CD pipeline for Phoenix web applications",
+  "title": "Elixir - Phoenix (Docker)",
+  "description": "Run tests, security, and quality checks for your containerised Phoenix app with Docker services and PostgreSQL. <div class='flex items-center mt1 mb3'><span class='f6 normal mr1 ph1 br2 bg-indigo white'>Elixir</span><span class='f6 normal mr1 ph1 br2 bg-orange white'>Phoenix</span><span class='f6 normal mr1 ph1 br2 bg-green white'>ExUnit</span><span class='f6 normal mr1 ph1 br2 bg-purple white'>Sobelow</span><span class='f6 normal mr1 ph1 br2 bg-blue white'>Credo</span><span class='f6 normal mr1 ph1 br2 bg-cyan white'>Postgres</span><span class='f6 normal mr1 ph1 br2 bg-dark-green white'>Coveralls</span><span class='f6 normal mr1 ph1 br2 bg-light-gray white'>Docker</span></div><div class='mt2 ba br2 b--blue bg-washed-blue pa2'><strong>ℹ️ Coveralls integration:</strong> This pipeline uploads test‑coverage data to Coveralls. Add a <a href='https://docs.semaphoreci.com/using-semaphore/secrets' target='_blank'>project secret</a> named <code>coveralls</code> containing your <code>COVERALLS_REPO_TOKEN</code> so the upload step succeeds.</div>",
+  "short_description": "Containerised CI pipeline for Phoenix web applications",
   "group": "ci",
   "language": "Elixir",
   "environment": "docker",
-  "use_case": "Web Application",
+  "use_case": "ci_pipeline",
+  "tags": ["ci_pipeline", "docker", "security_checks"],
   "icon": "lang-elixir.svg",
   "template_path": "templates/phoenix_docker.yml",
   "workflow_tip": "other"
 
@@ -1,11 +1,12 @@
 {
   "title": "Elixir - Phoenix",
-  "description": "Run tests and quality checks for your Phoenix app with ExUnit and browser testing via Wallaby. <div class='flex items-center mt1 mb3'><span class='f6 normal mr1 ph1 br2 bg-orange white'>Phoenix</span><span class='f6 normal mr1 ph1 br2 bg-green white'>ExUnit</span><span class='f6 normal mr1 ph1 br2 bg-purple white'>Wallaby</span><span class='f6 normal mr1 ph1 br2 bg-blue white'>Credo</span></div>",
-  "short_description": "Full-featured CI/CD pipeline for Phoenix web applications",
+  "description": "Run tests, security, and quality checks for your Phoenix app with ExUnit, Credo, Sobelow, and PostgreSQL. <div class='flex items-center mt1 mb3'><span class='f6 normal mr1 ph1 br2 bg-indigo white'>Elixir</span><span class='f6 normal mr1 ph1 br2 bg-orange white'>Phoenix</span><span class='f6 normal mr1 ph1 br2 bg-green white'>ExUnit</span><span class='f6 normal mr1 ph1 br2 bg-purple white'>Sobelow</span><span class='f6 normal mr1 ph1 br2 bg-blue white'>Credo</span><span class='f6 normal mr1 ph1 br2 bg-cyan white'>Postgres</span><span class='f6 normal mr1 ph1 br2 bg-dark-green white'>Coveralls</span></div><div class='mt2 ba br2 b--blue bg-washed-blue pa2'><strong>ℹ️ Coveralls integration:</strong> This pipeline uploads test-coverage data to Coveralls. Add a <a href='https://docs.semaphoreci.com/using-semaphore/secrets' target='_blank'>project secret</a> named <code>coveralls</code> containing your <code>COVERALLS_REPO_TOKEN</code> so the upload step succeeds.</div>",
+  "short_description": "Full‑featured CI pipeline for Phoenix web applications",
   "group": "ci",
   "language": "Elixir",
   "environment": "linux",
   "use_case": "ci_pipeline",
+  "tags": ["ci_pipeline", "security_checks"],
   "icon": "lang-elixir.svg",
   "template_path": "templates/phoenix_saas.yml",
   "workflow_tip": "other"
 
