deps(deps): bump the python-minor group with 2 updates #157
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main, develop] | |
| pull_request: | |
| branches: [main] | |
| env: | |
| PYTHON_VERSION: "3.10" | |
| UV_SYSTEM_PYTHON: 1 | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| jobs: | |
| lint: | |
| name: Lint & Format | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install uv | |
| run: pip install uv | |
| - name: Install dependencies | |
| run: uv pip install black ruff mypy | |
| - name: Check formatting with Black | |
| run: black --check . | |
| - name: Lint with Ruff | |
| run: ruff check . | |
| - name: Type check with MyPy | |
| run: | | |
| uv pip install types-PyYAML types-redis pydantic pydantic-settings sqlalchemy | |
| mypy app/ db/ models/ --ignore-missing-imports | |
| test: | |
| name: Tests | |
| runs-on: ubuntu-latest | |
| needs: lint | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install uv | |
| run: pip install uv | |
| - name: Cache uv dependencies | |
| uses: actions/cache@v5 | |
| with: | |
| path: ~/.cache/uv | |
| key: ${{ runner.os }}-uv-${{ hashFiles('requirements.txt') }} | |
| restore-keys: | | |
| ${{ runner.os }}-uv- | |
| - name: Install dependencies | |
| run: | | |
| uv pip install -r requirements.txt | |
| uv pip install aiosqlite asyncpg aiomysql | |
| - name: Run tests with coverage | |
| run: | | |
| pytest tests/ -v --cov=app --cov=db --cov=models --cov-report=xml --cov-report=term-missing --ignore=tests/e2e/ | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v5 | |
| with: | |
| file: ./coverage.xml | |
| fail_ci_if_error: false | |
| verbose: true | |
| security: | |
| name: Security Scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install uv | |
| run: pip install uv | |
| - name: Install Bandit | |
| run: uv pip install bandit[toml] | |
| - name: Run Bandit security scan | |
| run: bandit -c pyproject.toml -r app/ db/ models/ | |
| build: | |
| name: Build Check | |
| runs-on: ubuntu-latest | |
| needs: [lint, test] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install uv | |
| run: pip install uv | |
| - name: Install dependencies | |
| run: uv pip install build | |
| - name: Build package | |
| run: python -m build | |
| - name: Check package | |
| run: | | |
| uv pip install twine | |
| twine check dist/* | |
| e2e-tests: | |
| name: E2E Tests | |
| runs-on: ubuntu-latest | |
| needs: [lint, test] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install uv | |
| run: pip install uv | |
| - name: Cache uv dependencies | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cache/uv | |
| key: ${{ runner.os }}-uv-e2e-${{ hashFiles('requirements.txt') }} | |
| restore-keys: | | |
| ${{ runner.os }}-uv-e2e- | |
| ${{ runner.os }}-uv- | |
| - name: Install dependencies | |
| run: | | |
| uv pip install -r requirements.txt | |
| uv pip install aiosqlite asyncpg aiomysql | |
| - name: Run E2E tests | |
| env: | |
| E2E_TESTS_ENABLED: "true" | |
| E2E_DATABASE_URL: "sqlite:///:memory:" | |
| DATABASE_URL: "sqlite:///:memory:" | |
| SECRET_KEY: "e2e-test-secret-key" | |
| AUTH_ENABLED: "true" | |
| JWT_AUTH_ENABLED: "true" | |
| API_KEY_AUTH_ENABLED: "true" | |
| API_KEYS: "test-api-key:read|write|admin" | |
| AGENT_ENABLED: "true" | |
| MULTIDB_ENABLED: "true" | |
| CACHE_ENABLED: "false" | |
| run: | | |
| pytest tests/e2e/ -v --tb=short -m "e2e" --ignore=tests/e2e/test_performance_e2e.py | |
| - name: Run E2E performance tests | |
| env: | |
| E2E_TESTS_ENABLED: "true" | |
| E2E_DATABASE_URL: "sqlite:///:memory:" | |
| DATABASE_URL: "sqlite:///:memory:" | |
| SECRET_KEY: "e2e-test-secret-key" | |
| AUTH_ENABLED: "true" | |
| API_KEY_AUTH_ENABLED: "true" | |
| API_KEYS: "test-api-key:read|write|admin" | |
| MULTIDB_ENABLED: "true" | |
| CACHE_ENABLED: "false" | |
| run: | | |
| pytest tests/e2e/test_performance_e2e.py -v --tb=short -m "e2e_performance" | |
| docker: | |
| name: Docker Build & Push | |
| runs-on: ubuntu-latest | |
| needs: [lint, test, e2e-tests] | |
| if: github.event_name == 'push' | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Free up disk space | |
| run: | | |
| # Remove unnecessary tools to free up ~30GB | |
| sudo rm -rf /usr/share/dotnet | |
| sudo rm -rf /usr/local/lib/android | |
| sudo rm -rf /opt/ghc | |
| sudo rm -rf /opt/hostedtoolcache/CodeQL | |
| sudo docker image prune --all --force | |
| df -h | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| driver-opts: | | |
| image=moby/buildkit:latest | |
| network=host | |
| - name: Log in to GitHub Container Registry | |
| if: github.ref == 'refs/heads/main' | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=ref,event=branch | |
| type=sha,prefix=sha- | |
| type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: ./Dockerfile | |
| target: production | |
| push: ${{ github.ref == 'refs/heads/main' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| build-args: | | |
| TORCH_CPU=false | |
| platforms: linux/amd64 | |