4ca0fe02da
Some checks failed
API Docs (Node.js Express) / test (18) (push) Failing after 22s
API Docs (Node.js Express) / test (20) (push) Failing after 22s
API Docs (Node.js Express) / build (push) Has been skipped
API Docs (Node.js Express) / security (push) Has been skipped
LabFusion CI/CD Pipeline / api-gateway (push) Failing after 4m53s
Docker Build and Push / build-and-push (push) Failing after 3m31s
Docker Build and Push / security-scan (push) Has been skipped
API Docs (Node.js Express) / test (16) (push) Failing after 3m7s
API Gateway (Java Spring Boot) / test (17) (push) Failing after 7m42s
API Gateway (Java Spring Boot) / test (21) (push) Failing after 5m11s
API Gateway (Java Spring Boot) / build (push) Has been skipped
API Gateway (Java Spring Boot) / security (push) Has been skipped
LabFusion CI/CD Pipeline / service-adapters (push) Failing after 6m30s
LabFusion CI/CD Pipeline / api-docs (push) Failing after 10s
LabFusion CI/CD Pipeline / frontend (push) Failing after 4m54s
LabFusion CI/CD Pipeline / integration-tests (push) Has been skipped
LabFusion CI/CD Pipeline / security-scan (push) Has been skipped
Frontend (React) / test (16) (push) Failing after 4m58s
Frontend (React) / test (18) (push) Failing after 4m58s
Frontend (React) / test (20) (push) Failing after 4m58s
Frontend (React) / build (push) Has been skipped
Frontend (React) / security (push) Has been skipped
Integration Tests / integration-tests (push) Failing after 35s
Integration Tests / performance-tests (push) Has been skipped
Service Adapters (Python FastAPI) / test (3.1) (push) Failing after 15s
Service Adapters (Python FastAPI) / test (3.11) (push) Failing after 5m23s
Service Adapters (Python FastAPI) / test (3.12) (push) Failing after 6m18s
Service Adapters (Python FastAPI) / test (3.9) (push) Failing after 6m18s
Docker Build and Push / deploy-staging (push) Has been skipped
Service Adapters (Python FastAPI) / build (push) Has been skipped
Service Adapters (Python FastAPI) / security (push) Has been skipped
Docker Build and Push / deploy-production (push) Has been skipped
Frontend (React) / lighthouse (push) Has been skipped
217 lines
6.4 KiB
Markdown
217 lines
6.4 KiB
Markdown
# LabFusion CI/CD Pipeline Documentation
|
|
|
|
## Overview
|
|
|
|
LabFusion uses Gitea Actions for continuous integration and deployment. The pipeline is designed to handle a polyglot microservices architecture with Java Spring Boot, Python FastAPI, Node.js Express, and React.
|
|
|
|
## Pipeline Structure
|
|
|
|
### Main CI Pipeline (`ci.yml`)
|
|
- **Trigger**: Push to `main`/`develop` branches, pull requests
|
|
- **Services**: All services (API Gateway, Service Adapters, API Docs, Frontend)
|
|
- **Features**: Testing, code quality, security scanning, integration tests
|
|
|
|
### Service-Specific Pipelines
|
|
|
|
#### API Gateway (`api-gateway.yml`)
|
|
- **Language**: Java Spring Boot
|
|
- **Testing**: Unit tests, code quality (SpotBugs, Checkstyle, PMD)
|
|
- **Coverage**: JaCoCo code coverage reporting
|
|
- **Matrix**: Java 17, 21
|
|
- **Security**: Trivy vulnerability scanning
|
|
|
|
#### Service Adapters (`service-adapters.yml`)
|
|
- **Language**: Python FastAPI
|
|
- **Testing**: Unit tests, code quality (Black, isort, flake8, mypy)
|
|
- **Coverage**: pytest-cov coverage reporting
|
|
- **Matrix**: Python 3.9, 3.10, 3.11, 3.12
|
|
- **Security**: Bandit, Safety, Trivy scanning
|
|
|
|
#### API Docs (`api-docs.yml`)
|
|
- **Language**: Node.js Express
|
|
- **Testing**: Jest unit tests
|
|
- **Coverage**: Jest coverage reporting
|
|
- **Matrix**: Node.js 16, 18, 20
|
|
- **Security**: npm audit, Trivy scanning
|
|
|
|
#### Frontend (`frontend.yml`)
|
|
- **Language**: React
|
|
- **Testing**: Jest unit tests, Lighthouse CI
|
|
- **Coverage**: Jest coverage reporting
|
|
- **Matrix**: Node.js 16, 18, 20
|
|
- **Performance**: Lighthouse performance testing
|
|
- **Security**: npm audit, Trivy scanning
|
|
|
|
### Integration Tests (`integration-tests.yml`)
|
|
- **Services**: PostgreSQL, Redis
|
|
- **Testing**: End-to-end integration tests
|
|
- **Performance**: k6 performance testing
|
|
- **Coverage**: Complete service interaction testing
|
|
|
|
## Configuration
|
|
|
|
### Environment Variables
|
|
|
|
#### No External Dependencies
|
|
- **Local Testing**: All Docker images built locally
|
|
- **No Registry**: No external container registry required
|
|
- **Self-Contained**: Pipelines run without external dependencies
|
|
|
|
### Service Configuration
|
|
|
|
#### API Gateway
|
|
- **Port**: 8080
|
|
- **Health Check**: `/actuator/health`
|
|
- **Dependencies**: Maven, JDK 17/21
|
|
- **Quality Tools**: SpotBugs, Checkstyle, PMD, JaCoCo
|
|
|
|
#### Service Adapters
|
|
- **Port**: 8000
|
|
- **Health Check**: `/health`
|
|
- **Dependencies**: Python 3.9-3.12, pip
|
|
- **Quality Tools**: Black, isort, flake8, mypy, Bandit, Safety
|
|
|
|
#### API Docs
|
|
- **Port**: 3000
|
|
- **Health Check**: `/health`
|
|
- **Dependencies**: Node.js 16-20, npm
|
|
- **Quality Tools**: ESLint, Jest
|
|
|
|
#### Frontend
|
|
- **Port**: 3001
|
|
- **Health Check**: Root path `/`
|
|
- **Dependencies**: Node.js 16-20, npm
|
|
- **Quality Tools**: ESLint, Jest, Lighthouse CI
|
|
|
|
## Pipeline Features
|
|
|
|
### Code Quality
|
|
- **Linting**: ESLint, flake8, Checkstyle
|
|
- **Formatting**: Black, isort, Prettier
|
|
- **Type Checking**: mypy, TypeScript
|
|
- **Security**: Bandit, Safety, npm audit, Trivy
|
|
- **Coverage**: Minimum 80% code coverage required
|
|
|
|
### Testing
|
|
- **Unit Tests**: All services
|
|
- **Integration Tests**: End-to-end service communication
|
|
- **Performance Tests**: k6 load testing
|
|
- **Lighthouse Tests**: Frontend performance and accessibility
|
|
|
|
### Security
|
|
- **Vulnerability Scanning**: Trivy for all Docker images
|
|
- **Dependency Scanning**: npm audit, Maven security checks
|
|
- **Code Security**: Bandit for Python, ESLint security rules
|
|
|
|
### Caching
|
|
- **Maven**: ~/.m2 directory
|
|
