fix: resolve pixi environment configuration warnings #229
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| on: | |
| push: | |
| branches: [ main, development ] | |
| pull_request: | |
| branches: [ main, development ] | |
| release: | |
| types: [ published ] | |
| env: | |
| PYTHON_VERSION: "3.12" | |
| jobs: | |
| test: | |
| name: Test Suite | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: [ubuntu-latest] | |
| python-version: ["3.12"] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Pixi with retry mechanism | |
| uses: prefix-dev/[email protected] | |
| with: | |
| pixi-version: v0.50.2 | |
| cache: true | |
| cache-write: ${{ github.event_name != 'pull_request' }} | |
| - name: Install dependencies with retry (CI environment) | |
| run: | | |
| # Retry mechanism for PIXI installation | |
| for i in {1..3}; do | |
| echo "Attempt $i: Installing PIXI CI environment..." | |
| if pixi install --environment ci; then | |
| echo "✅ PIXI CI environment installed successfully" | |
| break | |
| else | |
| echo "⚠️ PIXI installation attempt $i failed" | |
| if [ $i -eq 3 ]; then | |
| echo "❌ All PIXI installation attempts failed" | |
| exit 1 | |
| fi | |
| sleep 10 | |
| fi | |
| done | |
| - name: Run tests | |
| run: pixi run ci-test | |
| - name: Upload coverage to Codecov | |
| if: matrix.os == 'ubuntu-latest' && matrix.python-version == '3.12' | |
| uses: codecov/codecov-action@v4 | |
| with: | |
| file: ./coverage.xml | |
| flags: unittests | |
| name: codecov-umbrella | |
| lint: | |
| name: Code Quality | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Pixi with retry mechanism | |
| uses: prefix-dev/[email protected] | |
| with: | |
| pixi-version: v0.50.2 | |
| cache: true | |
| cache-write: ${{ github.event_name != 'pull_request' }} | |
| - name: Install dependencies with retry (CI environment) | |
| run: | | |
| # Retry mechanism for PIXI installation | |
| for i in {1..3}; do | |
| echo "Attempt $i: Installing PIXI CI environment..." | |
| if pixi install --environment ci; then | |
| echo "✅ PIXI CI environment installed successfully" | |
| break | |
| else | |
| echo "⚠️ PIXI installation attempt $i failed" | |
| if [ $i -eq 3 ]; then | |
| echo "❌ All PIXI installation attempts failed" | |
| exit 1 | |
| fi | |
| sleep 10 | |
| fi | |
| done | |
| - name: Run linting | |
| run: pixi run ci-lint | |
| - name: Check formatting | |
| run: pixi run ci-format-check | |
| - name: Type checking | |
| run: pixi run typecheck | |
| security: | |
| name: Security Scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Pixi for Security with retry | |
| uses: prefix-dev/[email protected] | |
| with: | |
| pixi-version: v0.50.2 | |
| cache: true | |
| cache-write: ${{ github.event_name != 'pull_request' }} | |
| - name: Install security dependencies with retry | |
| run: | | |
| # Retry mechanism for PIXI installation | |
| for i in {1..3}; do | |
| echo "Attempt $i: Installing PIXI quality-extended environment..." | |
| if pixi install --environment quality-extended; then | |
| echo "✅ PIXI quality-extended environment installed successfully" | |
| break | |
| else | |
| echo "⚠️ PIXI installation attempt $i failed" | |
| if [ $i -eq 3 ]; then | |
| echo "❌ All PIXI installation attempts failed" | |
| exit 1 | |
| fi | |
| sleep 10 | |
| fi | |
| done | |
| - name: Run Bandit Security Scan | |
| run: | | |
| echo "🔍 Running Bandit security scan..." | |
| pixi run -e quality-extended security-scan | |
| - name: Safety Check | |
| run: | | |
| echo "🔍 Running Safety vulnerability check..." | |
| pixi run -e quality-extended safety-check-ci | |
| - name: Upload security reports | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: security-reports | |
| path: | | |
| bandit-report.json | |
| safety-report.json | |
| atomic-design-validation: | |
| name: Atomic Design Standards | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Pixi with retry mechanism | |
| uses: prefix-dev/[email protected] | |
| with: | |
| pixi-version: v0.50.2 | |
| cache: true | |
| cache-write: ${{ github.event_name != 'pull_request' }} | |
| manifest-path: pyproject.toml | |
| - name: Install framework with retry | |
| run: | | |
| # Retry mechanism for PIXI installation | |
| for i in {1..3}; do | |
| echo "Attempt $i: Installing PIXI dev environment..." | |
| if pixi install --environment dev; then | |
| echo "✅ PIXI dev environment installed successfully" | |
| break | |
| else | |
| echo "⚠️ PIXI installation attempt $i failed" | |
| if [ $i -eq 3 ]; then | |
| echo "❌ All PIXI installation attempts failed" | |
| exit 1 | |
| fi | |
| sleep 10 | |
| fi | |
| done | |
| - name: Install package in editable mode | |
| run: pixi run -e dev dev-setup | |
| - name: Test framework installation | |
| run: | | |
| pixi run -e dev install | |
| pixi run -e dev uckn --version | |
| - name: Install dependencies | |
| run: | | |
| mkdir test-project | |
| cd test-project | |
| pixi run -e dev init-project | |
| ls -la | |
| - name: Validate UCKN atomic structure | |
| run: | | |
| cd test-project | |
| pixi run -e dev analyze-project | |
| build: | |
| name: Build Package | |
| runs-on: ubuntu-latest | |
| needs: [test, lint, security, atomic-design-validation] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Pixi with retry mechanism | |
| uses: prefix-dev/[email protected] | |
| with: | |
| pixi-version: v0.50.2 | |
| cache: true | |
| cache-write: ${{ github.event_name != 'pull_request' }} | |
| - name: Install build tools with retry | |
| run: | | |
| # Retry mechanism for PIXI installation | |
| for i in {1..3}; do | |
| echo "Attempt $i: Installing PIXI CI environment for build..." | |
| if pixi install --environment ci; then | |
| echo "✅ PIXI CI environment installed successfully" | |
| break | |
| else | |
| echo "⚠️ PIXI installation attempt $i failed" | |
| if [ $i -eq 3 ]; then | |
| echo "❌ All PIXI installation attempts failed" | |
| exit 1 | |
| fi | |
| sleep 10 | |
| fi | |
| done | |
| - name: Build package | |
| run: pixi run --environment ci python -m build | |
| - name: Check package | |
| run: pixi run --environment ci twine check dist/* | |
| - name: Upload build artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist | |
| path: dist/ | |
| deploy: | |
| name: Deploy to PyPI | |
| runs-on: ubuntu-latest | |
| needs: [build] | |
| if: github.event_name == 'release' | |
| environment: production | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Download build artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: dist | |
| path: dist/ | |
| - name: Publish to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| password: ${{ secrets.PYPI_API_TOKEN }} | |
| docker: | |
| name: Build Docker Images | |
| runs-on: ubuntu-latest | |
| needs: [test, lint] | |
| # Disabled until Dockerfile is added | |
| if: false | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/${{ github.repository }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| platforms: linux/amd64,linux/arm64 | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max |