feat(philosophy): expand to 12-principle QWED constitution + CI boundary gate #818
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: QWED CI / CD | |
| on: | |
| pull_request: | |
| branches: [ main ] | |
| permissions: | |
| contents: read | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| services: | |
| postgres: | |
| image: postgres:15 | |
| env: | |
| POSTGRES_USER: qwed | |
| POSTGRES_PASSWORD: qwed_secret | |
| POSTGRES_DB: qwed_db | |
| ports: | |
| - 5432:5432 | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| redis: | |
| image: redis:7-alpine | |
| ports: | |
| - 6379:6379 | |
| options: >- | |
| --health-cmd "redis-cli ping" | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Boundary Check (QWED Rules) | |
| run: python scripts/check_boundary.py | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -e ".[server,dev]" | |
| pip install pytest pytest-asyncio | |
| - name: Check Dependencies | |
| run: | | |
| python -c "import sqlglot; print('SQLGlot version:', sqlglot.__version__)" | |
| python -c "import qwed_new; print('Package qwed_new imported successfully')" | |
| python -c "import redis; r = redis.from_url('redis://localhost:6379'); print('Redis ping:', r.ping())" | |
| - name: Create .env file | |
| run: | | |
| echo "DATABASE_URL=postgresql://qwed:qwed_secret@localhost:5432/qwed_db" >> .env | |
| echo "REDIS_URL=redis://localhost:6379/0" >> .env | |
| echo "ACTIVE_PROVIDER=azure_openai" >> .env | |
| echo "QWED_CORS_ORIGINS=http://localhost:3000" >> .env | |
| DUMMY_API=$(python -c "import secrets; print(secrets.token_hex(32))") | |
| DUMMY_JWT=$(python -c "import secrets; print(secrets.token_hex(32))") | |
| echo "API_KEY_SECRET=${DUMMY_API}" >> $GITHUB_ENV | |
| echo "QWED_JWT_SECRET_KEY=${DUMMY_JWT}" >> $GITHUB_ENV | |
| echo "API_KEY_SECRET=${DUMMY_API}" >> .env | |
| echo "QWED_JWT_SECRET_KEY=${DUMMY_JWT}" >> .env | |
| echo "AZURE_OPENAI_ENDPOINT=${{ secrets.AZURE_OPENAI_ENDPOINT }}" >> .env | |
| echo "AZURE_OPENAI_API_KEY=${{ secrets.AZURE_OPENAI_API_KEY }}" >> .env | |
| echo "AZURE_OPENAI_DEPLOYMENT=${{ secrets.AZURE_OPENAI_DEPLOYMENT }}" >> .env | |
| echo "AZURE_OPENAI_API_VERSION=2024-12-01-preview" >> .env | |
| - name: Start QWED API Server | |
| env: | |
| QWED_CORS_ORIGINS: "http://localhost:3000" | |
| API_KEY_SECRET: ${{ env.API_KEY_SECRET }} | |
| QWED_JWT_SECRET_KEY: ${{ env.QWED_JWT_SECRET_KEY }} | |
| QWED_SKIP_ENV_INTEGRITY_CHECK: "true" | |
| run: | | |
| # Start API server in background | |
| python -m uvicorn qwed_new.api.main:app --host 0.0.0.0 --port 8000 & | |
| API_PID=$! | |
| echo "API_PID=$API_PID" >> $GITHUB_ENV | |
| # Wait for server to be ready (max 30 seconds) | |
| for i in {1..30}; do | |
| if curl -s http://localhost:8000/health > /dev/null 2>&1; then | |
| echo "API server is ready!" | |
| exit 0 | |
| fi | |
| echo "Waiting for API server... ($i/30)" | |
| sleep 1 | |
| done | |
| echo "::error::API server failed to start within 30 seconds" | |
| exit 1 | |
| - name: Run Tests with Coverage | |
| env: | |
| DATABASE_URL: postgresql://qwed:qwed_secret@localhost:5432/qwed_db | |
| REDIS_URL: redis://localhost:6379/0 | |
| ACTIVE_PROVIDER: mock | |
| QWED_CORS_ORIGINS: "http://localhost:3000" | |
| API_KEY_SECRET: ${{ env.API_KEY_SECRET }} | |
| QWED_JWT_SECRET_KEY: ${{ env.QWED_JWT_SECRET_KEY }} | |
| run: | | |
| pytest tests/ -v --cov=qwed_sdk --cov=src/qwed_new --cov-report=xml --cov-report=term | |
| - name: Upload Coverage to Codecov | |
| uses: codecov/codecov-action@75cd11691c0faa626561e295848008c8a7dddffe # v5 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| files: ./coverage.xml | |
| flags: unittests | |
| name: codecov-umbrella | |
| fail_ci_if_error: false |