JINA-CODE-SYSTEMS · Amit9917 · Apr 16, 2026 · Apr 16, 2026
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,207 @@
+# ============================================
+# GS360 — CI Pipeline
+# ============================================
+# Mirrors the Jina Connect CI pattern:
+#   1. Lint & Security Scan (Python + Frontend)
+#   2. Backend Tests (Python 3.11)
+#   3. Frontend Build & Type Check (Node 22)
+#   4. Secret Leak Detection (TruffleHog)
+#   5. Docker Build Validation
+# ============================================
+
+name: GS360 CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+concurrency:
+  group: ci-${{ github.ref }}
+  cancel-in-progress: true
+
+env:
+  PYTHON_VERSION: "3.11"
+  NODE_VERSION: "22"
+
+jobs:
+  # ──────────────────────────────────────────────
+  # Lint & Security Scan
+  # ──────────────────────────────────────────────
+  lint:
+    name: Lint & Security Scan
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-python@v5
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+          cache: pip
+          cache-dependency-path: gs360-live/requirements.txt
+
+      - name: Install lint tools
+        run: pip install ruff bandit
+
+      - name: Ruff lint (backend)
+        run: ruff check gs360-live/backend/ gs360-live/core/ --output-format=github
+
+      - name: Ruff format check (backend)
+        run: ruff format --check gs360-live/backend/ gs360-live/core/
+
+      - name: Bandit security scan (backend)
+        run: |
+          bandit -r gs360-live/backend/ gs360-live/core/ \
+            -ll --skip B101
+
+  # ──────────────────────────────────────────────
+  # Backend Tests
+  # ──────────────────────────────────────────────
+  test-backend:
+    name: Backend Tests (Python ${{ env.PYTHON_VERSION }})
+    runs-on: ubuntu-latest
+    needs: lint
+    defaults:
+      run:
+        working-directory: gs360-live
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-python@v5
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+          cache: pip
+          cache-dependency-path: gs360-live/requirements.txt
+
+      - name: Install dependencies
+        run: |
+          pip install --upgrade pip
+          pip install -r requirements.txt
+          pip install pytest-cov
+
+      - name: Syntax check (all backend modules)
+        run: |
+          python -m py_compile backend/app/main.py
+          python -m py_compile backend/app/config.py
+          python -m py_compile backend/app/schemas.py
+          python -m py_compile backend/app/security.py
+          python -m py_compile backend/app/websocket_manager.py
+          python -m py_compile backend/app/services/deeptutor_bridge.py
+          python -m py_compile backend/app/services/deeptutor_runtime.py
+          python -m py_compile backend/app/services/llm_client.py
+
+      - name: Syntax check (core modules)
+        run: |
+          find core/ -name "*.py" -exec python -m py_compile {} +
+
+      - name: Run tests
+        run: |
+          pytest --collect-only --no-header -q > /tmp/pytest-collect.txt 2>&1
+          collect_status=$?
