| | name: Algorithmic Trading CI/CD Pipeline |
| |
|
| | on: |
| | push: |
| | branches: [ main, develop ] |
| | pull_request: |
| | branches: [ main ] |
| | release: |
| | types: [ published ] |
| |
|
| | env: |
| | DOCKER_IMAGE: dataen10/algorithmic_trading |
| | PYTHON_VERSION: '3.11' |
| |
|
| | jobs: |
| | |
| | quality-check: |
| | name: Code Quality & Security |
| | runs-on: ubuntu-latest |
| | |
| | steps: |
| | - name: Checkout code |
| | uses: actions/checkout@v4 |
| | |
| | - name: Set up Python |
| | uses: actions/setup-python@v5 |
| | with: |
| | python-version: ${{ env.PYTHON_VERSION }} |
| | |
| | - name: Install dependencies |
| | run: | |
| | python -m pip install --upgrade pip |
| | pip install -r requirements.txt |
| | pip install flake8 black isort bandit safety |
| | |
| | - name: Code formatting check |
| | run: | |
| | black --check --diff . |
| | isort --check-only --diff . |
| | |
| | - name: Linting |
| | run: | |
| | flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics |
| | flake8 . --count --exit-zero --max-complexity=10 --max-line-length=88 --statistics |
| | |
| | - name: Security scan |
| | run: | |
| | bandit -r . -f json -o bandit-report.json || true |
| | safety check --json --output safety-report.json || true |
| | |
| | - name: Upload security reports |
| | uses: actions/upload-artifact@v4 |
| | with: |
| | name: security-reports |
| | path: | |
| | bandit-report.json |
| | safety-report.json |
| | |
| | |
| | test: |
| | name: Run Test Suite |
| | runs-on: ubuntu-latest |
| | needs: quality-check |
| | |
| | strategy: |
| | matrix: |
| | python-version: ['3.9', '3.10', '3.11'] |
| | |
| | steps: |
| | - name: Checkout code |
| | uses: actions/checkout@v4 |
| | |
| | - name: Set up Python ${{ matrix.python-version }} |
| | uses: actions/setup-python@v5 |
| | with: |
| | python-version: ${{ matrix.python-version }} |
| | |
| | - name: Install dependencies |
| | run: | |
| | python -m pip install --upgrade pip |
| | pip install -r requirements.txt |
| | |
| | - name: Run tests with coverage |
| | run: | |
| | pytest tests/ -v --cov=agentic_ai_system --cov-report=xml --cov-report=html |
| | |
| | - name: Upload coverage reports |
| | uses: codecov/codecov-action@v5 |
| | with: |
| | file: ./coverage.xml |
| | flags: unittests |
| | name: codecov-umbrella |
| | |
| | - name: Upload test artifacts |
| | uses: actions/upload-artifact@v4 |
| | with: |
| | name: test-results-${{ matrix.python-version }} |
| | path: | |
| | htmlcov/ |
| | .pytest_cache/ |
| | |
| | |
| | model-training: |
| | name: FinRL Model Training |
| | runs-on: ubuntu-latest |
| | needs: test |
| | if: github.ref == 'refs/heads/main' |
| | |
| | steps: |
| | - name: Checkout code |
| | uses: actions/checkout@v4 |
| | |
| | - name: Set up Python |
| | uses: actions/setup-python@v5 |
| | with: |
| | python-version: ${{ env.PYTHON_VERSION }} |
| | |
| | - name: Install dependencies |
| | run: | |
| | python -m pip install --upgrade pip |
| | pip install -r requirements.txt |
| | |
| | - name: Train FinRL model |
| | run: | |
| | python -c " |
| | from agentic_ai_system.finrl_agent import FinRLAgent, FinRLConfig |
| | from agentic_ai_system.data_ingestion import load_data, load_config |
| | |
| | config = load_config() |
| | data = load_data(config) |
| | |
| | agent = FinRLAgent(FinRLConfig(algorithm='PPO', learning_rate=0.0003)) |