@@ -1,11 +1,12 @@
 {
-  "title": "Python",
-  "description": "Run parallel tests for your Python app in Docker with PostgreSQL and Redis support. Uses Poetry for dependencies. <div class='flex items-center mt1 mb3'><span class='f6 normal mr1 ph1 br2 bg-blue white'>Python</span><span class='f6 normal mr1 ph1 br2 bg-green white'>Docker</span><span class='f6 normal mr1 ph1 br2 bg-purple white'>Poetry</span><span class='f6 normal mr1 ph1 br2 bg-orange white'>pytest</span></div>",
-  "short_description": "Run your Python suite",
+  "title": "Python Docker CI/CD Pipeline",
+  "description": "Set up your your Python app in a Docker environment with integrated linting, security checks, and automated Docker builds. Uses pip for dependency management and pytest for testing. <div class='flex items-center mt1 mb3'><span class='f6 normal mr1 ph1 br2 bg-blue white'>Python</span><span class='f6 normal mr1 ph1 br2 bg-green white'>Docker</span><span class='f6 normal mr1 ph1 br2 bg-orange white'>pytest</span><span class='f6 normal mr1 ph1 br2 bg-red white'>flake8</span><span class='f6 normal mr1 ph1 br2 bg-yellow white'>Bandit</span></div>",
+  "short_description": "Run Python CI/CD pipeline in Docker",
   "group": "ci",
   "language": "Python",
   "environment": "docker",
   "use_case": "ci_pipeline",
+  "tags": ["ci_pipeline", "security_checks"],
   "icon": "lang-python.svg",
   "template_path": "templates/python_docker.yml",
   "workflow_tip": "other"
 
@@ -1,11 +1,12 @@
 {
-  "title": "Python",
-  "description": "Run quality checks and parallel tests for your Python app using Poetry for dependency management and pytest for testing. <div class='flex items-center mt1 mb3'><span class='f6 normal mr1 ph1 br2 bg-blue white'>Python</span><span class='f6 normal mr1 ph1 br2 bg-purple white'>Poetry</span><span class='f6 normal mr1 ph1 br2 bg-green white'>pytest</span></div>",
-  "short_description": "Run your Python suite",
+  "title": "Python CI/CD Pipeline",
+  "description": "Set up your Python CI/CD pipeline with dependency caching, linting via flake8, security scanning with Bandit, parallelized unit and integration tests using pytest, and automated Docker image builds. <div class='flex items-center mt1 mb3'><span class='f6 normal mr1 ph1 br2 bg-blue white'>Python</span><span class='f6 normal mr1 ph1 br2 bg-green white'>pytest</span><span class='f6 normal mr1 ph1 br2 bg-red white'>flake8</span><span class='f6 normal mr1 ph1 br2 bg-orange white'>Bandit</span><span class='f6 normal mr1 ph1 br2 bg-cyan white'>Docker</span></div>",
+  "short_description": "Run a comprehensive Python CI/CD",
   "group": "ci",
   "language": "Python",
   "environment": "linux",
   "use_case": "ci_pipeline",
+  "tags": ["ci_pipeline", "security_checks"],
   "icon": "lang-python.svg",
   "template_path": "templates/python_saas.yml",
   "workflow_tip": "other"
 
@@ -1,150 +1,132 @@
-# This is a Semaphore configuration file for Phoenix projects using Docker
-# For more information about Semaphore configuration visit:
-# https://docs.semaphoreci.com/reference/pipeline-yaml-reference/
+version: v1.0  # Pipeline schema: https://docs.semaphoreci.com/reference/pipeline-yaml/
+name: "🔥 Phoenix CI Pipeline"
 
-version: v1.0  # Semaphore configuration version
-name: "🔥 Phoenix CI Pipeline"  # Pipeline display name
+# ---------------------------------------------------------------------------
+# GLOBAL SETTINGS
+# ---------------------------------------------------------------------------
 
-# Define the machine type, OS image, and containers
 agent:
   machine:
     type: {{ machine_type }}
     os_image: {{ os_image }}
+  containers:  # Runtime & side‑service containers → https://docs.semaphoreci.com/reference/pipeline-yaml/#containers
+    - name: main  # Primary job container (Elixir + Node)
+      image: 'registry.semaphoreci.com/elixir:1.16'  # Image catalogue → https://docs.semaphoreci.com/using-semaphore/optimization/container-registry#convenience-and-language-images
+    - name: postgres  # Postgres DB for tests
+      image: 'registry.semaphoreci.com/postgres:17'
+      env_vars:
+        - name: POSTGRES_PASSWORD
+          value: postgres
+        - name: POSTGRES_DB
+          value: phoenix_test
 