+          cat /tmp/pytest-collect.txt
+
+          if [ $collect_status -ne 0 ]; then
+            exit $collect_status
+          fi
+
+          if grep -q "collected 0 items" /tmp/pytest-collect.txt; then
+            echo "No test files found — skipping coverage"
+          else
+            pytest --tb=short --no-header -q \
+              --cov=backend --cov=core \
+              --cov-report=term-missing \
+              --cov-report=xml:coverage.xml
+          fi
+
+      - name: Run integration checks (informational)
+        run: python scripts/run_integration_checks.py
+        continue-on-error: true
+
+      - name: Validate content packs (informational)
+        run: python scripts/validate-pack.py
+        continue-on-error: true
+
+      - name: Type check (mypy)
+        run: |
+          pip install mypy
+          python -m mypy backend/app/main.py --ignore-missing-imports || true
+
+      - name: Upload coverage report
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: backend-coverage
+          path: gs360-live/coverage.xml
+          if-no-files-found: ignore
+
+  # ──────────────────────────────────────────────
+  # Frontend Build & Type Check
+  # ──────────────────────────────────────────────
+  test-frontend:
+    name: Frontend (Next.js Build & Lint)
+    runs-on: ubuntu-latest
+    needs: lint
+    defaults:
+      run:
+        working-directory: gs360-live/web
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          cache: npm
+          cache-dependency-path: gs360-live/web/package-lock.json
+
+      - name: Install dependencies
+        run: npm ci --legacy-peer-deps
+
+      - name: Lint (Next.js ESLint)
+        run: npm run lint
+
+      - name: TypeScript type check
+        run: npx tsc --noEmit
+
+      - name: Build
+        run: npm run build
+
+  # ──────────────────────────────────────────────
+  # Secret Leak Detection
+  # ──────────────────────────────────────────────
+  secret-scan:
+    name: Secret Leak Detection
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: TruffleHog secret scan
+        uses: trufflesecurity/trufflehog@v3.88.18
+        with:
+          extra_args: --only-verified
+
+  # ──────────────────────────────────────────────
+  # Docker Build Validation
+  # ──────────────────────────────────────────────
+  docker:
+    name: Docker Build
+    runs-on: ubuntu-latest
+    needs: [test-backend, test-frontend]
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Build Docker image (validate only)
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: gs360-live/Dockerfile
+          push: false
+          tags: gs360:${{ github.sha }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
diff --git a/.github/workflows/deploy-docs.yml b/.github/workflows/deploy-docs.yml
@@ -0,0 +1,65 @@
+# ============================================
+# GS360 — Deploy Docs to GitHub Pages
+# ============================================
+# Builds the Astro Starlight docs site and
+# deploys it to GitHub Pages on pushes to main
+# that touch the docs/ directory.
+# ============================================
+
+name: Deploy Docs
+
+on:
+  push:
+    branches: [main]
+    paths:
+      - "docs/**"
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+concurrency:
+  group: pages
+  cancel-in-progress: false
+
+jobs:
+  build:
+    name: Build Docs
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 22
+          cache: npm
+          cache-dependency-path: docs/package-lock.json
+
+      - name: Install dependencies
+        run: npm ci
+        working-directory: docs
+
+      - name: Build docs
+        run: npm run build
+        working-directory: docs
+
+      - name: Upload artifact
+        uses: actions/upload-pages-artifact@v3
+        with:
+          path: docs/dist
+
+  deploy:
+    name: Deploy to GitHub Pages
+    needs: build
+    runs-on: ubuntu-latest
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    steps:
+      - name: Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v4
diff --git a/.gitignore b/.gitignore
diff --git a/docs/astro.config.mjs b/docs/astro.config.mjs
@@ -0,0 +1,53 @@
+import { defineConfig } from "astro/config";
+import starlight from "@astrojs/starlight";
+
+export default defineConfig({
+  site: "https://jina-code-systems.github.io",
+  base: "/GS360/",
+  integrations: [
+    starlight({
+      title: "GS360 Docs",
+      description:
+        "The open-source, AI-powered UPSC Command Center — documentation for developers and contributors.",
+      social: [
+        {
+          icon: "github",
+          label: "GitHub",
+          href: "https://github.com/JINA-CODE-SYSTEMS/GS360",
+        },
+      ],
+      sidebar: [
+        {
+          label: "Getting Started",
+          items: [
+            { label: "Introduction", slug: "getting-started/introduction" },
+            { label: "Quickstart", slug: "getting-started/quickstart" },
+            { label: "Configuration", slug: "getting-started/configuration" },
+          ],
+        },
+        {
+          label: "Architecture",
+          items: [
+            { label: "Overview", slug: "architecture/overview" },
+            { label: "API Reference", slug: "architecture/api-reference" },
+          ],
+        },
+        {
+          label: "Content Packs",
+          items: [
+            { label: "Content Guide", slug: "content-packs/guide" },
+          ],
+        },
+        {
+          label: "Contributing",
+          items: [
+            {
+              label: "Contribution Guide",
+              slug: "contributing/guide",
+            },
+          ],
+        },
+      ],
+    }),
+  ],
+});