Skip to content

ci: full CI/CD with tests, linting, terraform, and security scans#10

Open
huslayer826 wants to merge 1 commit into
mainfrom
feat/ci-cd
Open

ci: full CI/CD with tests, linting, terraform, and security scans#10
huslayer826 wants to merge 1 commit into
mainfrom
feat/ci-cd

Conversation

@huslayer826

Copy link
Copy Markdown
Owner

Summary

Adds GitHub Actions CI/CD for tests, linting, Terraform validation, and security scanning.

What changed

  • Added test workflow with Python 3.11, coverage XML, Codecov upload, and 80% coverage gate.
  • Added lint workflow with Ruff and mypy, keeping shared modules strict while allowing AWS typing leniency in tools.
  • Added Terraform workflow with Terraform 1.6 format/init/validate and best-effort tflint.
  • Added security workflow with Bandit, pip-audit, and Checkov reporting.
  • Added PR and issue templates plus CONTRIBUTING.md.
  • Added README badges for tests, linting, coverage, Python, Terraform, and license.

Local verification

  • pytest coverage gate passes at 90%+
  • ruff passes
  • mypy shared/tools passes with configured flags
  • Bandit and pip-audit pass
  • Checkov runs in soft-fail reporting mode

Note: Terraform is not installed locally, so terraform fmt/validate will be verified by GitHub Actions.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant