ci: add comprehensive GitHub Actions workflows for testing and automation #3

Workflow file for this run

	name: CI

	on:
	push:
	branches: [main]
	pull_request:
	branches: [main]

	jobs:
	lint:
	name: Code Quality
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Set up Python
	uses: actions/setup-python@v5
	with:
	python-version: "3.13"

	- name: Install dependencies
	run: \|
	python -m pip install --upgrade pip
	pip install -e ".[dev]"

	- name: Run ruff check
	run: ruff check .

	- name: Run ruff format check
	run: ruff format --check .

	- name: Run mypy
	run: mypy tests/ --ignore-missing-imports

	test:
	name: Test Suite
	runs-on: ubuntu-latest
	strategy:
	matrix:
	python-version: ["3.12", "3.13"]
	steps:
	- uses: actions/checkout@v4

	- name: Set up Python ${{ matrix.python-version }}
	uses: actions/setup-python@v5
	with:
	python-version: ${{ matrix.python-version }}

	- name: Install dependencies
	run: \|
	python -m pip install --upgrade pip
	pip install -e ".[dev]"

	- name: Run tests
	run: pytest -v --tb=short

	- name: Run tests with coverage
	if: matrix.python-version == '3.13'
	run: pytest --cov --cov-report=xml --cov-report=term

	- name: Upload coverage to Codecov
	if: matrix.python-version == '3.13'
	uses: codecov/codecov-action@v4
	with:
	file: ./coverage.xml
	fail_ci_if_error: false
	continue-on-error: true

	test-generation:
	name: Test Template Generation
	runs-on: ubuntu-latest
	strategy:
	matrix:
	project-type: [saas, api, web-app, internal-tool]
	steps:
	- uses: actions/checkout@v4

	- name: Set up Python
	uses: actions/setup-python@v5
	with:
	python-version: "3.13"

	- name: Install Copier
	run: \|
	python -m pip install --upgrade pip
	pip install copier

	- name: Generate ${{ matrix.project-type }} project
	run: \|
	PROJECT_SLUG=$(echo "test_${{ matrix.project-type }}" \| sed 's/-/_/g')
	copier copy . ../test_${{ matrix.project-type }} \
	--data project_name="Test ${{ matrix.project-type }}" \
	--data project_slug="${PROJECT_SLUG}" \
	--data project_type=${{ matrix.project-type }} \
	--defaults \
	--trust

	- name: Verify generated project structure
	run: \|
	cd ../test_${{ matrix.project-type }}
	test -f pyproject.toml
	test -f Dockerfile
	test -f docker-compose.yml
	test -f Justfile
	test -d apps/
	test -d config/
	test -d tests/

	- name: Check for Jinja syntax errors
	run: \|
	cd ../test_${{ matrix.project-type }}
	! grep -r "{{" . --include=".py" --include=".md" --include="*.toml"
	! grep -r "{%" . --include=".py" --include=".md" --include="*.toml"

	validate-yaml:
	name: Validate YAML Files
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Set up Python
	uses: actions/setup-python@v5
	with:
	python-version: "3.13"

	- name: Install yamllint
	run: pip install yamllint

	- name: Validate YAML
	run: \|
	find . -name ".yml" -o -name ".yaml" \| \
	grep -v node_modules \| \
	xargs yamllint -d relaxed

	security:
	name: Security Checks
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Set up Python
	uses: actions/setup-python@v5
	with:
	python-version: "3.13"

	- name: Install dependencies
	run: \|
	python -m pip install --upgrade pip
	pip install pip-audit safety

	- name: Run pip-audit
	run: pip-audit --require-hashes --disable-pip \|\| true
	continue-on-error: true

	- name: Check for secrets
	uses: trufflesecurity/trufflehog@main
	with:
	path: ./
	base: ${{ github.event.repository.default_branch }}
	head: HEAD
	continue-on-error: true

	all-checks:
	name: All Checks Passed
	needs: [lint, test, test-generation, validate-yaml, security]
	runs-on: ubuntu-latest
	steps:
	- name: Confirm all checks passed
	run: echo "All CI checks passed successfully!"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

ci: add comprehensive GitHub Actions workflows for testing and automation #3

Workflow file

ci: add comprehensive GitHub Actions workflows for testing and automation #3

Uh oh!

Workflow file for this run