-
Notifications
You must be signed in to change notification settings - Fork 0
150 lines (126 loc) · 3.65 KB
/
pr.yml
File metadata and controls
150 lines (126 loc) · 3.65 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
name: Pull Request Checks
on:
pull_request:
branches:
- main
- develop
types: [opened, synchronize, reopened]
jobs:
validate:
name: Validate PR
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Check PR title
uses: amannn/action-semantic-pull-request@v5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
types: |
feat
fix
docs
style
refactor
perf
test
build
ci
chore
revert
lint-and-format:
name: Code Quality Checks
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install uv
uses: astral-sh/setup-uv@v4
with:
enable-cache: true
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version-file: ".python-version"
- name: Install dependencies
run: uv sync --group dev
- name: Run Ruff linter
run: uv run ruff check . --output-format=github
- name: Run Ruff formatter check
run: uv run ruff format --check .
- name: Run pre-commit on changed files
run: |
uv run pre-commit install
uv run pre-commit run --from-ref origin/${{ github.base_ref }} --to-ref HEAD
test:
name: Test Suite
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
python-version: ["3.13"]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install uv
uses: astral-sh/setup-uv@v4
with:
enable-cache: true
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: uv sync --group dev --group test
- name: Run tests with coverage
run: |
uv add --dev pytest-cov
uv run pytest tests/ -v --tb=short --cov=src --cov-report=xml --cov-report=term --cov-report=html
- name: Upload coverage report
uses: actions/upload-artifact@v4
with:
name: coverage-report-${{ matrix.python-version }}
path: |
coverage.xml
htmlcov/
- name: Check coverage threshold
run: |
uv run pytest tests/ --cov=src --cov-fail-under=0 --cov-report=term
security:
name: Security Scan
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install uv
uses: astral-sh/setup-uv@v4
with:
enable-cache: true
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version-file: ".python-version"
- name: Install dependencies
run: uv sync --group dev
- name: Run Ruff security checks
run: uv run ruff check . --select S
summary:
name: PR Check Summary
runs-on: ubuntu-latest
needs: [validate, lint-and-format, test, security]
if: always()
steps:
- name: Check all jobs status
run: |
if [ "${{ needs.validate.result }}" != "success" ] || \
[ "${{ needs.lint-and-format.result }}" != "success" ] || \
[ "${{ needs.test.result }}" != "success" ] || \
[ "${{ needs.security.result }}" != "success" ]; then
echo "❌ Some checks failed!"
exit 1
else
echo "✅ All checks passed!"
fi