# GUARDiA ITSM — Gitea Actions CI/CD # 트리거: PR (feature → develop), Push (develop, main) # 목적: Python 문법 검사 + 임포트 테스트 + 설치 스크립트 검증 name: GUARDiA CI on: push: branches: - main - develop - 'feature/**' pull_request: branches: - main - develop env: PYTHON_VERSION: "3.11" jobs: # ── 1. Python 코드 품질 검사 ───────────────────────────────── lint-and-test: name: Python Lint & Import Test runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v3 - name: Setup Python ${{ env.PYTHON_VERSION }} uses: actions/setup-python@v4 with: python-version: ${{ env.PYTHON_VERSION }} - name: Install dependencies run: | cd itsm pip install --upgrade pip -q pip install -r requirements.txt -q pip install flake8 -q - name: Flake8 (문법/스타일 검사) run: | cd itsm # 오류만 체크 (경고는 무시) — E9xx, F4xx, F8xx만 flake8 . --count --select=E9,F401,F811,F821,F841 \ --exclude=__pycache__,.git,static \ --max-line-length=200 \ --statistics continue-on-error: false - name: 모듈 임포트 테스트 run: | cd itsm python -c " import sys, os sys.path.insert(0, '.') os.chdir('.') modules = [ 'models', 'database', 'core.auth', 'core.license', 'core.oauth', 'core.auto_rca', 'core.deploy_impact', 'core.ticket_classifier', 'core.jira_sync', 'core.push_notify', 'core.scheduler', 'routers.tasks', 'routers.approvals', 'routers.messenger', 'routers.vuln_scan', 'routers.gateway', 'routers.license', 'routers.push', 'routers.incidents', 'routers.problem', 'routers.vibe', ] errors = [] for m in modules: try: __import__(m) print(f'[OK] {m}') except Exception as e: print(f'[ERR] {m}: {e}') errors.append(m) if errors: print(f'\\nFailed: {errors}') sys.exit(1) print('\\n모든 모듈 임포트 성공') " - name: FastAPI 앱 로드 테스트 run: | cd itsm python -c " import sys, os sys.path.insert(0, '.') os.chdir('.') from main import app routes = [r.path for r in app.routes if hasattr(r, 'path')] assert len(routes) > 100, f'라우트 수 부족: {len(routes)}' print(f'FastAPI 앱 로드 성공 — {len(routes)}개 라우트') " # ── 2. 설치 스크립트 검증 ───────────────────────────────────── validate-scripts: name: Validate Install Scripts runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v3 - name: Bash 스크립트 구문 검사 run: | echo "=== Bash 스크립트 구문 검사 ===" FAIL=0 for f in setup/*.sh setup/lib/*.sh; do bash -n "$f" && echo "[OK] $f" || { echo "[ERR] $f"; FAIL=1; } done for f in itsm/cicd/scripts/**/*.sh; do [ -f "$f" ] && { bash -n "$f" && echo "[OK] $f" || { echo "[ERR] $f"; FAIL=1; }; } done [ $FAIL -eq 0 ] || exit 1 - name: Docker Compose YAML 검증 run: | python3 -c " import yaml for f in ['docker-compose.yml', 'docker-compose.prod.yml']: with open(f, encoding='utf-8') as fp: yaml.safe_load(fp) print(f'[OK] {f}') " - name: db_init.py 검증 run: | python3 -c " import ast with open('itsm/tools/db_init.py', encoding='utf-8') as f: ast.parse(f.read()) print('[OK] itsm/tools/db_init.py') " # ── 3. PR 검증 요약 ────────────────────────────────────────── pr-summary: name: PR Validation Summary runs-on: ubuntu-latest needs: [lint-and-test, validate-scripts] if: github.event_name == 'pull_request' steps: - name: PR 통과 run: | echo "✅ PR 검증 통과" echo " - Python 코드 품질: 통과" echo " - 모듈 임포트: 통과" echo " - 설치 스크립트: 통과" echo "" echo "이제 리뷰어 승인을 받아 병합할 수 있습니다."