enhancing auto label feature (#219) #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ExtensionShield CI/CD Pipeline | |
| # Deploys to Railway on pushes and PRs targeting the active default branch | |
| name: Deploy to Railway | |
| on: | |
| push: | |
| branches: [main, master] | |
| pull_request: | |
| branches: [main, master] | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| RAILWAY_PROJECT_ID: 24ef50c1-9906-4ade-b25e-92e65aba8aa8 | |
| RAILWAY_SERVICE: ExtensionShield | |
| RAILWAY_ENVIRONMENT: production | |
| jobs: | |
| # ============================================================================= | |
| # Job 1: Run Tests | |
| # ============================================================================= | |
| test: | |
| name: Run Tests | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v5 | |
| with: | |
| version: "latest" | |
| - name: Set up Python | |
| run: uv python install 3.11 | |
| - name: Install dependencies | |
| run: uv sync --frozen | |
| - name: Run linting | |
| run: uv run pylint src/extension_shield --exit-zero | |
| - name: Run tests | |
| run: uv run pytest tests/ -v --tb=short | |
| continue-on-error: true # Don't fail on test failures for now | |
| # ============================================================================= | |
| # Job 2: Build Docker Image | |
| # ============================================================================= | |
| build: | |
| name: Build Docker Image | |
| runs-on: ubuntu-latest | |
| needs: test | |
| if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master') | |
| permissions: | |
| actions: write | |
| contents: read | |
| packages: write | |
| outputs: | |
| image_tag: ${{ steps.meta.outputs.tags }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=sha,prefix= | |
| type=raw,value=latest | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| # ============================================================================= | |
| # Job 3: Deploy to Railway | |
| # ============================================================================= | |
| deploy: | |
| name: Deploy to Railway | |
| runs-on: ubuntu-latest | |
| needs: build | |
| if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master') | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Install Railway CLI | |
| run: npm install -g @railway/cli | |
| - name: Deploy to Railway | |
| run: railway up --ci --detach --project "$RAILWAY_PROJECT_ID" --service "$RAILWAY_SERVICE" --environment "$RAILWAY_ENVIRONMENT" | |
| env: | |
| RAILWAY_TOKEN: ${{ secrets.RAILWAY_TOKEN }} | |
| - name: Deployment Summary | |
| run: | | |
| echo "## 🚀 Deployment Complete!" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "Your app has been deployed to Railway." >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "Check your Railway dashboard for the live URL." >> $GITHUB_STEP_SUMMARY |