Skip to content

πŸ” CI/CD Workflow

  • All deployments, code quality checks (ruff), unit tests, security checks are automated via GitHub Actions on every PR and push.

  • See /.github/workflows for full pipeline details.

The diagram below illustrates the full workflow β€” from local development (pre-commit hooks) to production deployment via CI/CD.

Click on image to zoom

βœ… CI/CD Prerequisites

πŸ” Add Required Secrets

Before pushing to remote repo, go to the Github Repo:

Settings β†’ Secrets and variables β†’ Actions β†’ New repository secret

Add the following:

  • DOCKER_TOKEN and DOCKER_USERNAME
  • HF_TOKENand HF_USERNAME
  • GIT_USERNAME

  • GIT_USER_EMAIL: Use your GitHub-provided private email:

    • Go to /settings/profile β†’ Emails, enable β€œKeep my email address private”**,
    • then copy the @users.noreply.github.com address shown there.

Note

  • Define HF_USERNAME in GitHub Actions secrets even if it's already in .env, because GitHub treats it as sensitive data and mask it, leading to hard-to-debug issues. Using secrets ensures consistent and reliable acces.
  • To anticipate similar issues, do the same for DOCKER_USERNAME β€” define it in GitHub Actions secrets as well.

βš™οΈ Configure Workflow Permissions

Ensure GitHub Actions has the correct permissions:

Go to Github Repo: Settings β†’ Actions β†’ General β†’ Under Workflow permissions:

  • βœ… Select: Read and write permissions
  • βœ… Check: Allow GitHub Actions to create and approve pull requests

Act Local Testing

Instead of pushing commits to GitHub to test your CI/CD pipeline, use act to run workflows locally.

We've created act.mk with all testing commands - this allows you to:

  • πŸ§ͺ Test workflows locally before pushing to GitHub
  • πŸš€ Debug CI/CD issues without polluting git history
  • ⚑ Faster iteration - no waiting for GitHub runners
  • πŸ’° Save GitHub Actions minutes during development

All installation instructions and detailed usage are documented in the act.mk file.