From e93af403c8c5e81eb613611a4f7cd5fab6e451b7 Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Mon, 17 Nov 2025 23:27:59 +0000
Subject: [PATCH] fix(ci): actualiza y corrige workflows de CI/CD
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Mejoras realizadas en los workflows de GitHub Actions:

**ci.yml:**
- Mejora verificación de dependencias Python para validar formato y presencia de paquetes ML/OCR críticos
- Corrige cache key en frontend-bundle-analysis (pnpm-lock.yaml en vez de package-lock.json)
- Agrega timeout de 20 minutos al job verify-environment

**docker-intellidocs.yml:**
- Agrega variable SKIP_SLOW_TESTS=1 en smoke tests ML para evitar timeouts
- Mejora lógica de determinación de tags Docker con sanitización de nombres de branches
- Agrega soporte para tags y manejo de caracteres especiales en nombres de branches
- Agrega timeouts: 30min (test-ml-dependencies), 120min (build-and-push), 20min (test-docker-image)

**translate-strings.yml:**
- Especifica versión explícita de Python (3.11) y UV (0.9.x)
- Agrega parámetro --python en uv sync para consistencia
- Cambia runner de ubuntu-latest a ubuntu-24.04
- Agrega timeout de 20 minutos

Estas correcciones aseguran que:
- Las verificaciones sean más robustas y precisas
- Los jobs no se cuelguen indefinidamente
- Los caches se invaliden correctamente
- Los tags Docker se generen correctamente para cualquier nombre de branch
---
 .github/workflows/ci.yml                 | 38 ++++++++++++++++++++----
 .github/workflows/docker-intellidocs.yml | 15 +++++++++-
 .github/workflows/translate-strings.yml  |  8 ++++-
 3 files changed, 54 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 432841f64..1023f38c6 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -77,6 +77,7 @@ jobs:
   verify-environment:
     name: "Verify Environment & Services"
     runs-on: ubuntu-24.04
+    timeout-minutes: 20
     needs:
       - pre-commit
     steps:
@@ -126,16 +127,43 @@ jobs:
           echo "✓ requirements.txt generated successfully"
       - name: Verify Python dependencies installation
         run: |
-          # Verify that requirements.txt can be parsed
+          # Verify that requirements.txt is valid and dependencies can be resolved
           if ! python -c "
 import sys
+import re
 try:
     with open('requirements.txt', 'r') as f:
-        lines = f.readlines()
-    print(f'✓ requirements.txt has {len(lines)} entries')
+        lines = [l.strip() for l in f.readlines() if l.strip() and not l.startswith('#')]
+
+    # Validate format of each dependency line
+    invalid_lines = []
+    for line in lines:
+        # Skip empty lines and comments
+        if not line or line.startswith('#'):
+            continue
+        # Basic validation: should contain package name
+        if not re.match(r'^[a-zA-Z0-9_-]+', line):
+            invalid_lines.append(line)
+
+    if invalid_lines:
+        print(f'✗ Invalid dependency lines found: {invalid_lines}')
+        sys.exit(1)
+
+    print(f'✓ requirements.txt has {len(lines)} valid entries')
+
+    # Verify critical ML/OCR dependencies are present
+    content = ' '.join(lines)
+    required_packages = ['torch', 'transformers', 'opencv-python', 'sentence-transformers', 'scikit-learn']
+    missing = [pkg for pkg in required_packages if pkg not in content]
+
+    if missing:
+        print(f'✗ Missing critical ML/OCR dependencies: {missing}')
+        sys.exit(1)
+
+    print(f'✓ All critical ML/OCR dependencies present')
     sys.exit(0)
 except Exception as e:
-    print(f'✗ Error reading requirements.txt: {e}')
+    print(f'✗ Error validating requirements.txt: {e}')
     sys.exit(1)
           "; then
             exit 1
@@ -461,7 +489,7 @@ except Exception as e:
           path: |
             ~/.pnpm-store
             ~/.cache
-          key: ${{ runner.os }}-frontenddeps-${{ hashFiles('src-ui/package-lock.json') }}
+          key: ${{ runner.os }}-frontenddeps-${{ hashFiles('src-ui/pnpm-lock.yaml') }}
       - name: Re-link Angular cli
         run: cd src-ui && pnpm link @angular/cli
       - name: Build frontend and upload analysis
diff --git a/.github/workflows/docker-intellidocs.yml b/.github/workflows/docker-intellidocs.yml
index 3e3d24791..bcd5a1b48 100644
--- a/.github/workflows/docker-intellidocs.yml
+++ b/.github/workflows/docker-intellidocs.yml
@@ -22,6 +22,7 @@ jobs:
   test-ml-dependencies:
     name: Validate ML/OCR Dependencies
     runs-on: ubuntu-24.04
+    timeout-minutes: 30
 
