# CI/CD Pipeline ## Pipeline Overview | Stage | Trigger | Runner | Duration | Gate | |-------|---------|--------|----------|------| | Lint + Unit Tests | PR to dev | x86 cloud | ~4 min | Block merge | | Build + E2E Tests | PR to dev, nightly | x86 cloud | ~15 min | Block merge | | Build (Jetson) | Merge to dev | Jetson self-hosted OR cross-compile | ~15 min | Block deploy | | Package | Manual trigger | x86 cloud | ~5 min | Block deploy | ## Stage Details ### 1. Lint + Unit Tests - Python: `ruff check` + `ruff format --check` - Cython: `cython-lint` on .pyx files - pytest on Python modules (path tracing, freshness heuristic, config parsing, POI queue, detection logger) - No GPU required (mocked inference) - Coverage threshold: 70% ### 2. Build + E2E Tests - `docker build` for semantic-detection (x86 target) - `docker compose -f docker-compose.test.yaml up --abort-on-container-exit` - Runs all FT-P-*, FT-N-*, non-HIL NFT tests - JUnit XML report artifact - Timeout: 10 minutes ### 3. Build (Jetson) - Cross-compile for aarch64 OR build on self-hosted Jetson runner - TRT engine export not part of CI (engines pre-built, stored as artifacts) - Docker image tagged with git SHA ### 4. Package - Build final Docker images for Jetson (aarch64) - Export as tar archive for USB-based field deployment - Include: Docker images, TRT engines, config files, update script - Output: `semantic-detection-{version}-jetson.tar.gz` ## HIL Testing (not a CI stage) Hardware-in-the-loop tests run manually on physical Jetson Orin Nano Super: - Latency benchmarks (NFT-PERF-01) - Memory/thermal endurance (NFT-RES-LIM-01, NFT-RES-LIM-02) - Cold start (NFT-RES-LIM-04) - Results documented but do not gate deployment ## Caching | Cache | Key | Contents | |-------|-----|----------| | pip | requirements.txt hash | Python dependencies | | Docker layers | Dockerfile hash | Base image + system deps | ## Artifacts | Artifact | Stage | Retention | |----------|-------|-----------| | JUnit XML test report | Build + E2E | 30 days | | Docker images (Jetson) | Build (Jetson) | 90 days | | Deployment package (.tar.gz) | Package | Permanent | ## Secrets None needed — air-gapped system. Docker registry is internal (Azure DevOps Artifacts or local).