Migrate CI/CD from Travis to GitHub Actions

[RishabhJain2018]

Summary

• Replace Travis CI with GitHub Actions workflows for linting, testing, and package publishing
• Add Codecov upload workflow (replacing Coveralls) and a minimal codecov.yml
• Align CI Python runtime with EvalAI at 3.9.21
• Add CodeRabbit badge to README
• Preserve release behavior: staging branch pushes publish to TestPyPI, git tags publish to production PyPI
• Remove .travis.yml, deploy-staging.sh, and .coveralls.yml; update README badges

Test plan

• Add required GitHub secrets: CODECOV_TOKEN, TEST_PYPI_USERNAME, TEST_PYPI_PASSWORD, PYPI_API_TOKEN
• Register repo on Codecov and confirm coverage upload on this PR
• Verify ci-cd workflow passes (flake8 + pytest) on this PR
• After merge, push to staging to confirm TestPyPI publish
• After merge, tag a release to confirm production PyPI publish
• Disable Travis CI for this repository

Summary by CodeRabbit

• New Features

  • Added GitHub Actions CI/CD with separate quality, test, and publish flows.
  • Added coverage reporting integration with Codecov and PR annotations/checks.
  • Added new CI/CD and release-process documentation and updated repository badges.

• Bug Fixes

  • Improved static analysis results by excluding documentation, VCS, and virtual environment directories.

• Chores

  • Removed legacy Travis CI and prior deployment configuration.
  • Updated formatting/lint tooling to use a newer Python version.

[coderabbitai]

📝 Walkthrough

Walkthrough

Travis CI configuration (.travis.yml, .coveralls.yml, deploy-staging.sh) is removed and replaced with two GitHub Actions workflows: ci-cd.yml for linting, testing, and PyPI/TestPyPI publishing, and upload-coverage.yml for secure Codecov reporting. A new codecov.yml sets coverage thresholds, and related tooling configs are updated to Python 3.9 and flake8 7.1.2.

Changes

Travis → GitHub Actions Migration

Layer / File(s)	Summary
Main ci-cd.yml workflow jobs .github/workflows/ci-cd.yml	Defines the full CI/CD workflow: triggers (master/staging/tag pushes, PRs, manual dispatch), pins Python to 3.9.21, concurrency grouping/cancellation, a code_quality job running flake8==7.1.2, a test job producing coverage.xml and PR metadata artifacts, a publish_to_testpypi job gated on staging pushes, and a publish_to_pypi job gated on tag refs. Also removes .travis.yml, .coveralls.yml, and deploy-staging.sh.
Coverage upload workflow and Codecov config .github/workflows/upload-coverage.yml, codecov.yml	upload-coverage.yml triggers on ci-cd completion, downloads artifacts, resolves the PR number, uploads coverage.xml to Codecov via CLI, and posts a commit status. codecov.yml sets 70% project / 80% patch thresholds, a cli flag scoped to evalai/, and comment/annotation/report settings.
Tooling updates, config cleanup, and docs .flake8, setup.py, .pre-commit-config.yaml, README.md, .github/CI_CD.md	Adds flake8 directory excludes, bumps flake8 from 3.0.4 to 7.1.2 in setup.py, updates black's language_version to python3.9, replaces Travis/Coveralls badges with GitHub Actions/codecov badges, and adds CI_CD.md documenting secrets, environments, and the release process.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🐇 Farewell, old Travis, your YAML is gone,
A GitHub Actions world now carries on!
With flake8 bumped and codecov in place,
Each push to staging finds a publishing space.
The bunny hops through pipelines, fresh and bright —
CI/CD reborn, everything's right! 🚀

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly and accurately describes the primary change: migrating CI/CD infrastructure from Travis to GitHub Actions, which is the core focus across all modified and new files.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch ci/github-actions-migration

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

.github/workflows/ci-cd.yml (1)

132-141: Migrate to PyPI/TestPyPI Trusted Publishing (OIDC) to eliminate long-lived secrets.

Both publish jobs use stored secrets for authentication (TEST_PYPI_USERNAME/TEST_PYPI_PASSWORD and PYPI_API_TOKEN). Replace with OpenID Connect (OIDC) trusted publishing to remove credential handling and reduce secret rotation/leakage risk.