     steps:
       - name: Checkout code
@@ -83,6 +84,9 @@ jobs:
           "
 
       - name: Run ML smoke tests
+        env:
+          # Skip slow tests that download models to avoid timeouts/disk space issues
+          SKIP_SLOW_TESTS: "1"
         run: |
           uv run pytest src/documents/tests/test_ml_smoke.py -v --tb=short
 
@@ -92,6 +96,7 @@ jobs:
   build-and-push:
     name: Build IntelliDocs Docker Image
     runs-on: ubuntu-24.04
+    timeout-minutes: 120
     needs: test-ml-dependencies
     permissions:
       contents: read
@@ -167,6 +172,7 @@ jobs:
   test-docker-image:
     name: Test Docker Image
     runs-on: ubuntu-24.04
+    timeout-minutes: 20
     needs: build-and-push
     if: github.event_name != 'pull_request'
 
@@ -183,8 +189,15 @@ jobs:
         run: |
           if [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
             echo "tag=latest" >> $GITHUB_OUTPUT
+          elif [[ "${{ github.ref }}" == refs/tags/* ]]; then
+            # For tags, use the tag name directly
+            TAG_NAME="${{ github.ref_name }}"
+            echo "tag=${TAG_NAME}" >> $GITHUB_OUTPUT
           else
-            echo "tag=${{ github.ref_name }}" >> $GITHUB_OUTPUT
+            # For branches, sanitize name to be Docker-compatible
+            # Replace / with - and remove special characters
+            SANITIZED_TAG=$(echo "${{ github.ref_name }}" | sed 's/\//-/g' | sed 's/[^a-zA-Z0-9._-]/-/g')
+            echo "tag=${SANITIZED_TAG}" >> $GITHUB_OUTPUT
           fi
 
       - name: Pull Docker image
diff --git a/.github/workflows/translate-strings.yml b/.github/workflows/translate-strings.yml
index 43f993221..406568974 100644
--- a/.github/workflows/translate-strings.yml
+++ b/.github/workflows/translate-strings.yml
@@ -6,7 +6,8 @@ on:
 jobs:
   generate-translate-strings:
     name: Generate Translation Strings
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
+    timeout-minutes: 20
     permissions:
       contents: write
     steps:
@@ -18,6 +19,8 @@ jobs:
       - name: Set up Python
         id: setup-python
         uses: actions/setup-python@v6
+        with:
+          python-version: '3.11'
       - name: Install system dependencies
         run: |
           sudo apt-get update -qq
@@ -25,10 +28,13 @@ jobs:
       - name: Install uv
         uses: astral-sh/setup-uv@v6
         with:
+          version: '0.9.x'
           enable-cache: true
+          python-version: ${{ steps.setup-python.outputs.python-version }}
       - name: Install backend python dependencies
         run: |
           uv sync \
+            --python ${{ steps.setup-python.outputs.python-version }} \
             --group dev \
             --frozen
       - name: Generate backend translation strings