Merge pull request #430 from nlweb-ai/dependabot/pip/AskAgent/python/… #59
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| concurrency: | |
| group: ci-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| PYTHON_DEFAULT: "3.12" | |
| permissions: | |
| contents: read | |
| jobs: | |
| lint: | |
| name: Lint & Format | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ env.PYTHON_DEFAULT }} | |
| - name: Install ruff | |
| run: pip install ruff | |
| - name: Ruff lint | |
| run: ruff check AskAgent/python/ --output-format=github | |
| - name: Ruff format check | |
| run: ruff format --check AskAgent/python/ | |
| continue-on-error: true # non-blocking until codebase is fully formatted | |
| test: | |
| name: Tests — Python ${{ matrix.python-version }} | |
| runs-on: ubuntu-latest | |
| needs: lint | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| python-version: ["3.10", "3.11", "3.12"] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Cache pip | |
| uses: actions/cache@v5 | |
| with: | |
| path: ~/.cache/pip | |
| key: pip-${{ runner.os }}-${{ matrix.python-version }}-${{ hashFiles('AskAgent/python/requirements.txt') }} | |
| restore-keys: pip-${{ runner.os }}-${{ matrix.python-version }}- | |
| - name: Install dependencies | |
| run: | | |
| pip install --upgrade pip | |
| pip install -r AskAgent/python/requirements.txt | |
| pip install -r AskAgent/python/requirements-dev.txt | |
| - name: Run tests | |
| env: | |
| PYTHONPATH: AskAgent/python | |
| run: pytest AskAgent/python/tests/ -x -v | |
| secrets-scan: | |
| name: Secrets Scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: TruffleHog | |
| uses: trufflesecurity/trufflehog@v3.94.3 | |
| with: | |
| path: ./ | |
| base: ${{ github.event.repository.default_branch }} | |
| head: HEAD | |
| extra_args: --only-verified |