-  containers:
-    - name: main
-      image: 'registry.semaphoreci.com/elixir:1.15'  # Elixir 1.15 container
-    - name: postgres
-      image: registry.semaphoreci.com/postgres:17  # PostgreSQL 17 for database operations
-    - name: redis
-      image: registry.semaphoreci.com/redis:7.0  # Redis 7.0 for caching
-
-# Configure when to stop the pipeline early
-fail_fast:
-  stop:
-    when: branch != 'main'  # Stop all blocks if a job fails on non-main branches
 auto_cancel:
-  running:
-    when: branch != 'main'  # Cancel running pipelines on non-main branches
   queued:
-    when: branch = 'main'   # Cancel queued pipelines on main branch
+    when: 'true'
+
+fail_fast:
+  cancel:
+    when: branch != 'main'
 
-# Commands to run before each job
 global_job_config:
+  env_vars:
+    - name: MIX_ENV
+      value: test
   prologue:
     commands:
-      - checkout                    # Get the code from repository
-      - mix local.hex --force      # Install Hex package manager
-      - mix local.rebar --force    # Install rebar3 build tool
-      - mix deps.get              # Install dependencies
-      - cache restore             # Restore cached dependencies
+      - checkout                      # Fetch repo at current commit
+      - cache restore                 # Restore cached deps & _build
+
+# ---------------------------------------------------------------------------
+# BLOCKS
+# ---------------------------------------------------------------------------
 
-# Pipeline blocks represent groups of jobs that can run in parallel
 blocks:
-  # Block for setting up dependencies and caching
-  - name: "🛠️ Setup and Cache"
-    dependencies: []
+  # ⚙️  Block 1: Install dependencies & compile – caches Hex/Rebar & JS assets
+  - name: "⚙️ Install & Compile"
     task:
       jobs:
-        - name: "📦 Install Dependencies"
+        - name: "⚙️ Install & Compile"
           commands:
-            - mix deps.compile  # Compile dependencies
-            - mix compile      # Compile project
-            - npm ci --prefix assets  # Install Node.js dependencies
-            - cache store      # Cache dependencies for future runs
+            - mix local.hex --force
+            - mix local.rebar --force
+            - mix deps.get  # Fetch project dependencies
+            - mix compile
+            - npm install --prefix assets  # Install JS dependencies for Phoenix assets
+            - cache store              # Cache deps & build artefacts
 
-  # Block for asset compilation
+  # 🎨  Block 2: Build & digest front‑end assets
   - name: "🎨 Assets"
-    dependencies: ["🛠️ Setup and Cache"]
+    dependencies: ["⚙️ Install & Compile"]
     task:
       jobs:
         - name: "🖌️ Compile Assets"
           commands:
-            - npm run deploy --prefix assets  # Build and digest assets
-            - mix phx.digest                 # Digest and compress static files
+            - npm run deploy --prefix assets  # Build production JS/CSS bundle
+            - mix phx.digest                  # Generate digested asset fingerprints
 
-  # Block for code quality checks
-  - name: "🔍 Code Quality"
-    dependencies: ["🛠️ Setup and Cache"]
+  # 🔍  Block 3: Static analysis – format, Credo, Dialyzer
+  - name: "🔍 Static Analysis"
+    dependencies: ["⚙️ Install & Compile"]
     task:
       jobs:
-        - name: "✨ Lint and Format"
+        - name: "🖌️ Format Check"
           commands:
-            - mix format --check-formatted  # Check code formatting
-            - mix credo --strict           # Run static code analysis
-            - cd assets && npm run lint    # Check JavaScript code
-
-  # Block for security checks
-  - name: "🔐 Security Checks"
-    dependencies: ["🛠️ Setup and Cache"]
-    task:
-      jobs:
-        - name: "🛡️ Security Scan"
+            - mix format --check-formatted
+        - name: "🕵️ Credo Lint"
+          commands:
+            - mix credo --strict
+        - name: "🧠 Dialyzer"
           commands:
-            - mix deps.audit            # Check Elixir dependencies
-            - mix sobelow --config      # Run security-focused static analysis
-            - cd assets && npm audit    # Check Node.js dependencies
+            - mix dialyzer --halt-exit-status
 
