From 7d4487b45b05ab5e6634d55729df960ea7d3bd2e Mon Sep 17 00:00:00 2001
From: Giorgio Ravera <giorgio.ravera@gmail.com>
Date: Mon, 26 Jan 2026 18:43:06 +0100
Subject: [PATCH] Added CIs

---
 .github/workflows/ci.yaml         | 82 +++++++++++++++++++++++++++++++
 .github/workflows/codeql.yaml     | 39 +++++++++++++++
 .github/workflows/dependabod.yaml | 18 +++++++
 README.md                         |  3 ++
 4 files changed, 142 insertions(+)
 create mode 100644 .github/workflows/ci.yaml
 create mode 100644 .github/workflows/codeql.yaml
 create mode 100644 .github/workflows/dependabod.yaml

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
new file mode 100644
index 0000000..3b33efd
--- /dev/null
+++ b/.github/workflows/ci.yaml
@@ -0,0 +1,82 @@
+name: CI (Python)
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+permissions:
+  contents: read
+
+jobs:
+  build-test:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        python-version: [ "3.12" ]   # aggiungi "3.11" se vuoi test multi-versione
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+          cache: 'pip'
+          cache-dependency-path: |
+            requirements.txt
+            requirements-dev.txt
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
+          if [ -f requirements-dev.txt ]; then pip install -r requirements-dev.txt; fi
+
+      # Lint (opzionale: richiede flake8 o ruff in requirements-dev.txt)
+      - name: Lint (flake8 se presente)
+        run: |
+          if python -c "import flake8" 2>/dev/null; then \
+            flake8 backend || exit 1; \
+          else \
+            echo "flake8 non installato, skip"; \
+          fi
+
+      # Test (opzionale: richiede pytest)
+      - name: Test (pytest se presente)
+        env:
+          CI: "true"
+          # Esempio: DB temporaneo se serve
+          # DB_PATH: tmp/test.db
+        run: |
+          if python -c "import pytest" 2>/dev/null; then \
+            mkdir -p tmp; \
+            pytest -q || exit 1; \
+          else \
+            echo "pytest non installato, skip"; \
+          fi
+
+      # Build âimmagineâ applicativa (se hai uno script di build o raccolta asset)
+      - name: Build (se hai uno script)
+        run: |
+          if [ -f Makefile ] && grep -q "^build:" Makefile; then \
+            make build; \
+          elif [ -f package.json ]; then \
+            npm ci || true; npm run build --if-present; \
+          else \
+            echo "Nessuna build da eseguire"; \
+          fi
+
+      # Artifact della build (opzionale)
+      - name: Upload artifact (dist/build)
+        uses: actions/upload-artifact@v4
+        with:
+          name: build-${{ github.sha }}
+          path: |
+            dist
+            build
+            out
+          if-no-files-found: ignore
diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
new file mode 100644
index 0000000..2166788
--- /dev/null
+++ b/.github/workflows/codeql.yaml
@@ -0,0 +1,39 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+  schedule:
+    - cron: '0 3 * * 1'   # every monday at 03:00
+
+permissions:
+  contents: read
+  security-events: write
+
+jobs:
+  analyze:
+    name: Analyze (Python + JavaScript)
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: 'python,javascript'
+          # queries: security-and-quality
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v3
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:multi"
diff --git a/.github/workflows/dependabod.yaml b/.github/workflows/dependabod.yaml
new file mode 100644
index 0000000..cd4b98e
--- /dev/null
+++ b/.github/workflows/dependabod.yaml
@@ -0,0 +1,18 @@
+version: 2
+updates:
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: "npm"
+    directory: "/frontend"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
diff --git a/README.md b/README.md
index 304cccc..7e85e58 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,7 @@
 # Network Manager
 [![Last Commit][last-commit-img]][last-commit-url]
 [![License Status][license-img]][license-url]
+[![Check Status][check-status-img]][check-status-url]
 [![BuyMeCoffee][buymecoffee-img]][buymecoffee-url]
 
 ## ð Network management web app
@@ -231,6 +232,8 @@ docker compose up --build -d --force-recreate
 [releases-url]: https://github.com/xraver/network-manager/releases
 [last-commit-img]: https://img.shields.io/github/last-commit/xraver/network-manager
 [last-commit-url]: https://github.com/xraver/network-manager/commits/master
+[check-status-img]: https://github.com/xraver/network-manager/actions/workflows/ci.yaml/badge.svg
+[check-status-img]: https://github.com/xraver/network-manager/actions/workflows/ci.yaml
 [buymecoffee-img]: https://img.shields.io/badge/buy%20me%20a%20coffee-donate-yellow.svg
 [buymecoffee-button]: https://www.buymeacoffee.com/assets/img/guidelines/download-assets-sm-2.svg
 [buymecoffee-url]: https://www.buymeacoffee.com/raverag
\ No newline at end of file
-- 
2.47.3