|
|
name: Scheduled Maintenance |
|
|
|
|
|
on: |
|
|
schedule: |
|
|
|
|
|
- cron: '0 6 1 */3 *' |
|
|
|
|
|
- cron: '0 8 * * 0' |
|
|
|
|
|
- cron: '0 10 1 * *' |
|
|
|
|
|
env: |
|
|
AWS_REGION: us-west-2 |
|
|
S3_BUCKET: fredmlv1 |
|
|
LAMBDA_FUNCTION: fred-ml-processor |
|
|
PYTHON_VERSION: '3.9' |
|
|
|
|
|
jobs: |
|
|
|
|
|
quarterly-health-check: |
|
|
name: π₯ Quarterly Health Check |
|
|
runs-on: ubuntu-latest |
|
|
if: github.event.schedule == '0 6 1 */3 *' |
|
|
|
|
|
steps: |
|
|
- name: Checkout code |
|
|
uses: actions/checkout@v4 |
|
|
|
|
|
- name: Set up Python ${{ env.PYTHON_VERSION }} |
|
|
uses: actions/setup-python@v4 |
|
|
with: |
|
|
python-version: ${{ env.PYTHON_VERSION }} |
|
|
|
|
|
- name: Install dependencies |
|
|
run: | |
|
|
python -m pip install --upgrade pip |
|
|
pip install -r requirements.txt |
|
|
|
|
|
- name: Configure AWS credentials |
|
|
uses: aws-actions/configure-aws-credentials@v4 |
|
|
with: |
|
|
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} |
|
|
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |
|
|
aws-region: ${{ env.AWS_REGION }} |
|
|
|
|
|
- name: Check Lambda function status |
|
|
run: | |
|
|
echo "β‘ Checking Lambda function status..." |
|
|
aws lambda get-function --function-name ${{ env.LAMBDA_FUNCTION }} --region ${{ env.AWS_REGION }} |
|
|
|
|
|
- name: Check S3 bucket status |
|
|
run: | |
|
|
echo "π¦ Checking S3 bucket status..." |
|
|
aws s3 ls s3://${{ env.S3_BUCKET }} --region ${{ env.AWS_REGION }} |
|
|
|
|
|
- name: Check EventBridge rules |
|
|
run: | |
|
|
echo "β° Checking EventBridge rules..." |
|
|
aws events list-rules --name-prefix "fred-ml" --region ${{ env.AWS_REGION }} |
|
|
|
|
|
- name: Run basic system test |
|
|
run: | |
|
|
echo "π§ͺ Running basic system test..." |
|
|
python scripts/test_complete_system.py --quick |
|
|
env: |
|
|
AWS_DEFAULT_REGION: ${{ env.AWS_REGION }} |
|
|
S3_BUCKET: ${{ env.S3_BUCKET }} |
|
|
LAMBDA_FUNCTION: ${{ env.LAMBDA_FUNCTION }} |
|
|
|
|
|
|
|
|
weekly-dependencies: |
|
|
name: π¦ Weekly Dependency Check |
|
|
runs-on: ubuntu-latest |
|
|
if: github.event.schedule == '0 8 * * 0' |
|
|
|
|
|
steps: |
|
|
- name: Checkout code |
|
|
uses: actions/checkout@v4 |
|
|
|
|
|
- name: Set up Python ${{ env.PYTHON_VERSION }} |
|
|
uses: actions/setup-python@v4 |
|
|
with: |
|
|
python-version: ${{ env.PYTHON_VERSION }} |
|
|
|
|
|
- name: Check for outdated packages |
|
|
run: | |
|
|
echo "π¦ Checking for outdated packages..." |
|
|
pip install pip-check-updates |
|
|
pcu --version || echo "pip-check-updates not available" |
|
|
|
|
|
- name: Check for security vulnerabilities |
|
|
run: | |
|
|
echo "π Checking for security vulnerabilities..." |
|
|
pip install safety |
|
|
safety check --json --output safety-report.json || true |
|
|
|
|
|
- name: Upload dependency report |
|
|
uses: actions/upload-artifact@v3 |
|
|
with: |
|
|
name: dependency-report |
|
|
path: safety-report.json |
|
|
|
|
|
