Playing with FastAPI, by creating a very over-simplified investment projections service (with projections calculated by Nutmeg's calculator), deployed on Heroku, as part of GitHub Actions CD pipeline; and Docker image also pushed to GitHub packages.
- Unit and integration tests: Executed on Push and PRs, before Docker image is built. Code coverage measured by Codecov.
- End to end test: Executed on Push and PRs, after Docker image is built, and before it is pushed to GitHub packages; and then once again after Docker image is tagged and pushed to Heroku and service deployed.
- OWASP API security scan: Executed on Push and PRs, after end-to-end test has run.
PRs opened for dependency updates by Dependabot Bot and those PRs auto-merged after successful CI checks by Mergify.
Codeql and OSSAR scans, via GitHub Actions, on Push and PRs.
Following checks/scans made by Pre-commit: Pylint, Flake8, Black, Mypy and isort.
GitHub Actions and Heroku