feat: improve CI/CD workflows and code quality checks

- ci.yml: fix workflow_dispatch (was missing options), add pull_request trigger - deploy.yml: add dry_run option for safe testing deployments - Makefile: improve code quality targets to include bots subdirectories - docker-compose.yml: clean up telegram-bot env vars (use env_file) Made-with: Cursor
2026-03-01 01:01:54 +03:00
parent e35415d3d1
commit 7d12bebb6e
4 changed files with 83 additions and 54 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -3,12 +3,9 @@ name: CI pipeline
 on:
  push:
    branches: [ 'dev-*', 'feature/**' ]
+  pull_request:
+    branches: [ 'main' ]
  workflow_dispatch:
-    inputs:
-      action:
-        description: 'Action to perform'
-        required: true
-        type: choice

 jobs:
  test:
@@ -29,17 +26,11 @@ jobs:
        run: |
          python -m pip install --upgrade pip
          pip install -r tests/infra/requirements-test.txt
-          pip install flake8 black isort mypy || true
+          pip install "black>=24.0,<25" "isort>=5.13,<6" flake8 mypy || true
      
-      - name: Code formatting check (Black)
+      - name: Code quality (Black + isort) — те же команды, что make code-quality
        run: |
-          echo "🔍 Checking code formatting with Black..."
-          black --check . || (echo "❌ Code formatting issues found. Run 'black .' to fix." && exit 1)
-      
-      - name: Import sorting check (isort)
-        run: |
-          echo "🔍 Checking import sorting with isort..."
-          isort --check-only . || (echo "❌ Import sorting issues found. Run 'isort .' to fix." && exit 1)
+          make format-check import-check || (echo "" && echo "❌ Code style drift. Locally run: make import-fix && make format && git add -A && git commit -m 'style: isort + black'" && exit 1)
      
      - name: Linting (flake8) - Critical errors
        run: |
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -16,6 +16,14 @@ on:
        description: 'Commit hash to rollback to (optional, uses last successful if empty)'
        required: false
        type: string
+      dry_run:
+        description: 'Dry run (only for deploy — no SSH, only show planned steps)'
+        required: false
+        type: choice
+        default: 'no'
+        options:
+          - 'no'
+          - 'yes'

 jobs:
  deploy:
@@ -24,6 +32,8 @@ jobs:
    if: |
      github.event_name == 'push' || 
      (github.event_name == 'workflow_dispatch' && github.event.inputs.action == 'deploy')
+    env:
+      DRY_RUN: ${{ github.event.inputs.dry_run == 'yes' }}
    concurrency:
      group: production-deploy
      cancel-in-progress: false
@@ -36,7 +46,25 @@ jobs:
        with:
          ref: main
      
+      - name: Dry run (simulate deploy steps)
+        if: github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'yes'
+        run: |
+          echo "🔍 DRY RUN — no SSH, no changes on server"
+          echo "Would run on server:"
+          echo "  1. cd /home/prod"
+          echo "  2. CURRENT_COMMIT + history; git fetch origin main && git reset --hard origin/main"
+          echo "  3. docker-compose config (validate)"
+          echo "  4. docker-compose stop prometheus grafana uptime-kuma alertmanager"
+          echo "  5. docker-compose build --pull prometheus grafana uptime-kuma alertmanager"
+          echo "  6. docker-compose up -d prometheus grafana uptime-kuma alertmanager"
+          echo ""
+          echo "Secrets/vars required: SERVER_HOST, SERVER_USER, SSH_PRIVATE_KEY, SSH_PORT"
+          if [ -f docker-compose.yml ]; then
+            echo "✅ docker-compose.yml present in repo (validation would run on server)"
+          fi
+      
      - name: Deploy to server
+        if: github.event_name != 'workflow_dispatch' || github.event.inputs.dry_run != 'yes'
        uses: appleboy/ssh-action@v1.0.0
        with:
          host: ${{ vars.SERVER_HOST || secrets.SERVER_HOST }}
@@ -105,7 +133,7 @@ jobs:
            echo "✅ Infrastructure containers rebuilt and started (bots remain running)"
      
      - name: Update deploy history
-        if: always()
+        if: always() && env.DRY_RUN != 'true'
        uses: appleboy/ssh-action@v1.0.0
        with:
          host: ${{ vars.SERVER_HOST || secrets.SERVER_HOST }}
@@ -126,7 +154,7 @@ jobs:
            fi
      
      - name: Send deployment notification
-        if: always()
+        if: always() && env.DRY_RUN != 'true'
        uses: appleboy/telegram-action@v1.0.0
        with:
          to: ${{ secrets.TELEGRAM_CHAT_ID }}