|
|
|
monthly-performance: |
|
|
name: β‘ Monthly Performance Test |
|
|
runs-on: ubuntu-latest |
|
|
if: github.event.schedule == '0 10 1 * *' |
|
|
|
|
|
steps: |
|
|
- name: Checkout code |
|
|
uses: actions/checkout@v4 |
|
|
|
|
|
- name: Set up Python ${{ env.PYTHON_VERSION }} |
|
|
uses: actions/setup-python@v4 |
|
|
with: |
|
|
python-version: ${{ env.PYTHON_VERSION }} |
|
|
|
|
|
- name: Install dependencies |
|
|
run: | |
|
|
python -m pip install --upgrade pip |
|
|
pip install -r requirements.txt |
|
|
|
|
|
- name: Configure AWS credentials |
|
|
uses: aws-actions/configure-aws-credentials@v4 |
|
|
with: |
|
|
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} |
|
|
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |
|
|
aws-region: ${{ env.AWS_REGION }} |
|
|
|
|
|
- name: Run performance tests |
|
|
run: | |
|
|
echo "β‘ Running performance tests..." |
|
|
python scripts/test_complete_system.py --performance |
|
|
env: |
|
|
AWS_DEFAULT_REGION: ${{ env.AWS_REGION }} |
|
|
S3_BUCKET: ${{ env.S3_BUCKET }} |
|
|
LAMBDA_FUNCTION: ${{ env.LAMBDA_FUNCTION }} |
|
|
|
|
|
- name: Generate performance report |
|
|
run: | |
|
|
echo "π Generating performance report..." |
|
|
echo "Performance test completed at $(date)" > performance-report.txt |
|
|
echo "Lambda function: ${{ env.LAMBDA_FUNCTION }}" >> performance-report.txt |
|
|
echo "S3 bucket: ${{ env.S3_BUCKET }}" >> performance-report.txt |
|
|
|
|
|
- name: Upload performance report |
|
|
uses: actions/upload-artifact@v3 |
|
|
with: |
|
|
name: performance-report |
|
|
path: performance-report.txt |
|
|
|
|
|
|
|
|
cleanup: |
|
|
name: π§Ή Cleanup Old Artifacts |
|
|
runs-on: ubuntu-latest |
|
|
|
|
|
steps: |
|
|
- name: Checkout code |
|
|
uses: actions/checkout@v4 |
|
|
|
|
|
- name: Configure AWS credentials |
|
|
uses: aws-actions/configure-aws-credentials@v4 |
|
|
with: |
|
|
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} |
|
|
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |
|
|
aws-region: ${{ env.AWS_REGION }} |
|
|
|
|
|
- name: Clean up old S3 objects |
|
|
run: | |
|
|
echo "π§Ή Cleaning up old S3 objects..." |
|
|
# Delete objects older than 90 days |
|
|
aws s3 ls s3://${{ env.S3_BUCKET }}/exports/ --recursive | \ |
|
|
while read -r line; do |
|
|
createDate=$(echo $line | awk {'print $1'}) |
|
|
createDate=$(date -d "$createDate" +%s) |
|
|
olderThan=$(date -d "-90 days" +%s) |
|
|
if [[ $createDate -lt $olderThan ]]; then |
|
|
fileName=$(echo $line | awk {'print $4'}) |
|
|
if [[ $fileName != "" ]]; then |
|
|
aws s3 rm s3://${{ env.S3_BUCKET }}/exports/$fileName |
|
|
echo "Deleted: $fileName" |
|
|
fi |
|
|
fi |
|
|
done || echo "No old files to clean up" |
|
|
|
|
|
- name: Clean up old Lambda logs |
|
|
run: | |
|
|
echo "π§Ή Cleaning up old Lambda logs..." |
|
|
# This is a placeholder - CloudWatch log cleanup would require additional setup |
|
|
echo "CloudWatch log cleanup requires additional IAM permissions" |
