| name: Scheduled Maintenance |
|
|
| on: |
| schedule: |
| |
| - cron: '0 6 1 */3 *' |
| |
| - cron: '0 8 * * 0' |
| |
| - cron: '0 10 1 * *' |
|
|
| env: |
| AWS_REGION: us-west-2 |
| S3_BUCKET: fredmlv1 |
| LAMBDA_FUNCTION: fred-ml-processor |
| PYTHON_VERSION: '3.9' |
|
|
| jobs: |
| |
| quarterly-health-check: |
| name: π₯ Quarterly Health Check |
| runs-on: ubuntu-latest |
| if: github.event.schedule == '0 6 1 */3 *' |
| |
| steps: |
| - name: Checkout code |
| uses: actions/checkout@v4 |
| |
| - name: Set up Python ${{ env.PYTHON_VERSION }} |
| uses: actions/setup-python@v4 |
| with: |
| python-version: ${{ env.PYTHON_VERSION }} |
| |
| - name: Install dependencies |
| run: | |
| python -m pip install --upgrade pip |
| pip install -r requirements.txt |
| |
| - name: Configure AWS credentials |
| uses: aws-actions/configure-aws-credentials@v4 |
| with: |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |
| aws-region: ${{ env.AWS_REGION }} |
| |
| - name: Check Lambda function status |
| run: | |
| echo "β‘ Checking Lambda function status..." |
| aws lambda get-function --function-name ${{ env.LAMBDA_FUNCTION }} --region ${{ env.AWS_REGION }} |
| |
| - name: Check S3 bucket status |
| run: | |
| echo "π¦ Checking S3 bucket status..." |
| aws s3 ls s3://${{ env.S3_BUCKET }} --region ${{ env.AWS_REGION }} |
| |
| - name: Check EventBridge rules |
| run: | |
| echo "β° Checking EventBridge rules..." |
| aws events list-rules --name-prefix "fred-ml" --region ${{ env.AWS_REGION }} |
| |
| - name: Run basic system test |
| run: | |
| echo "π§ͺ Running basic system test..." |
| python scripts/test_complete_system.py --quick |
| env: |
| AWS_DEFAULT_REGION: ${{ env.AWS_REGION }} |
| S3_BUCKET: ${{ env.S3_BUCKET }} |
| LAMBDA_FUNCTION: ${{ env.LAMBDA_FUNCTION }} |
|
|
| |
| weekly-dependencies: |
| name: π¦ Weekly Dependency Check |
| runs-on: ubuntu-latest |
| if: github.event.schedule == '0 8 * * 0' |
| |
| steps: |
| - name: Checkout code |
| uses: actions/checkout@v4 |
| |
| - name: Set up Python ${{ env.PYTHON_VERSION }} |
| uses: actions/setup-python@v4 |
| with: |
| python-version: ${{ env.PYTHON_VERSION }} |
| |
| - name: Check for outdated packages |
| run: | |
| echo "π¦ Checking for outdated packages..." |
| pip install pip-check-updates |
| pcu --version || echo "pip-check-updates not available" |
| |
| - name: Check for security vulnerabilities |
| run: | |
| echo "π Checking for security vulnerabilities..." |
| pip install safety |
| safety check --json --output safety-report.json || true |
| |
| - name: Upload dependency report |
| uses: actions/upload-artifact@v3 |
| with: |
| name: dependency-report |
| path: safety-report.json |
|
|
| |
| monthly-performance: |
| name: β‘ Monthly Performance Test |
| runs-on: ubuntu-latest |
| if: github.event.schedule == '0 10 1 * *' |
| |
| steps: |
| - name: Checkout code |
| uses: actions/checkout@v4 |
| |
| - name: Set up Python ${{ env.PYTHON_VERSION }} |
| uses: actions/setup-python@v4 |
| with: |
| python-version: ${{ env.PYTHON_VERSION }} |
| |
| - name: Install dependencies |
| run: | |
| python -m pip install --upgrade pip |
| pip install -r requirements.txt |
| |
| - name: Configure AWS credentials |
| uses: aws-actions/configure-aws-credentials@v4 |
| with: |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |
| aws-region: ${{ env.AWS_REGION }} |
| |
| - name: Run performance tests |
| run: | |
| echo "β‘ Running performance tests..." |
| python scripts/test_complete_system.py --performance |
| env: |
| AWS_DEFAULT_REGION: ${{ env.AWS_REGION }} |
| S3_BUCKET: ${{ env.S3_BUCKET }} |
| LAMBDA_FUNCTION: ${{ env.LAMBDA_FUNCTION }} |
| |
| - name: Generate performance report |
| run: | |
| echo "π Generating performance report..." |
| echo "Performance test completed at $(date)" > performance-report.txt |
| echo "Lambda function: ${{ env.LAMBDA_FUNCTION }}" >> performance-report.txt |
| echo "S3 bucket: ${{ env.S3_BUCKET }}" >> performance-report.txt |
| |
| - name: Upload performance report |
| uses: actions/upload-artifact@v3 |
| with: |
| name: performance-report |
| path: performance-report.txt |
|
|
| |
| cleanup: |
| name: π§Ή Cleanup Old Artifacts |
| runs-on: ubuntu-latest |
| |
| steps: |
| - name: Checkout code |
| uses: actions/checkout@v4 |
| |
| - name: Configure AWS credentials |
| uses: aws-actions/configure-aws-credentials@v4 |
| with: |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |
| aws-region: ${{ env.AWS_REGION }} |
| |
| - name: Clean up old S3 objects |
| run: | |
| echo "π§Ή Cleaning up old S3 objects..." |
| # Delete objects older than 90 days |
| aws s3 ls s3://${{ env.S3_BUCKET }}/exports/ --recursive | \ |
| while read -r line; do |
| createDate=$(echo $line | awk {'print $1'}) |
| createDate=$(date -d "$createDate" +%s) |
| olderThan=$(date -d "-90 days" +%s) |
| if [[ $createDate -lt $olderThan ]]; then |
| fileName=$(echo $line | awk {'print $4'}) |
| if [[ $fileName != "" ]]; then |
| aws s3 rm s3://${{ env.S3_BUCKET }}/exports/$fileName |
| echo "Deleted: $fileName" |
| fi |
| fi |
| done || echo "No old files to clean up" |
| |
| - name: Clean up old Lambda logs |
| run: | |
| echo "π§Ή Cleaning up old Lambda logs..." |
| # This is a placeholder - CloudWatch log cleanup would require additional setup |
| echo "CloudWatch log cleanup requires additional IAM permissions" |
