Add .editorconfig and update video compression tests #11
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Tests | |
| on: | |
| push: | |
| branches: [ main, develop ] | |
| pull_request: | |
| branches: [ main, develop ] | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| strategy: | |
| matrix: | |
| python-version: [3.11, 3.12] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Cache pip dependencies | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip- | |
| - name: Install system dependencies | |
| run: | | |
| sudo apt-get update -qq | |
| sudo apt-get install -y --no-install-recommends ffmpeg | |
| ffmpeg -version | |
| - name: Install Python dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| pip install pytest pytest-cov pytest-asyncio | |
| - name: Create test environment file | |
| run: | | |
| cat > .env << EOF | |
| BOT_TOKEN=test_token | |
| RAPIDAPI_KEY=test_key | |
| WEBHOOK_PATH=/webhook | |
| WEBHOOK_URL=http://localhost:8000 | |
| BOT_USERNAME=test_bot | |
| MONGODB_URI=mongodb://localhost:27017/test | |
| MONGODB_DB_NAME=test_db | |
| MONGODB_USERS_COLLECTION=users | |
| MONGODB_COUPONS_COLLECTION=coupons | |
| ADMIN_IDS=123456789 | |
| STRIPE_PUBLISHABLE_KEY=pk_test_key | |
| STRIPE_SECRET_KEY=sk_test_key | |
| STRIPE_WEBHOOK_SECRET=whsec_test | |
| STRIPE_SUCCESS_URL=http://localhost:8000/success | |
| STRIPE_CANCEL_URL=http://localhost:8000/cancel | |
| EOF | |
| - name: Run tests with timeout | |
| timeout-minutes: 15 | |
| run: | | |
| python -m pytest tests/ -v --tb=short --maxfail=5 --cov=utils --cov=handlers --cov-report=xml | |
| - name: Upload coverage to Codecov | |
| if: success() | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| file: ./coverage.xml | |
| flags: unittests | |
| name: codecov-umbrella | |
| fail_ci_if_error: false | |
| quick-tests: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: 3.11 | |
| - name: Cache pip dependencies | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-quick-${{ hashFiles('**/requirements.txt') }} | |
| - name: Install minimal dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install pytest pytest-asyncio python-dotenv pymongo | |
| - name: Create test environment | |
| run: | | |
| echo "BOT_TOKEN=test" > .env | |
| echo "ADMIN_IDS=123" >> .env | |
| - name: Run config and basic tests only | |
| run: | | |
| python -m pytest tests/test_compression_config.py -v --tb=short | |
| lint: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: 3.11 | |
| - name: Cache pip dependencies | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-lint-${{ hashFiles('**/requirements-dev.txt') }} | |
| - name: Install linting dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install flake8 black isort | |
| - name: Lint with flake8 | |
| run: | | |
| # Stop the build if there are Python syntax errors or undefined names | |
| flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics | |
| # Exit-zero treats all errors as warnings | |
| flake8 . --count --exit-zero --max-complexity=10 --max-line-length=100 --statistics | |
| - name: Check code formatting with black | |
| run: | | |
| black --check --line-length=100 . | |
| - name: Check import sorting with isort | |
| run: | | |
| isort --check-only --profile black --line-length=100 . | |
| security: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: 3.11 | |
| - name: Install security tools | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install bandit safety | |
| - name: Run bandit security scan | |
| run: | | |
| bandit -r . -f json -o bandit-report.json --exclude tests/ || echo "Bandit completed with warnings" | |
| - name: Run safety vulnerability check | |
| run: | | |
| safety check --json --output safety-report.json || echo "Safety completed with warnings" | |
| - name: Check for secrets in code | |
| run: | | |
| # Simple grep-based secret detection (excluding config files and .env files) | |
| if grep -r "sk_live_" . --exclude-dir=.git --exclude="*.md" --exclude="*.yml" --exclude="*.yaml" --exclude-dir=.github --exclude=".env*"; then | |
| echo "❌ Live Stripe keys found!" | |
| exit 1 | |
| fi | |
| if grep -r "mongodb+srv://.*:.*@" . --exclude-dir=.git --exclude="*.md" --exclude="*.yml" --exclude="*.yaml" --exclude-dir=.github --exclude=".env*"; then | |
| echo "❌ MongoDB credentials found!" | |
| exit 1 | |
| fi | |
| echo "✅ No obvious secrets detected" | |
| - name: Upload security reports | |
| if: always() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: security-reports | |
| path: | | |
| bandit-report.json | |
| safety-report.json |