CI/CD

feat: production readiness — multi-tenant isolation, backup, monitori… #71

	name: CI/CD

	on:
	push:
	branches: [main, develop]
	pull_request:
	branches: [main]

	jobs:
	test:
	runs-on: ubuntu-latest
	strategy:
	matrix:
	python-version: ["3.12"]

	steps:
	- uses: actions/checkout@v4

	- name: Set up Python ${{ matrix.python-version }}
	uses: actions/setup-python@v5
	with:
	python-version: ${{ matrix.python-version }}

	- name: Install dependencies
	run: \|
	python -m pip install --upgrade pip
	pip install -r requirements.txt

	- name: Run tests
	run: pytest tests/ -v --tb=short -n auto --dist loadfile

	docker:
	runs-on: ubuntu-latest
	needs: test
	if: github.ref == 'refs/heads/main'

	steps:
	- uses: actions/checkout@v4

	- name: Build Docker image
	run: docker build -t resgov:${{ github.sha }} .

	- name: Test Docker image
	run: \|
	docker run -d --name resgov-test -p 8080:8080 resgov:${{ github.sha }}
	sleep 5
	curl -f http://localhost:8080/health \|\| exit 1
	docker stop resgov-test

	deploy:
	runs-on: ubuntu-latest
	needs: docker
	if: github.ref == 'refs/heads/main' && github.event_name == 'push'

	steps:
	- uses: actions/checkout@v4

	- name: Deploy to production server
	uses: appleboy/ssh-action@v1
	with:
	host: ${{ secrets.DEPLOY_HOST }}
	username: ${{ secrets.DEPLOY_USER }}
	key: ${{ secrets.DEPLOY_SSH_KEY }}
	script: \|
	cd /opt/resgov
	git pull --rebase origin main
	docker compose build --no-cache resgov
	docker compose up -d resgov
	sleep 5
	curl -f http://localhost:8080/health \|\| exit 1
	echo "✅ Deploy successful: $(curl -s http://localhost:8080/health)"

Provide feedback