Required changes:

1. Add id-token: write permission to each job
2. Replace python -m twine upload with pypa/gh-action-pypi-publish@release/v1 action (no username/password inputs)
3. Configure Trusted Publishers in PyPI and TestPyPI project settings with:
   • Repository owner and name
   • Workflow filename
   • Environment name (already set: staging for TestPyPI, production for PyPI)
4. Remove TWINE_USERNAME and TWINE_PASSWORD env vars

Also applies to: 164-171

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/ci-cd.yml around lines 132 - 141, Migrate both the
TestPyPI and PyPI publish jobs from long-lived secrets to OIDC Trusted
Publishing. In the TestPyPI publish job (lines 132-141) and the PyPI publish job
(lines 164-171), add id-token: write permission to the job permissions, replace
the env vars TWINE_USERNAME and TWINE_PASSWORD with the
pypa/gh-action-pypi-publish@release/v1 action which handles OIDC authentication
automatically, and remove the manual twine upload commands. The pypa action will
read the dist directory by default. Additionally, configure Trusted Publishers
in both PyPI and TestPyPI project settings with the repository owner, name,
workflow filename, and corresponding environment names (staging for TestPyPI,
production for PyPI).

Source: Linters/SAST tools

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/ci-cd.yml:
- Around line 37-43: All GitHub Actions `uses:` references need to be pinned to
immutable commit SHAs for supply-chain security. In
`.github/workflows/ci-cd.yml` (lines 37-43, 63-104, 123-129, 155-161), replace
the mutable version tags like `@v4` and `@v5` with their corresponding full
40-character commit SHAs for actions/checkout and actions/setup-python, and any
other action references in those ranges. Similarly, in
`.github/workflows/upload-coverage.yml` (lines 22-54), replace all mutable
action tags with their corresponding commit SHAs. Verify each action's commit
SHA by checking the official GitHub action repository tag releases.

---

Nitpick comments:
In @.github/workflows/ci-cd.yml:
- Around line 132-141: Migrate both the TestPyPI and PyPI publish jobs from
long-lived secrets to OIDC Trusted Publishing. In the TestPyPI publish job
(lines 132-141) and the PyPI publish job (lines 164-171), add id-token: write
permission to the job permissions, replace the env vars TWINE_USERNAME and
TWINE_PASSWORD with the pypa/gh-action-pypi-publish@release/v1 action which
handles OIDC authentication automatically, and remove the manual twine upload
commands. The pypa action will read the dist directory by default. Additionally,
configure Trusted Publishers in both PyPI and TestPyPI project settings with the
repository owner, name, workflow filename, and corresponding environment names
(staging for TestPyPI, production for PyPI).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 803ae938-90a0-42a2-88df-88d561e673fa

📥 Commits

Reviewing files that changed from the base of the PR and between 6426f26 and 973a61c.

📒 Files selected for processing (11)

• .coveralls.yml
• .flake8
• .github/CI_CD.md
• .github/workflows/ci-cd.yml
• .github/workflows/upload-coverage.yml
• .pre-commit-config.yaml
• .travis.yml
• README.md
• codecov.yml
• deploy-staging.sh
• setup.py

💤 Files with no reviewable changes (3)

• .travis.yml
• .coveralls.yml
• deploy-staging.sh

[coderabbitai]

🧹 Nitpick comments (1)

.github/workflows/ci-cd.yml (1)

138-147: 💤 Low value

Consider using python -m build instead of deprecated setup.py commands.

python setup.py sdist bdist_wheel is deprecated. The modern PEP 517-compliant approach uses python -m build, which provides better build isolation.

♻️ Suggested refactor

       run: |
-          python -m pip install --upgrade pip setuptools wheel twine
-          python setup.py sdist bdist_wheel
+          python -m pip install --upgrade pip build twine
+          python -m build
           python -m twine upload \
             --repository-url https://test.pypi.org/legacy/ \
             dist/*

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/ci-cd.yml around lines 138 - 147, The build process in the
"Build and publish package to TestPyPI" step uses the deprecated `python
setup.py sdist bdist_wheel` command. Replace this with the modern PEP
517-compliant `python -m build` command by first installing the build package in
the pip upgrade line, then replacing the setup.py invocation with `python -m
build`. The dist/* output used by the twine upload step will still be created
correctly with this change, so no modification to the twine upload command is
needed.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In @.github/workflows/ci-cd.yml:
- Around line 138-147: The build process in the "Build and publish package to
TestPyPI" step uses the deprecated `python setup.py sdist bdist_wheel` command.
Replace this with the modern PEP 517-compliant `python -m build` command by
first installing the build package in the pip upgrade line, then replacing the
setup.py invocation with `python -m build`. The dist/* output used by the twine
upload step will still be created correctly with this change, so no modification
to the twine upload command is needed.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 3c256b8a-c67b-4539-a034-7fb4cce0c2a2

📥 Commits

Reviewing files that changed from the base of the PR and between 973a61c and 00a7e88.

📒 Files selected for processing (2)

• .github/workflows/ci-cd.yml
• .github/workflows/upload-coverage.yml

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/workflows/upload-coverage.yml