| | result = agent.train(data=data, config=config, total_timesteps=10000) |
| | print(f'Training completed: {result}') |
| | " |
| | |
| | - name: Upload trained model |
| | uses: actions/upload-artifact@v4 |
| | with: |
| | name: finrl-model |
| | path: models/finrl_best/ |
| | |
| | # Docker Build & Test |
| | docker-build: |
| | name: Docker Build & Test |
| | runs-on: ubuntu-latest |
| | needs: [test, model-training] |
| | |
| | steps: |
| | - name: Checkout code |
| | uses: actions/checkout@v4 |
| | |
| | - name: Set up Docker Buildx |
| | uses: docker/setup-buildx-action@v3 |
| | |
| | - name: Build Docker image |
| | run: | |
| | docker build -t ${{ env.DOCKER_IMAGE }}:test . |
| | |
| | - name: Test Docker image |
| | run: | |
| | docker run --rm ${{ env.DOCKER_IMAGE }}:test python -c " |
| | from agentic_ai_system.main import main |
| | print('Docker image test passed') |
| | " |
| | |
| | - name: Save Docker image |
| | run: | |
| | docker save ${{ env.DOCKER_IMAGE }}:test -o /tmp/docker-image.tar |
| | |
| | - name: Upload Docker image |
| | uses: actions/upload-artifact@v4 |
| | with: |
| | name: docker-image |
| | path: /tmp/docker-image.tar |
| | |
| | # Docker Hub Push |
| | docker-push: |
| | name: Push to Docker Hub |
| | runs-on: ubuntu-latest |
| | needs: docker-build |
| | if: github.ref == 'refs/heads/main' |
| | |
| | steps: |
| | - name: Checkout code |
| | uses: actions/checkout@v4 |
| | |
| | - name: Set up Docker Buildx |
| | uses: docker/setup-buildx-action@v3 |
| | |
| | - name: Login to Docker Hub |
| | uses: docker/login-action@v3 |
| | with: |
| | username: ${{ secrets.DOCKERHUB_USERNAME }} |
| | password: ${{ secrets.DOCKERHUB_TOKEN }} |
| | |
| | - name: Extract metadata |
| | id: meta |
| | uses: docker/metadata-action@v5 |
| | with: |
| | images: ${{ env.DOCKER_IMAGE }} |
| | tags: | |
| | type=ref,event=branch |
| | type=ref,event=pr |
| | type=semver,pattern={{version}} |
| | type=semver,pattern={{major}}.{{minor}} |
| | type=sha |
| | |
| | - name: Build and push Docker image |
| | uses: docker/build-push-action@v6 |
| | with: |
| | context: . |
| | push: true |
| | tags: ${{ steps.meta.outputs.tags }} |
| | labels: ${{ steps.meta.outputs.labels }} |
| | cache-from: type=gha |
| | cache-to: type=gha,mode=max |
| | |
| | # Documentation Generation |
| | docs: |
| | name: Generate Documentation |
| | runs-on: ubuntu-latest |
| | needs: test |
| | if: github.ref == 'refs/heads/main' |
| | |
| | steps: |
| | - name: Checkout code |
| | uses: actions/checkout@v4 |
| | |
| | - name: Set up Python |
| | uses: actions/setup-python@v5 |
| | with: |
| | python-version: ${{ env.PYTHON_VERSION }} |
| | |
| | - name: Install dependencies |
| | run: | |
| | python -m pip install --upgrade pip |
| | pip install -r requirements.txt |
| | pip install sphinx sphinx-rtd-theme |
| | |
| | - name: Generate API documentation |
| | run: | |
| | sphinx-apidoc -o docs/source agentic_ai_system/ |
| | sphinx-build -b html docs/source docs/build/html |
| | |
| | - name: Deploy to GitHub Pages |
| | uses: peaceiris/actions-gh-pages@v4 |
| | if: github.ref == 'refs/heads/main' |
| | with: |
| | github_token: ${{ secrets.GITHUB_TOKEN }} |
| | publish_dir: ./docs/build/html |
| | |
| | # Performance Testing |
| | performance: |
| | name: Performance & Load Testing |
