ci(deps): bump actions/setup-python from 5 to 6 #3
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI (Act Compatible) | |
| on: | |
| push: | |
| branches: [ main, develop ] | |
| pull_request: | |
| branches: [ main, develop ] | |
| env: | |
| PYTHON_VERSION: "3.13" | |
| jobs: | |
| # Parallel job 1: Code Quality (linting, formatting, type checking) | |
| code-quality: | |
| name: Code Quality | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| # Act-compatible Python and uv setup | |
| - name: Set up Python (Act compatible) | |
| run: | | |
| if [ "$ACT" = "true" ]; then | |
| echo "Using system Python in Act environment" | |
| python3 --version || echo "Python3 not available" | |
| which python3 || echo "Python3 not in PATH" | |
| else | |
| echo "Using setup-python action in GitHub Actions" | |
| fi | |
| - name: Set up Python (GitHub Actions only) | |
| if: ${{ !env.ACT }} | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install uv (Act compatible) | |
| run: | | |
| if [ "$ACT" = "true" ]; then | |
| echo "Installing uv via pip in Act environment (SSL workaround)" | |
| python3 -m pip install --upgrade pip | |
| python3 -m pip install uv | |
| which uv || echo "uv not found in PATH" | |
| uv --version || echo "uv version failed" | |
| else | |
| echo "Installing uv in GitHub Actions" | |
| curl -LsSf https://astral.sh/uv/install.sh | sh | |
| echo "$HOME/.cargo/bin" >> $GITHUB_PATH | |
| fi | |
| - name: Install dependencies | |
| run: | | |
| if [ "$ACT" = "true" ]; then | |
| echo "Installing dependencies in Act environment" | |
| which uv || echo "uv not found" | |
| uv --version || echo "uv version failed" | |
| uv sync --all-extras --dev || echo "uv sync failed" | |
| else | |
| export PATH="$HOME/.cargo/bin:$PATH" | |
| uv sync --all-extras --dev | |
| fi | |
| - name: Run linting | |
| run: | | |
| if [ "$ACT" = "true" ]; then | |
| echo "Running linting in Act environment" | |
| uv run ruff check src tests || echo "ruff check failed" | |
| uv run ruff format --check src tests || echo "ruff format failed" | |
| else | |
| export PATH="$HOME/.cargo/bin:$PATH" | |
| uv run ruff check src tests | |
| uv run ruff format --check src tests | |
| fi | |
| - name: Run type checking | |
| run: | | |
| if [ "$ACT" = "true" ]; then | |
| echo "Running type checking in Act environment" | |
| uv run mypy src || echo "mypy failed" | |
| else | |
| export PATH="$HOME/.cargo/bin:$PATH" | |
| uv run mypy src | |
| fi | |
| # Parallel job 2: Tests | |
| tests: | |
| name: Test Suite | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| python-version: ["3.13"] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| # Act-compatible Python and uv setup | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install uv (Act compatible) | |
| run: | | |
| curl -LsSf https://astral.sh/uv/install.sh | sh | |
| echo "$HOME/.cargo/bin" >> $GITHUB_PATH | |
| - name: Install dependencies | |
| run: | | |
| export PATH="$HOME/.cargo/bin:$PATH" | |
| uv sync --all-extras --dev | |
| - name: Run tests | |
| run: | | |
| export PATH="$HOME/.cargo/bin:$PATH" | |
| uv run pytest --cov=src/mcp_as_a_judge --cov-report=xml --cov-report=term-missing | |
| - name: Upload coverage to Codecov | |
| if: ${{ !env.ACT }} | |
| uses: codecov/codecov-action@v5 | |
| with: | |
| file: ./coverage.xml | |
| fail_ci_if_error: true | |
| # Parallel job 3: Security Scan | |
| security: | |
| name: Security Scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| # Act-compatible Python and uv setup | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install uv (Act compatible) | |
| run: | | |
| curl -LsSf https://astral.sh/uv/install.sh | sh | |
| echo "$HOME/.cargo/bin" >> $GITHUB_PATH | |
| - name: Install dependencies | |
| run: | | |
| export PATH="$HOME/.cargo/bin:$PATH" | |
| uv sync --all-extras --dev | |
| - name: Run security scan | |
| run: | | |
| export PATH="$HOME/.cargo/bin:$PATH" | |
| uv run bandit -r src/ | |
| # Parallel job 4: Secret Scanning | |
| gitleaks: | |
| name: Secret Scanning | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| - name: Run Gitleaks | |
| uses: gitleaks/gitleaks-action@v2 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }} | |
| # Stage 2: Build jobs (depend on stage 1) | |
| build: | |
| name: Build Package | |
| runs-on: ubuntu-latest | |
| needs: [code-quality, tests, security, gitleaks] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| # Act-compatible Python and uv setup | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install uv (Act compatible) | |
| run: | | |
| curl -LsSf https://astral.sh/uv/install.sh | sh | |
| echo "$HOME/.cargo/bin" >> $GITHUB_PATH | |
| - name: Install dependencies | |
| run: | | |
| export PATH="$HOME/.cargo/bin:$PATH" | |
| uv sync --all-extras --dev | |
| - name: Build package | |
| run: | | |
| export PATH="$HOME/.cargo/bin:$PATH" | |
| uv build | |
| - name: Upload build artifacts | |
| if: ${{ !env.ACT }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist | |
| path: dist/ | |
| docker: | |
| name: Build Docker Image | |
| runs-on: ubuntu-latest | |
| needs: [code-quality, tests, security, gitleaks] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Set up Docker Buildx | |
| if: ${{ !env.ACT }} | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build Docker image (Act compatible) | |
| run: | | |
| if [ "$ACT" = "true" ]; then | |
| echo "Skipping Docker build in Act environment" | |
| else | |
| docker build -t mcp-as-a-judge:latest . | |
| fi |