-  # Block for type checking
-  - name: "📊 Dialyzer"
-    dependencies: ["🛠️ Setup and Cache"]
+  # 🛡️  Block 4: Security scans – dependency & code audits
+  - name: "🛡️ Security"
+    dependencies: ["⚙️ Install & Compile"]
     task:
       jobs:
-        - name: "🔎 Type Checking"
+        - name: "🛡️ Sobelow & Audits"
           commands:
-            - mix dialyzer  # Run static type checking
+            - mix deps.audit                 # Hex deps audit
+            - mix sobelow --exit             # Phoenix-specific security scan
+            - npm audit --audit-level=moderate --prefix assets
 
-  # Block for running tests
-  - name: "🧪 Test Suite"
-    dependencies: ["🛠️ Setup and Cache", "🎨 Assets"]
+  # 🧪  Block 5: Tests (unit & integration) – depends only on security
+  - name: "🧪 Tests"
+    dependencies: ["🛡️ Security"]
     task:
       env_vars:
-        - name: MIX_ENV
-          value: test
         - name: DATABASE_URL
-          value: postgresql://postgres@postgres:5432/app_test  # Use container hostname
-        - name: REDIS_URL
-          value: redis://redis:6379      # Use container hostname
+          value: "postgres://postgres:postgres@postgres:5432/phoenix_test"  # Host "postgres" resolves to DB side‑container
       jobs:
-        - name: "🟢 ExUnit Tests"
-          parallelism: 4  # Run tests in parallel
+        - name: "🧪 Unit Tests"
           commands:
-            - mix ecto.create     # Create test database
-            - mix ecto.migrate    # Run database migrations
-            - mix test --cover    # Run tests with coverage
+            - mix deps.get  # Fetch project dependencies
+            - mix test --exclude integration --cover --export-coverage unit \
+                --formatter ExUnit.CLIFormatter \
+                --formatter JUnitFormatter \
+                --junit-report-file test_results/unit.xml
+            - test-results gen-suite-report  # Publish per‑suite report → https://docs.semaphoreci.com/using-semaphore/tests/test-reports --name "Unit Tests" --format junit --path test_results/unit.xml
 
-  # Block for browser tests
-  - name: "🌐 Browser Tests"
-    dependencies: ["🧪 Test Suite"]
-    task:
-      jobs:
-        - name: "🎭 Wallaby Tests"
+        - name: "🔬 Integration Tests"
           commands:
-            - mix wallaby.install  # Install browser testing dependencies
-            - mix test --only browser:true  # Run browser tests
+            - mix deps.get  # Fetch project dependencies
+            - mix test --only integration --cover --export-coverage integration \
+                --formatter ExUnit.CLIFormatter \
+                --formatter JUnitFormatter \
+                --junit-report-file test_results/integration.xml
+            - test-results gen-suite-report  # Publish per‑suite report → https://docs.semaphoreci.com/using-semaphore/tests/test-reports --name "Integration Tests" --format junit --path test_results/integration.xml
 
-  # Block for deployment checks
-  - name: "🚀 Deploy Checks"
-    dependencies: ["🧪 Test Suite"]
-    task:
-      jobs:
-        - name: "🔄 Migration Safety"
-          commands:
-            - mix ecto.migrations   # Check pending migrations
-            - mix phx.routes       # Check route definitions
-        - name: "📦 Release Build"
-          commands:
-            - MIX_ENV=prod mix release --dry-run  # Test release building
+# ---------------------------------------------------------------------------
+# AFTER PIPELINE – coverage & reports
+# ---------------------------------------------------------------------------
 
-  # Block for Docker image
-  - name: "🐳 Docker"
-    dependencies: ["🚀 Deploy Checks"]
-    task:
-      secrets:
-        - name: dockerhub-credentials
-      jobs:
-        - name: "📦 Build and Push"
-          commands:
-            - echo "${DOCKER_PASSWORD}" | docker login -u "${DOCKER_USERNAME}" --password-stdin
-            - docker build -t "${DOCKER_USERNAME}/phoenix-app:${SEMAPHORE_GIT_SHA:0:7}" .
-            - docker push "${DOCKER_USERNAME}/phoenix-app:${SEMAPHORE_GIT_SHA:0:7}"
+after_pipeline:
+  task:
+    secrets:
+      - name: coveralls  # COVERALLS_REPO_TOKEN
+    jobs:
+      - name: "📤 Upload Coverage & Reports"
+        commands:
+          - mix coveralls.semaphore --exclude integration --import-cover cover  # Upload coverage → https://github.com/parroty/excoveralls
+          - test-results gen-pipeline-report    # Aggregate & publish test reports → https://docs.semaphoreci.com/using-semaphore/tests/test-reports