| | runs-on: ubuntu-latest |
| | needs: docker-build |
| | if: github.ref == 'refs/heads/main' |
| | |
| | steps: |
| | - name: Checkout code |
| | uses: actions/checkout@v4 |
| | |
| | - name: Set up Python |
| | uses: actions/setup-python@v5 |
| | with: |
| | python-version: ${{ env.PYTHON_VERSION }} |
| | |
| | - name: Install dependencies |
| | run: | |
| | python -m pip install --upgrade pip |
| | pip install -r requirements.txt |
| | pip install locust |
| | |
| | - name: Run performance tests |
| | run: | |
| | python -c " |
| | from agentic_ai_system.data_ingestion import load_data, load_config |
| | from agentic_ai_system.strategy_agent import StrategyAgent |
| | import time |
| | |
| | config = load_config() |
| | data = load_data(config) |
| | |
| | agent = StrategyAgent() |
| | |
| | start_time = time.time() |
| | for _ in range(100): |
| | signals = agent.generate_signals(data) |
| | end_time = time.time() |
| | |
| | avg_time = (end_time - start_time) / 100 |
| | print(f'Average signal generation time: {avg_time:.4f} seconds') |
| | assert avg_time < 0.1, 'Performance threshold exceeded' |
| | " |
| | |
| | - name: Upload performance report |
| | uses: actions/upload-artifact@v4 |
| | with: |
| | name: performance-report |
| | path: performance-results.json |
| | |
| | # Security & Compliance |
| | security: |
| | name: Security & Compliance Check |
| | runs-on: ubuntu-latest |
| | needs: test |
| | |
| | steps: |
| | - name: Checkout code |
| | uses: actions/checkout@v4 |
| | |
| | - name: Run Trivy vulnerability scanner |
| | uses: aquasecurity/trivy-action@master |
| | with: |
| | image-ref: ${{ env.DOCKER_IMAGE }}:test |
| | format: 'sarif' |
| | output: 'trivy-results.sarif' |
| | |
| | - name: Upload Trivy scan results |
| | uses: github/codeql-action/upload-sarif@v3 |
| | if: always() |
| | with: |
| | sarif_file: 'trivy-results.sarif' |
| | |
| | - name: Check for secrets in code |
| | run: | |
| | pip install detect-secrets |
| | detect-secrets scan --baseline .secrets.baseline |
| | |
| | - name: Trading compliance check |
| | run: | |
| | python -c " |
| | from agentic_ai_system.execution_agent import ExecutionAgent |
| | from agentic_ai_system.config import load_config |
| | |
| | config = load_config() |
| | agent = ExecutionAgent(config) |
| | |
| | |
| | assert config['risk']['max_position'] <= 100, 'Position limit too high' |
| | assert config['risk']['max_drawdown'] <= 0.05, 'Drawdown limit too high' |
| | print('Compliance checks passed') |
| | " |
| | |
| | # Notification |
| | notify: |
| | name: Notify Team |
| | runs-on: ubuntu-latest |
| | needs: [docker-push, docs, performance, security] |
| | if: always() |
| | |
| | steps: |
| | - name: Notify on success |
| | if: success() |
| | run: | |
| | echo "β
CI/CD Pipeline completed successfully!" |
| | echo "π New version deployed to Docker Hub" |
| | echo "π Documentation updated" |
| | echo "π Security checks passed" |
| | |
| | - name: Notify on failure |
| | if: failure() |
| | run: | |
| | echo "β CI/CD Pipeline failed!" |
| | echo "Please check the logs for details" |
| | |
| | - name: Send Slack notification |
| | if: always() |
| | uses: 8398a7/action-slack@v3 |
| | with: |
| | status: ${{ job.status }} |
| | channel: '#trading-alerts' |
| | env: |
| | SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} |