- **npm**: node_modules and package-lock.json
|
|
- **pip**: ~/.cache/pip
|
|
- **Docker**: Multi-stage build caching
|
|
|
|
### Multi-Platform Support
|
|
- **Architectures**: linux/amd64, linux/arm64
|
|
- **Matrix Testing**: Multiple language versions
|
|
- **Cross-Platform**: Docker multi-platform builds
|
|
|
|
## Docker Images
|
|
|
|
### Local Testing
|
|
- **Build**: Docker images built locally for testing
|
|
- **Tags**: Simple test tags (e.g., `api-gateway:test`)
|
|
- **Purpose**: Integration testing and validation
|
|
- **No Registry**: Images not pushed to external registry
|
|
|
|
## Monitoring and Reporting
|
|
|
|
### Test Reports
|
|
- **Unit Tests**: JUnit XML reports
|
|
- **Coverage**: Codecov integration
|
|
- **Performance**: Lighthouse CI reports
|
|
- **Security**: SARIF format vulnerability reports
|
|
|
|
### Notifications
|
|
- **Success**: Deployment notifications
|
|
- **Failure**: Error notifications with details
|
|
- **Security**: Vulnerability alerts
|
|
|
|
## Troubleshooting
|
|
|
|
### Common Issues
|
|
|
|
#### Build Failures
|
|
1. **Dependency Issues**: Check package.json, requirements.txt, pom.xml
|
|
2. **Version Conflicts**: Update to compatible versions
|
|
3. **Cache Issues**: Clear GitHub Actions cache
|
|
|
|
#### Test Failures
|
|
1. **Unit Tests**: Check test files and assertions
|
|
2. **Integration Tests**: Verify service health endpoints
|
|
3. **Performance Tests**: Check resource limits and timeouts
|
|
|
|
#### Security Issues
|
|
1. **Vulnerabilities**: Update dependencies
|
|
2. **Code Issues**: Fix security warnings
|
|
3. **Image Issues**: Update base images
|
|
|
|
### Debugging
|
|
- **Logs**: Check GitHub Actions logs
|
|
- **Artifacts**: Download test reports and coverage
|
|
- **Local Testing**: Run tests locally before pushing
|
|
|
|
## Best Practices
|
|
|
|
### Code Quality
|
|
- Write comprehensive tests
|
|
- Maintain high code coverage
|
|
- Follow linting rules
|
|
- Use meaningful commit messages
|
|
|
|
### Security
|
|
- Keep dependencies updated
|
|
- Scan for vulnerabilities regularly
|
|
- Use secure base images
|
|
- Implement proper authentication
|
|
|
|
### Performance
|
|
- Optimize Docker images
|
|
- Use multi-stage builds
|
|
- Implement proper caching
|
|
- Monitor resource usage
|
|
|
|
### Deployment
|
|
- Test in staging first
|
|
- Use blue-green deployments
|
|
- Implement rollback procedures
|
|
- Monitor production health
|
|
|
|
## Future Enhancements
|
|
|
|
### Planned Features
|
|
- **Kubernetes**: Helm charts for deployment
|
|
- **Monitoring**: Prometheus and Grafana integration
|
|
- **Logging**: Centralized logging with ELK stack
|
|
- **Database**: Automated migration testing
|
|
- **Notifications**: Slack/Teams integration
|
|
|
|
### Performance Improvements
|
|
- **Parallel Testing**: Run tests in parallel
|
|
- **Selective Testing**: Only test changed services
|
|
- **Caching**: Improved Docker layer caching
|
|
- **Resource Optimization**: Better resource allocation
|
|
|
|
## Support
|
|
|
|
For issues with the CI/CD pipeline:
|
|
1. Check the GitHub Actions logs
|
|
2. Review the troubleshooting section
|
|
3. Check service-specific documentation
|
|
4. Contact the development team
|
|
|
|
## References
|
|
|
|
- [Gitea Actions Documentation](https://docs.gitea.io/en-us/actions/)
|
|
- [Docker Multi-platform Builds](https://docs.docker.com/buildx/working-with-buildx/)
|
|
- [Trivy Security Scanner](https://trivy.dev/)
|
|
- [Lighthouse CI](https://github.com/GoogleChrome/lighthouse-ci)
|