Skip to content
CI/CD Pipeline

include DOI from zenodo #93

Sign in to view logs

include DOI from zenodo

include DOI from zenodo #93

Workflow file for this run

.github/workflows/ci.yml at 0088a17
name: CI/CD Pipeline
on:
# Run on pull requests to main and develop branches
pull_request:
branches: [main, develop]
# Run on pushes to main and develop branches
push:
branches: [main, develop]
# Allow manual workflow runs
workflow_dispatch:
jobs:
pytest:
name: Pytest Suite
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ['3.11', '3.12']
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -e .
pip install pytest pytest-cov
- name: Run pytest with coverage
run: |
pytest tests/ -v --cov=map_binning --cov-report=xml --cov-report=term
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
lint:
name: Code Quality
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.11'
- name: Install linting dependencies
run: |
python -m pip install --upgrade pip
pip install flake8 black isort
- name: Run flake8
run: |
flake8 map_binning tests --count --select=E9,F63,F7,F82 --show-source --statistics
flake8 map_binning tests --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
- name: Check code formatting with black
run: |
black --check --diff map_binning tests
- name: Check import sorting with isort
run: |
isort --check-only --diff map_binning tests
build-test:
name: Build Distribution
runs-on: ubuntu-latest
needs: [pytest, lint]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.11'
- name: Install build dependencies
run: |
python -m pip install --upgrade pip
pip install build twine
- name: Build package
run: |
python -m build
- name: Check package with twine
run: |
twine check dist/*
- name: Test installation from wheel
run: |
pip install dist/*.whl
python -c "import map_binning; print(f'Package version: {map_binning.__version__}')"
- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: dist-files
path: dist/
test-distribution:
name: Test Distribution & Security
runs-on: ubuntu-latest
needs: [build-test]
strategy:
matrix:
python-version: ['3.11', '3.12']
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
- name: Download build artifacts
uses: actions/download-artifact@v4
with:
name: dist-files
path: dist/
- name: Install from wheel and security tools
run: |
python -m pip install --upgrade pip
pip install dist/*.whl
pip install pip-audit bandit[toml]
- name: Run dependency security scan
run: |
echo "Scanning dependencies for vulnerabilities..."
pip-audit --format=json --output=pip-audit-report.json || true
pip-audit --desc || echo "Dependency scan completed with issues"
- name: Test package functionality
run: |
python -c "
import map_binning
from map_binning import Binning, save, load
print(f'Package version: {map_binning.__version__}')
print('All imports successful!')
"
- name: Run source code security scan
run: |
echo "Scanning source code for security issues..."
bandit -r map_binning -f json -o bandit-report.json || true
bandit -r map_binning --skip B301,B403 || echo "Source scan completed"
- name: Upload security reports
uses: actions/upload-artifact@v4
with:
name: security-reports-${{ matrix.python-version }}
path: |
bandit-report.json
pip-audit-report.json
if: always()