Skip to content

feat: allow smaller install by only install gui (#13) #51

feat: allow smaller install by only install gui (#13)

feat: allow smaller install by only install gui (#13) #51

Workflow file for this run

name: CI
on:
push:
branches: ["main"]
pull_request:
branches: ["main"]
jobs:
lint:
name: Lint & type-check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v7
- name: Install uv
uses: astral-sh/setup-uv@v8.2.0
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: "3.14"
- name: Install dependencies
run: uv sync --all-groups
- name: Ruff lint
run: uv run ruff check src/ tests/
- name: Ruff format check
run: uv run ruff format --check src/ tests/
- name: Mypy
run: uv run mypy src/
test:
name: Unit tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v7
- name: Install uv
uses: astral-sh/setup-uv@v8.2.0
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: "3.14"
- name: Install dependencies
run: uv sync --all-groups
- name: Run unit tests
run: uv run pytest tests/unit/ -v
audit:
name: Dependency audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v7
- name: Install uv
uses: astral-sh/setup-uv@v8.2.0
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: "3.14"
- name: Install dependencies
run: uv sync --all-groups
- name: Audit for known vulnerabilities
run: |
# CVE-2026-3219 / PYSEC-2026-196 affects pip itself (no fix released
# yet); ignore both aliases so that vulnerabilities in actual project
# dependencies still fail CI.
uv run pip-audit --strict --ignore-vuln CVE-2026-3219 --ignore-vuln PYSEC-2026-196
release:
name: Release
needs: [lint, test, audit]
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
concurrency: release
permissions:
id-token: write # PyPI trusted publishing
contents: write # push version bump commit + tag
environment:
name: pypi
url: https://pypi.org/project/odsbox-pilot/
steps:
- uses: actions/checkout@v7
with:
fetch-depth: 0 # PSR needs full history to find previous tags
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install uv
uses: astral-sh/setup-uv@v8.2.0
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: "3.14"
- name: Install dependencies
run: uv sync --all-groups
- name: Run semantic release
id: release
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: uv run semantic-release version
- name: Detect release tag
id: release_check
shell: bash
run: |
if git tag --points-at HEAD | grep -Eq '^v[0-9]+\.[0-9]+\.[0-9]+$'; then
echo "released=true" >> "$GITHUB_OUTPUT"
else
echo "released=false" >> "$GITHUB_OUTPUT"
fi
- name: Build package
if: steps.release_check.outputs.released == 'true'
run: uv build
- name: Publish to PyPI
if: steps.release_check.outputs.released == 'true'
run: uv publish --trusted-publishing always