Skip to content
CI

ci(deps): bump the github-actions group across 1 directory with 3 updates #200

Sign in to view logs

ci(deps): bump the github-actions group across 1 directory with 3 updates

ci(deps): bump the github-actions group across 1 directory with 3 updates #200

Workflow file for this run

.github/workflows/ci.yml at 36e0226
name: CI
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main, develop ]
workflow_dispatch:
env:
PYTHONUNBUFFERED: 1
FORCE_COLOR: 1
jobs:
lint:
name: Code Quality
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: '3.11'
cache: 'pip'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -e ".[dev]"
pip install -r requirements-dev.txt
# Install optional semantic dependencies for full feature testing
pip install numpy sentence-transformers
- name: Check code formatting with black
run: python -m black --check --diff ocode_python/ tests/
- name: Check import sorting with isort
run: python -m isort --check-only --diff ocode_python/ tests/
- name: Lint with flake8
run: python -m flake8 ocode_python/ tests/
- name: Type check with mypy
run: python -m mypy ocode_python/ --ignore-missing-imports --no-warn-unused-ignores --no-warn-return-any
security:
name: Security Scan
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: '3.11'
cache: 'pip'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -e ".[dev]"
pip install bandit[toml] safety
- name: Run bandit security linter
run: python -m bandit -r ocode_python/ -f json -o bandit-report.json
continue-on-error: true
- name: Upload bandit report
uses: actions/upload-artifact@v6
if: always()
with:
name: bandit-report
path: bandit-report.json
- name: Check dependencies for known vulnerabilities
run: python -m safety check --output json --save-json safety-report.json
continue-on-error: true
- name: Upload safety report
uses: actions/upload-artifact@v6
if: always()
with:
name: safety-report
path: safety-report.json
test:
name: Test
needs: [lint]
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
python-version: ['3.8', '3.9', '3.10', '3.11', '3.12', '3.13']
exclude:
# Reduce matrix size for faster CI
- os: macos-latest
python-version: '3.8'
- os: macos-latest
python-version: '3.9'
- os: macos-latest
python-version: '3.13'
- os: windows-latest
python-version: '3.8'
- os: windows-latest
python-version: '3.9'
- os: windows-latest
python-version: '3.13'
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0 # Needed for git operations in tests
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v6
with:
python-version: ${{ matrix.python-version }}
cache: 'pip'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -e ".[dev]"
pip install -r requirements-dev.txt
# Install semantic dependencies for full testing
pip install numpy sentence-transformers
- name: Run unit tests
run: pytest tests/unit/ -v --cov=ocode_python --cov-report=xml --cov-report=term
- name: Run integration tests
run: pytest tests/integration/ -v
env:
# Skip tests that require external services in CI
SKIP_EXTERNAL_TESTS: 1
- name: Upload coverage to Codecov
if: matrix.os == 'ubuntu-latest' && matrix.python-version == '3.11'
uses: codecov/codecov-action@v5
with:
files: ./coverage.xml
flags: unittests
name: codecov-umbrella
fail_ci_if_error: false
test-performance:
name: Performance Tests
needs: [test]
runs-on: ubuntu-latest
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: '3.11'
cache: 'pip'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -e ".[dev]"
pip install -r requirements-dev.txt
- name: Run performance tests
run: pytest tests/performance/ -v -m performance
- name: Upload performance results
uses: actions/upload-artifact@v6
if: always()
with:
name: performance-results
path: performance-results.json
retention-days: 30
build:
name: Build Package
needs: [test]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: '3.11'
cache: 'pip'
- name: Install build dependencies
run: |
python -m pip install --upgrade pip
pip install build twine
- name: Build package
run: python -m build
- name: Check package
run: python -m twine check dist/*
- name: Upload artifacts
uses: actions/upload-artifact@v6
with:
name: dist
path: dist/
retention-days: 7
notify:
name: Notify
needs: [lint, security, test, test-performance, build]
runs-on: ubuntu-latest
if: always() && github.event_name == 'push' && github.ref == 'refs/heads/main'
steps:
- name: Check job results
run: |
echo "Lint: ${{ needs.lint.result }}"
echo "Security: ${{ needs.security.result }}"
echo "Test: ${{ needs.test.result }}"
echo "Performance: ${{ needs.test-performance.result }}"
echo "Build: ${{ needs.build.result }}"
if [[ "${{ needs.lint.result }}" == "failure" || "${{ needs.test.result }}" == "failure" || "${{ needs.build.result }}" == "failure" ]]; then
echo "Critical jobs failed"
exit 1
fi